The signing key settings are used to sign the AuthenticationToken. The settings are set with UpdateSingingKeySettingsAsync method. There are two settings:
The AuthenticatedSearchModel contains the filters that can be set on the AuthenticationToken. In this example the price group is set.
This allows to only search and return prices from the selected price group.
When using price groups note that even though price groups are set as a term filter, it does not work as a one. Instead it works as following:
If the price group set in authenticated search does not exist, then no prices or price facets are returned.
If the price group is set in authenticated search then only products with a price for the specified price group is returned.
If the price group is not set, then the "default" price group is used.
Create the AuthenticationToken
The AuthenticationToken is created by the IAuthenticatedSearchSigningService. The token has a lifetime that can be set to a maximum of 24 hours. Before using the token it should be checked if it is expired. Also keep in mind that the token should be cached as signing a token is a heavy process.
vartokenOpts=newAuthenticatedSearchOptions{TokenTtl=TimeSpan.FromHours(24)};varsigningService=provider.GetRequiredService<IAuthenticatedSearchSigningService>();//Token should be cached and reused when not expired.//var expired = cachedToken.TokenExpiresUtc <= DateTimeOffset.UtcNowvarsearchToken=awaitsigningService.CreateTokenAsync(authSearchModel,tokenOpts);
Perform the search
The last step is to set the AuthenticationToken on the search request and then perform the search.
and the following NuGet packages must be added to the project.
Bizzkit.Sdk.Search.Authenticated
Microsoft.Extensions.Logging
JWT Model
It is also possible to create your own token using the SearchSigningKey endpoint in the admin api, and your programming language of choice.
The model of the claims is very simple. It just contains the filters and scopes. As mentioned before, including
the filters and scopes in the JWT allows the request to use filters that are not a part of allowed filters, as well as authenticated scopes.
The claims model in JavaScript could look like this, depending on the filters and scopes you need.
The token is signed using algorithm HS256, and type JWT. The rest of the required information is provided by the SearchSigningKey endpoint in the Admin API.
An implementation using the jose Javascript library could look like this: