auth
- Python
- Go
- Java
- Node.js
- PHP
- .NET
- Ruby
- C
- Curl/Bash
import json
import time
import uuid
import jwt
import requests
with open('noon_credentials_sensitive.json', 'r') as file:
credentials = json.load(file)
def create_jwt():
private_key_pem = credentials['private_key']
payload = {
"sub": credentials['key_id'],
"iat": int(time.time()),
"jti": str(uuid.uuid4())
}
token = jwt.encode(
payload,
private_key_pem,
algorithm="RS256",
)
return token
def get_authenticated_session():
session = requests.Session()
session.headers.update({'User-Agent': 'REPLACE_WITH_YOUR_USER_AGENT'})
response = session.post('https://noon-api-gateway.noon.partners/identity/public/v1/api/login', data=json.dumps({
'token': create_jwt(),
'default_project_code': credentials["project_code"]
}))
assert response.status_code == 200, response.json()
return session
# the response from above will contain the auth cookie,
# which can be used for subsequent authenticated requests
# if using an HTTP client which maintains cookies
session = get_authenticated_session()
data = session.get('https://noon-api-gateway.noon.partners/identity/v1/whoami')
assert data.status_code == 200
print('Logged in as: ' + json.dumps(data.json()))
package main
import (
"bytes"
"crypto/rsa"
"crypto/x509"
"encoding/json"
"encoding/pem"
"fmt"
"io"
"net/http"
"net/http/cookiejar"
"os"
"time"
"github.com/golang-jwt/jwt/v5"
)
type Credentials struct {
PrivateKey string `json:"private_key"`
KeyID string `json:"key_id"`
ProjectCode string `json:"project_code"`
}
func parseRSAPrivateKey(pemStr string) (*rsa.PrivateKey, error) {
block, _ := pem.Decode([]byte(pemStr))
if block == nil {
return nil, fmt.Errorf("failed to parse PEM block")
}
priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse PKCS8: %w", err)
}
rsaKey, ok := priv.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("not an RSA private key")
}
return rsaKey, nil
}
func createJWT(keyID string, privKey *rsa.PrivateKey) (string, error) {
now := time.Now()
claims := jwt.RegisteredClaims{
Subject: keyID,
IssuedAt: jwt.NewNumericDate(now),
ID: fmt.Sprintf("%d", time.Now().UnixNano()),
}
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
return token.SignedString(privKey)
}
func getAuthenticatedClient() *http.Client {
// Load credentials.json
data, err := os.ReadFile("noon_credentials_sensitive.json")
if err != nil {
panic(fmt.Sprintf("Failed to read noon_credentials_sensitive.json: %v", err))
}
var creds Credentials
if err := json.Unmarshal(data, &creds); err != nil {
panic(fmt.Sprintf("Failed to parse noon_credentials_sensitive.json: %v", err))
}
// Parse private key
privKey, err := parseRSAPrivateKey(creds.PrivateKey)
if err != nil {
panic(fmt.Sprintf("Failed to parse private key: %v", err))
}
// Create JWT
jwtToken, err := createJWT(creds.KeyID, privKey)
if err != nil {
panic(fmt.Sprintf("Failed to create JWT: %v", err))
}
// Create HTTP client with cookie jar
jar, _ := cookiejar.New(nil)
client := &http.Client{Jar: jar}
// Prepare login request
loginPayload := map[string]interface{}{
"token": jwtToken,
"default_project_code": creds.ProjectCode,
}
loginBody, _ := json.Marshal(loginPayload)
loginReq, _ := http.NewRequest("POST", "https://noon-api-gateway.noon.partners/identity/public/v1/api/login", bytes.NewBuffer(loginBody))
loginReq.Header.Set("Content-Type", "application/json")
loginReq.Header.Set("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
// Login request
resp, err := client.Do(loginReq)
if err != nil {
panic(fmt.Sprintf("Login request failed: %v", err))
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
bodyBytes, _ := io.ReadAll(resp.Body)
panic(fmt.Sprintf("Login failed (%d): %s", resp.StatusCode, string(bodyBytes)))
}
fmt.Println("Login successful.")
for _, c := range resp.Cookies() {
fmt.Printf("Received cookie: %s=%s\n\n", c.Name, c.Value)
}
return client
}
func main() {
client := getAuthenticatedClient()
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
whoamiReq, _ := http.NewRequest("GET", "https://noon-api-gateway.noon.partners/identity/v1/whoami", nil)
whoamiReq.Header.Set("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
resp, err = client.Do(whoamiReq)
if err != nil {
panic(fmt.Sprintf("Whoami request failed: %v", err))
}
defer resp.Body.Close()
bodyBytes, _ := io.ReadAll(resp.Body)
fmt.Printf("whoami response (%d): %s\n\n", resp.StatusCode, string(bodyBytes))
}
package com.noon;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.fasterxml.jackson.databind.ObjectMapper;
import okhttp3.*;
import java.io.File;
import java.security.interfaces.RSAPrivateKey;
import java.time.Instant;
import java.util.*;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
public class PemUtils {
public static RSAPrivateKey readPrivateKeyFromPem(String pem) throws Exception {
String privateKeyPEM = pem
.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
.replaceAll("\\s", "");
byte[] encoded = Base64.getDecoder().decode(privateKeyPEM);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
return (RSAPrivateKey) kf.generatePrivate(keySpec);
}
}
public class ServiceAccountExample {
public static OkHttpClient getAuthenticatedClient() throws Exception {
ObjectMapper mapper = new ObjectMapper();
// Load credentials.json
Map<String, Object> credentials = mapper.readValue(new File("noon_credentials_sensitive.json"), Map.class);
String privateKeyPem = (String) credentials.get("private_key");
String keyId = (String) credentials.get("key_id");
String projectCode = (String) credentials.get("project_code");
// Convert PEM to RSA Private Key
RSAPrivateKey privateKey = PemUtils.readPrivateKeyFromPem(privateKeyPem);
// Create JWT
long now = Instant.now().getEpochSecond();
String jti = UUID.randomUUID().toString();
String token = JWT.create()
.withSubject(keyId)
.withIssuedAt(java.util.Date.from(Instant.ofEpochSecond(now)))
.withJWTId(jti)
.sign(Algorithm.RSA256(null, privateKey));
OkHttpClient client = new OkHttpClient.Builder()
.cookieJar(new CookieJar() {
private List<Cookie> cookies = new ArrayList<>();
@Override
public void saveFromResponse(HttpUrl url, List<Cookie> cookies) {
this.cookies = cookies;
}
@Override
public List<Cookie> loadForRequest(HttpUrl url) {
return cookies != null ? cookies : new ArrayList<>();
}
})
.build();
// Login
Map<String, Object> loginPayload = new HashMap<>();
loginPayload.put("token", token);
loginPayload.put("default_project_code", projectCode);
RequestBody loginBody = RequestBody.create(
mapper.writeValueAsString(loginPayload),
MediaType.parse("application/json")
);
Request loginRequest = new Request.Builder()
.url("https://noon-api-gateway.noon.partners/identity/public/v1/api/login")
.post(loginBody)
.header("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
.build();
try (Response response = client.newCall(loginRequest).execute()) {
if (!response.isSuccessful()) {
throw new RuntimeException("Login failed: " + response.code() + " " + response.body().string());
}
System.out.println("Login response: " + response.body().string());
}
return client;
}
public static void main(String[] args) throws Exception {
OkHttpClient client = getAuthenticatedClient();
// whoami
Request whoamiRequest = new Request.Builder()
.url("https://noon-api-gateway.noon.partners/identity/v1/whoami")
.get()
.header("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
.build();
try (Response response = client.newCall(whoamiRequest).execute()) {
if (!response.isSuccessful()) {
throw new RuntimeException("Whoami failed: " + response.code() + " " + response.body().string());
}
System.out.println("Whoami response: " + response.body().string());
}
}
}
import fs from "fs";
import jwt from "jsonwebtoken";
import axios from "axios";
import { wrapper } from "axios-cookiejar-support";
import { CookieJar } from "tough-cookie";
async function getAuthenticatedClient() {
// Load credentials.json
const creds = JSON.parse(fs.readFileSync("noon_credentials_sensitive.json", "utf8"));
const privateKey = creds.private_key;
const keyId = creds.key_id;
const projectCode = creds.project_code;
// Create JWT
const now = Math.floor(Date.now() / 1000);
const payload = {
sub: keyId,
iat: now,
jti: String(Date.now()),
};
const token = jwt.sign(payload, privateKey, { algorithm: "RS256" });
// Create Axios instance with cookie jar
const jar = new CookieJar();
const client = wrapper(axios.create({ jar }));
// Login request
const loginResponse = await client.post(
"https://noon-api-gateway.noon.partners/identity/public/v1/api/login",
{
token: token,
default_project_code: projectCode,
},
{
headers: {
"Content-Type": "application/json",
"User-Agent": "REPLACE_WITH_YOUR_USER_AGENT"
},
}
);
console.log("Login successful.");
console.log(loginResponse.data);
return client;
}
(async () => {
const client = await getAuthenticatedClient();
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
const whoamiResponse = await client.get("https://noon-api-gateway.noon.partners/identity/v1/whoami", {
headers: {
"User-Agent": "REPLACE_WITH_YOUR_USER_AGENT"
}
});
console.log("whoami:", whoamiResponse.data);
})();
<?php
require 'vendor/autoload.php';
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use GuzzleHttp\Client;
use GuzzleHttp\Cookie\CookieJar;
// Load credentials
$creds = json_decode(file_get_contents("noon_credentials_sensitive.json"), true);
$privateKey = $creds["private_key"];
$keyId = $creds["key_id"];
$projectCode = $creds["project_code"];
// Create JWT payload
$now = time();
$payload = [
"sub" => $keyId,
"iat" => $now,
"jti" => uniqid()
];
// Sign JWT
$jwt = JWT::encode($payload, $privateKey, "RS256");
// Create HTTP client with cookie jar
$jar = new CookieJar();
$client = new Client([
'cookies' => $jar,
]);
// Login request
$response = $client->post('https://noon-api-gateway.noon.partners/identity/public/v1/api/login', [
'headers' => [
'User-Agent' => 'REPLACE_WITH_YOUR_USER_AGENT',
],
'json' => [
'token' => $jwt,
'default_project_code' => $projectCode,
]
]);
if ($response->getStatusCode() !== 200) {
throw new Exception("Login failed: " . $response->getBody());
}
echo "Login successful.\n";
echo $response->getBody() . "\n\n";
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
$response = $client->get('https://noon-api-gateway.noon.partners/identity/v1/whoami', [
'headers' => [
'User-Agent' => 'REPLACE_WITH_YOUR_USER_AGENT',
]
]);
echo "whoami ({$response->getStatusCode()}):\n";
echo $response->getBody() . "\n\n";
.NET
using System;
using System.IO;
using System.Text;
using System.Text.Json;
using System.Text.Json.Serialization;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using Newtonsoft.Json.Linq;
class Credentials
{
[JsonPropertyName("private_key")]
public string PrivateKey { get; set; }
[JsonPropertyName("key_id")]
public string KeyId { get; set; }
[JsonPropertyName("project_code")]
public string ProjectCode { get; set; }
}
class Program
{
static async System.Threading.Tasks.Task<HttpClient> GetAuthenticatedClient()
{
// Load credentials
var json = File.ReadAllText("noon_credentials_sensitive.json");
var creds = JsonSerializer.Deserialize<Credentials>(json);
if (creds == null)
{
throw new Exception("Failed to deserialize credentials");
}
// Parse RSA private key
RSA rsa = RSA.Create();
rsa.ImportFromPem(creds.PrivateKey.ToCharArray());
var securityKey = new RsaSecurityKey(rsa);
// Create JWT
var now = DateTimeOffset.UtcNow;
var jwtHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new System.Security.Claims.ClaimsIdentity(new[]
{
new System.Security.Claims.Claim("sub", creds.KeyId),
new System.Security.Claims.Claim("jti", Guid.NewGuid().ToString())
}),
IssuedAt = now.UtcDateTime,
SigningCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.RsaSha256)
};
var token = jwtHandler.CreateToken(tokenDescriptor);
var jwt = jwtHandler.WriteToken(token);
var handler = new HttpClientHandler { UseCookies = true };
var client = new HttpClient(handler);
client.DefaultRequestHeaders.Add("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT");
// Login request
var loginPayload = new
{
token = jwt,
default_project_code = creds.ProjectCode
};
var loginContent = new StringContent(JsonSerializer.Serialize(loginPayload), Encoding.UTF8, "application/json");
var loginResponse = await client.PostAsync("https://noon-api-gateway.noon.partners/identity/public/v1/api/login", loginContent);
if (!loginResponse.IsSuccessStatusCode)
{
var error = await loginResponse.Content.ReadAsStringAsync();
throw new Exception($"Login failed: {loginResponse.StatusCode}\n{error}");
}
Console.WriteLine("Login successful.");
var loginResult = await loginResponse.Content.ReadAsStringAsync();
Console.WriteLine(loginResult);
return client;
}
static async System.Threading.Tasks.Task Main(string[] args)
{
using var client = await GetAuthenticatedClient();
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
var whoamiResponse = await client.GetAsync("https://noon-api-gateway.noon.partners/identity/v1/whoami");
var whoamiContent = await whoamiResponse.Content.ReadAsStringAsync();
Console.WriteLine($"\nwhoami ({whoamiResponse.StatusCode}):\n{whoamiContent}");
}
}
require "json"
require "openssl"
require "jwt"
require "uri"
require "net/http"
require "securerandom"
# Load credentials
creds = JSON.parse(File.read("noon_credentials_sensitive.json"))
private_key_pem = creds["private_key"]
key_id = creds["key_id"]
project_code = creds["project_code"]
# Parse RSA private key
rsa_key = OpenSSL::PKey::RSA.new(private_key_pem)
# Create JWT
now = Time.now.to_i
payload = {
sub: key_id,
iat: now,
jti: SecureRandom.uuid
}
token = JWT.encode(payload, rsa_key, "RS256")
# below code is for demo
# - you can use http gem instead for net/http and use its CookieJar
# jar = HTTP::CookieJar.new
# client = HTTP.cookies(jar)
# client.post(...)
# Cookie storage
cookies = {}
# Helper to update cookies
def store_cookies(response, cookies)
response.get_fields("Set-Cookie")&.each do |cookie|
parts = cookie.split(";")[0]
key, value = parts.split("=", 2)
cookies[key] = value
end
end
def make_request(uri_str, method, body=nil, headers={}, cookies={})
uri = URI(uri_str)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req_class = case method
when :get then Net::HTTP::Get
when :post then Net::HTTP::Post
end
req = req_class.new(uri.request_uri)
req["Content-Type"] = "application/json"
req["User-Agent"] = "REPLACE_WITH_YOUR_USER_AGENT"
req["x-locale"] = "en"
req.body = body if body
req["Cookie"] = cookies.map { |k,v| "#{k}=#{v}" }.join("; ") unless cookies.empty?
http.request(req)
end
# Login request
login_body = JSON.generate({
token: token,
default_project_code: project_code
})
resp = make_request("https://noon-api-gateway.noon.partners/identity/public/v1/api/login", :post, login_body)
unless resp.is_a?(Net::HTTPSuccess)
raise "Login failed: #{resp.code}\n#{resp.body}"
end
puts "Login successful."
puts resp.body
store_cookies(resp, cookies)
# the response from above will contain the auth cookie,
# which can be used for subsequent authenticated requests
# if using an HTTP client which maintains cookies
resp = make_request("https://noon-api-gateway.noon.partners/identity/v1/whoami", :get, nil, {}, cookies)
puts "\nwhoami (#{resp.code}):\n#{resp.body}"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <uuid/uuid.h>
#include <jansson.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <curl/curl.h>
#define BUFFER_SIZE 8192
char *base64url_encode(const unsigned char *input, int length) {
BIO *bmem = NULL, *b64 = NULL;
BUF_MEM *bptr;
char *buff, *p;
int i, len;
b64 = BIO_new(BIO_f_base64());
bmem = BIO_new(BIO_s_mem());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
b64 = BIO_push(b64, bmem);
BIO_write(b64, input, length);
BIO_flush(b64);
BIO_get_mem_ptr(b64, &bptr);
// Copy buffer
buff = (char *)malloc(bptr->length + 1);
memcpy(buff, bptr->data, bptr->length);
buff[bptr->length] = 0;
// Convert to base64url
for (i = 0, p = buff; p[i]; i++) {
if (p[i] == '+') p[i] = '-';
else if (p[i] == '/') p[i] = '_';
}
// Remove '=' padding
len = strlen(buff);
while (len > 0 && buff[len - 1] == '=') buff[--len] = 0;
BIO_free_all(b64);
return buff;
}
EVP_PKEY *load_private_key(const char *pem_key) {
BIO *bio = BIO_new_mem_buf((void *)pem_key, -1);
EVP_PKEY *pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
BIO_free(bio);
return pkey;
}
size_t write_callback(void *ptr, size_t size, size_t nmemb, void *userdata) {
fwrite(ptr, size, nmemb, stdout);
return size * nmemb;
}
int main() {
// Load credentials.json
json_error_t error;
json_t *root = json_load_file("noon_credentials_sensitive.json", 0, &error);
if (!root) {
fprintf(stderr, "Error loading credentials.json: %s\n", error.text);
return 1;
}
const char *private_key = json_string_value(json_object_get(root, "private_key"));
const char *key_id = json_string_value(json_object_get(root, "key_id"));
const char *channel_identifier = json_string_value(json_object_get(root, "channel_identifier"));
const char *project_code = json_string_value(json_object_get(root, "projectCode"));
if (!private_key || !key_id || !channel_identifier || !project_code) {
fprintf(stderr, "Missing fields in credentials.json\n");
return 1;
}
json_t *header_json = json_pack("{s:s, s:s}", "alg", "RS256", "typ", "JWT");
char *header_str = json_dumps(header_json, JSON_COMPACT);
// Build payload JSON
time_t now = time(NULL);
char uuid_str[37]; // 36 bytes + null terminator
uuid_t uuid;
uuid_generate(uuid);
uuid_unparse(uuid, uuid_str);
json_t *payload_json = json_pack(
"{s:s, s:i, s:i, s:s}",
"sub", key_id,
"iat", (int)now,
"jti", uuid_str
);
char *payload_str = json_dumps(payload_json, JSON_COMPACT);
char *header_b64 = base64url_encode((const unsigned char *)header_str, strlen(header_str));
char *payload_b64 = base64url_encode((const unsigned char *)payload_str, strlen(payload_str));
char signing_input[BUFFER_SIZE];
snprintf(signing_input, sizeof(signing_input), "%s.%s", header_b64, payload_b64);
// Sign with RSA-SHA256
EVP_PKEY *pkey = load_private_key(private_key);
if (!pkey) {
fprintf(stderr, "Error loading private key.\n");
return 1;
}
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
EVP_SignInit(ctx, EVP_sha256());
EVP_SignUpdate(ctx, signing_input, strlen(signing_input));
unsigned char sig[BUFFER_SIZE];
unsigned int sig_len;
if (!EVP_SignFinal(ctx, sig, &sig_len, pkey)) {
fprintf(stderr, "Error signing JWT.\n");
return 1;
}
EVP_MD_CTX_free(ctx);
EVP_PKEY_free(pkey);
char *sig_b64 = base64url_encode(sig, sig_len);
// Final JWT
char jwt[BUFFER_SIZE];
snprintf(jwt, sizeof(jwt), "%s.%s.%s", header_b64, payload_b64, sig_b64);
printf("\n[JWT]\n%s\n\n", jwt);
CURL *curl = curl_easy_init();
if (!curl) {
fprintf(stderr, "Failed to initialize libcurl.\n");
return 1;
}
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "User-Agent: REPLACE_WITH_YOUR_USER_AGENT");
char post_data[BUFFER_SIZE];
snprintf(
post_data,
sizeof(post_data),
"{\"token\":\"%s\", \"default_project_code\":\"%s\"}",
jwt,
project_code
);
CURLcode res;
// Login
printf("[Request] Logging in...\n");
curl_easy_setopt(curl, CURLOPT_URL, "https://noon-api-gateway.noon.partners/identity/public/v1/api/login");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, post_data);
curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
res = curl_easy_perform(curl);
printf("\n");
// whoami
printf("\n[Request] whoami...\n");
curl_easy_setopt(curl, CURLOPT_URL, "https://noon-api-gateway.noon.partners/identity/v1/whoami");
curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "cookies.txt");
res = curl_easy_perform(curl);
printf("\n");
// Cleanup
curl_slist_free_all(headers);
curl_easy_cleanup(curl);
free(header_str);
free(payload_str);
free(header_b64);
free(payload_b64);
free(sig_b64);
json_decref(header_json);
json_decref(payload_json);
json_decref(root);
return 0;
}
#!/usr/bin/env bash
export JWT=$(python generate_jwt.py) # replace with language of your choice
export PROJECT_CODE="your_project_code_here" # replace with your project code
touch cookies.txt
curl -i -c cookies.txt \
-H "Content-Type: application/json" \
-H "User-Agent: REPLACE_WITH_YOUR_USER_AGENT" \
-d '{
"token": "'"$JWT"'",
"default_project_code": "'"$PROJECT_CODE"'"
}' \
https://noon-api-gateway.noon.partners/identity/public/v1/api/login
curl -b cookies.txt \
-H "User-Agent: REPLACE_WITH_YOUR_USER_AGENT" \
https://noon-api-gateway.noon.partners/identity/v1/whoami