Integration and Usage

In this example we use SpringBoot to build the RESTful service. You can view the full code here, and find the SDK here.


Include the SDK dependencies to the local Maven repository:

mvn install:install-file -DgroupId=com.github.ontio -DartifactId=ontlogin-sdk-java -Dversion=1.0.0 -Dpackaging=jar -Dfile=ontlogin-sdk-java-1.0.0.jar

Add dependencies in the pom.xml file:


Add API Methods

Add the methods in the Controller:

  • requestChallenge: Returns the challenge from the server

  • submitChallenge : Passes the signed challenge and VP (if requested by the server)

    // Challenge request
    public Result generateChallenge(@RequestBody ClientHello clientHello) throws Exception {
        String action = "generateChallenge";
        ServerHello result = loginService.generateChallenge(action, clientHello);
        return new Result(action, ErrorInfo.SUCCESS.code(), ErrorInfo.SUCCESS.descEN(), result);

    // Challenge submission
    public Result validateClientResponse(@RequestBody ClientResponse clientResponse) throws Exception {
        String action = "validateClientResponse";
        String token = loginService.validateClientResponse(action, clientResponse);
        return new Result(action, ErrorInfo.SUCCESS.code(), ErrorInfo.SUCCESS.descEN(), token);

    // Other business logic
        public Result checkJwt(@RequestBody JSONObject req) {
            String action = "checkJwt";
            String token = req.getString("token");
            loginService.checkJwt(action, token);
            return new Result(action, ErrorInfo.SUCCESS.code(), ErrorInfo.SUCCESS.descEN(), ErrorInfo.SUCCESS.descEN());

Use loginService

    private JWTUtils jwtUtils;
    private SDKUtil sdkUtil;

    public ServerHello generateChallenge(String action, ClientHello clientHello) throws Exception {
        // Invoke the SDK to generate the challenge
        return sdkUtil.generateChallenge(clientHello);

    public String validateClientResponse(String action, ClientResponse clientResponse) throws Exception {
        // Challenge verification successful
        // Now you can proceed according to your business logic
        // In this example, JWT is used for authentication 
        String token = jwtUtils.signAccess("", "test user");
        return token;


    public void checkJwt(String action, String token) {

Import SDKUtil and Initialize ontlogin Sdk

    private OntLoginSdk sdk;
    // To store UUID. In real projects, UUID can be stored in the database, redis or cache
    private Map<String, Integer> nonceMap = new HashMap<>();

    private OntLoginSdk getOntLoginSdk() throws Exception {
        if (sdk == null) {
            synchronized (OntLoginSdk.class) {
                if (sdk == null) {
                    ServerInfo serverInfo = new ServerInfo();
                    // Server DID 
                    Map<Integer, VCFilter[]> vcFilters = new HashMap<>();
                    // Configure `VCFilter` according to `actionType`
                    VCFilter vcFilter = new VCFilter();
                    // VC type
                    // If it's required
                    // Issuer DID
                    vcFilter.setTrustRoots(new String[]{"did:ont:testdid"});
                    VCFilter[] vcFiltersArray = {vcFilter};
                    vcFilters.put(Const.ACTION_AUTHORIZATION, vcFiltersArray);
                    SDKConfig sdkConfig = new SDKConfig();
                    // Supported chains, e.g. eth, ont, bsc, respective Processors needed
                    sdkConfig.setChain(new String[]{"ont"});
                    // Supported signature scheme
                    sdkConfig.setAlg(new String[]{"ES256"});
                    // Server info
                    // VC required by the server
                    // Initialize the Processor of the respective chain
                    // Parameter specification using Ontology as an example
                    // 1. doubleDirection bool: if mutual authentication is required
                    // 2. Ontology node rpc server address
                    // 3. DID contract address, can be null when 1 takes `false`
                    // 4. Ontology wallet address, can be null when 1 takes `false`
                    // 5. Wallet password, can be null when 1 takes `false`
                    OntProcessor ontProcessor = new OntProcessor(false, "",
                            "52df370680de17bc5d4262c446f102a0ee0d6312", "./wallet.json", "12345678");
                    Map<String, DidProcessor> resolvers = new HashMap<>();
                    resolvers.put("ont", ontProcessor);

                    // Except config, Processor and SDK, the following functions need to be passed
                    // 1. public String genRandomNonceFunc(Integer action): generates UUID by action
                    // 2. public Integer getActionByNonce(String nonce): checks if the nonce (UUID) exists in the database/redis/cache and returns action
                    sdk = new OntLoginSdk(sdkConfig, resolvers) {
                        public String genRandomNonceFunc(Integer action) {
                            String nonce = UUID.randomUUID().toString().replace("-", "");
                            nonceMap.put(nonce, action);
                            return nonce;

                        public Integer getActionByNonce(String nonce) {
                            Integer action = nonceMap.get(nonce);
                            if (action == null) {
                                throw new OntLoginException("checkNonce", ErrorInfo.NONCE_NOT_EXISTS.descEN(), ErrorInfo.NONCE_NOT_EXISTS.code());
                            return action;
        return sdk;

    public ServerHello generateChallenge(ClientHello clientHello) throws Exception {
        OntLoginSdk ontLoginSdk = getOntLoginSdk();
        ServerHello serverHello = ontLoginSdk.generateChallenge(clientHello);
        return serverHello;

    public void validateClientResponse(ClientResponse clientResponse) throws Exception {
        OntLoginSdk ontLoginSdk = getOntLoginSdk();

Handle VP

Use the following to extract VC from VP in form of JSON text.

public String[] getCredentialJsons(String presentation)

Since the form of VC varies according to the server's request, only JSON is supported here. The server can parse the VC into the per-defined form.

Last updated