stackoom
  简体   繁体   中英

ItunesConnectApi JWT

 原文  2019-10-06 12:55:32       api/ go/ jwt/ app-store-connect/ jwt-go

Question

I'm trying to use App Store Connect API. According to the docs , first I'm trying to generate JWT token. Here's the code in golang:

    package main

    import (
        "fmt"
        "io/ioutil"
        "log"
        "time"
        "github.com/dgrijalva/jwt-go"
    )
var iss = "xxxxxxxxxxxxxxxxxxxxx"
var kid = "xxxxx"

func main() {

        bytes, err := ioutil.ReadFile("AuthKey.p8")
        if err!=nil {
            fmt.Println(err)
        }

        token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{
            "iss": iss,
            "exp": time.Now().Unix()+6000,
            "aud": "appstoreconnect-v1",
        })

        token.Header["kid"] = kid

        tokenString, err := token.SignedString(bytes)
        if err != nil {
            log.Fatal(err)
        }
        fmt.Println(tokenString)

    }

AuthKey.p8 - p8 private key from https://appstoreconnect.apple.com/access/api

Seems jwt lib can't use this p8 at a sign key, so Im getting error: key is of invalid type

Maybe someone already hade same problems? Or got example in other langusge?

UPD: After this suggestin I've updated the code to: 

func main() {

    bytes, err := ioutil.ReadFile("AuthKey.p8")
    if err!=nil {
        fmt.Println(err)
    }

    block, _ := pem.Decode(bytes)
    key, err := x509.ParsePKCS8PrivateKey(block.Bytes)
    if err != nil {
        log.Fatal(err)
    }

    token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{
        "iss": iss,
        "exp": time.Now().Unix()+6000,
        "aud": "appstoreconnect-v1",
    })

    token.Header["kid"] = kid

    tokenString, err := token.SignedString(key)
    if err != nil {
        log.Fatal(err)
    }
    fmt.Println(tokenString)

}

And getting the JWT token, but when I'm trying to use it got 401 from apple api.

 {
        "errors": [{
                "status": "401",
                "code": "NOT_AUTHORIZED",
                "title": "Authentication credentials are missing or invalid.",
                "detail": "Provide a properly configured and signed bearer token, and make sure that it has not expired. Learn more about Generating Tokens for API Requests https://developer.apple.com/go/?id=api-generating-tokens"
        }]
}

2 answers

solution1
 1  2019-10-06 13:27:58

Seems this problem from the issue from jwt-go library.

Author said:

The library will not automatically parse your key from a byte slice. For ES256, I believe you need to provide a key of type *ecdsa.PrivateKey. As of v4, this will also accept a crypto.Signer so long as it produces a valid signature for that signing method.

And you can try this code example .

solution2
 1 ACCPTED  2019-10-06 15:07:21

Found the problem, replaced "exp": time.Now().Unix()+6000, with "exp": time.Now().Add(time.Minute * 20).Unix(),

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Django JWT token deactivate How is JWT token authenticated? JWT token decode in cakephp JWT token login and logout Securing rest api with jwt JWT getHeader return null Reverse JWT in PHP Generate jwt with user information JWT token not being validated Session cookies vs JWT
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM