Java SDK JWT authentication
HI Team,
I have two accounts in Box . one is developer account (d1) and another enterprise account (e1) as managed user
using my developer account(d1), I created sample app (PIP) and standalone java program using JWT authentication to upload a file to box account. It worked fine.
When I use create new app in my enterprise account and same java program to connect to the enterprise box account I am not able to get the BoxAPIConnection.
Can please let us know what is wrong here from developer account to enterprise account ?
Note: I use account specific values like enterprise id, client key, client secret, private, public keys and API keys to authorize the app.
Below is the snippet of the code.
JWTEncryptionPreferences encryption = new JWTEncryptionPreferences();
encryption.setPublicKeyID("publickeyId111");
FileInputStream fis = null;
Reader is = null;
try {
fis = new FileInputStream("privateKey.pem");
is = new InputStreamReader(fis);
encryption.setPrivateKey(IOUtils.toString(is));
encryption.setPrivateKeyPassword("");
encryption.setEncryptionAlgorithm(EncryptionAlgorithm.RSA_SHA_256);
IAccessTokenCache accessTokenCache = new InMemoryLRUAccessTokenCache(1);
BoxAPIConnection api = BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection("xxx", "clientkey111", "clientscrent111", encryption, accessTokenCache);
System.out.println("Box api created.... {}" + api.getAccessToken());
} catch (Exception e) {
e.printStackTrace();
}
-
If you get your managed user like this:
BoxDeveloperEditionAPIConnection userApi = BoxDeveloperEditionAPIConnection.getAppUserConnection("userid", CLIENT_ID, CLIENT_SECRET, encryptionPref, accessTokenCache);
that should work.
Here's the entire example:
-
Thank you for your reply ...
I replaced Enterprise id with userID got below exception
BoxDeveloperEditionAPIConnection userApi = BoxDeveloperEditionAPIConnection.getAppUserConnection("userid","fthdms9f0s89nwfvsl4uamikeu7txh20", "3wUzMT7cjWktvEmlcddzSSLpUFmcteWl", encryption, accessTokenCache);
{invalid_grant","error_description":"Please check the 'exp' claim."} , i found solution to
update the Unix time on your machine to match the Unix time ,
but i am using windows machine. how can i set this unix time or set 'exp' claim programatically ?
Any help is greatly appreciated..
-
That's in box-java-sdk in class BoxDeveloperEditionApiConnection
private String constructJWTAssertion() { JwtClaims claims = new JwtClaims(); claims.setIssuer(this.getClientID()); claims.setAudience(JWT_AUDIENCE); claims.setExpirationTimeMinutesInTheFuture(1.0f); claims.setSubject(this.entityID); claims.setClaim("box_sub_type", this.entityType.toString()); claims.setGeneratedJwtId(64); JsonWebSignature jws = new JsonWebSignature(); jws.setPayload(claims.toJson()); jws.setKey(this.decryptPrivateKey()); jws.setAlgorithmHeaderValue(this.getAlgorithmIdentifier()); jws.setHeader("typ", "JWT");
Please sign in to leave a comment.
Comments
3 comments