RSA-SHA256 JWT Box Integration
I'm using Box.com for my application. For that I am creating JWT assertion by JavaScript and for that we need 3 parts:
I have written JavaScript code for SHA256 to generate JWT based on JWT.io, while I am unable to do for RSA-SHA256. Actually i am able to generate header, Payload but unable to generate signature part in RSA-SHA256
So as per Box document, they've given the steps to create HEADER and CLAIMS, but not about how to create SIGNATURE. I've also browsed in external sources, all sources have been made with HS256 algorithms. But Box.com API supports only “RS256″, “RS384″, and “RS512″ algorithms.
So my question here is, how to create SIGNATURE part with RS256 algorithms. Any help would be appreciated.
-
I am not sure if this will help, but here is how our Noke SDK generates a token using JWT authentication.
-
Thanks for sharing document but that is not working at our end for RSA-SHA256,
and I need 1 source code of any either JavaScript or NodeJS because
my system is not accepting any reference call like: Module, require is not defined:
var jwt = require('jsonwebtoken'); var fs = require('fs'); var base64url = require("base64url"); var request = require('request'); var client_id = 123 var client_secret = 123 var key = fs.readFileSync('23er444'); var passphrase = 3444 var exp = Math.round((Date.now()/1000))+60; var header = { "alg": "RS256", "typ": "JWT", "kid": keyID }; var claims = { "iss": client_id, "sub": "sss", "box_sub_type": "user", "aud": "https://api.box.com/oauth2/token", "jti": "ddsss", "exp": exp }; var encodedHeader = base64url(new Buffer(JSON.stringify(header))); var payload = base64url(new Buffer(JSON.stringify(claims))); var signature = jwt.sign(encodedHeader + '.' + payload, {key: key, passphrase: passphrase}, {algorithm: 'RS256'}); var encodedsignature = base64url(new Buffer(JSON.stringify(signature))); var jwt = encodedHeader + "." + payload + "." + encodedsignature; return jwt; var options = { uri: 'https://api.box.com/oauth2/token',method: 'POST',json: true,headers: {'content-type': 'application/x-www-form-urlencoded'},body: 'grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&client_id=' + client_id + '&client_secret=' + client_secret + '&assertion=' + jwt };
Please sign in to leave a comment.
Comments
2 comments