Certificate issues with JWT OAuth using the Python SDK
Hello all,
I'm facing an issue with a fairly simple Python script being used to audit managed user accounts and generate reports for review by an internal compliance group. I'm wrestling with the JWT authentication portion and following guidance from this readme:
https://github.com/box-community/jwt-app-primer
I've used the developer console to generate RSA keys and I've downloaded the JSON configuration file.
I'm receiving the error : ValueError("Could not deserialize key data.")
I'm assuming that this may be coming up from a key file format. My code is:
box_auth = JWTAuth(
client_id = box_client_id,
client_secret = box_client_secret,
enterprise_id = box_enterprise_id,
jwt_key_id = box_key_id,
rsa_private_key_passphrase = str.encode('foo'),
rsa_private_key_file_sys_path = '/Absolute/path/to/credentials.json'
)
box_access_token = box_auth.authenticate_instance()
My credentials.json file is the value straight out of the JSON file downloaded from when I generated the key. It begins with:
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkGHFhlIUgu7IkuNmhlk
I'm assuming that this is NOT what is expected as the format for that rsa_private_key_file_sys_path
Can I get some direction on properly formatting this?
Also - is it possible to NOT have this as an external file but defined as a variable? (I would encrypt it using an HSM to avoid holding the passphrase and the encrypted key together)
Much thanks
-
As an update by the original author...
Got this to work with a certificate generated locally via openssl rather than the cert generated through the Box Developer console.
Still looking for a way to pull the certificate information in as a variable value rather than from a file. Anyone?
Please sign in to leave a comment.
Comments
1 comment