Box Integration using OAuth 2.0 with JWT

回答済み
新規投稿

コメント

5件のコメント

  • kapeshi

    After few hours of try and failure, I finally managed to get OAuth 2.0 with JWT in Salesforce for Entreprise Application Access to work, I have added more context or command to the Box Salesforce SDK documentation on platform App Auth here:

     

    https://github.com/kapeshifk/box-salesforce-sdk/blob/master/doc/platform.md

     

     

    Notes:

    The added examples work as of Box 2.0, use Cygwin to run the highlighted commands. (I generated my own private/public key pair because the one generated in Box is difficult to use on salesforce as it is generated as encrypted while salesforce only work with decrypted private keys).
    To use the userId type of authentication, make sure Application Access in Developer console is set to Entreprise.

    0
    コメントアクション Permalink
  • prashanthm

     

     

    We are doing a similar thing and have a quick question on the below part from your implementation.

     

    1. It was mentioned that you are using your own public/private key rather than using BOX generated ones.

    2. How are you passing your own public/private key into the BOX configuration? In our experience, manually adding the public key is resulting in the JSON being left blank for the keys.

     

    Your response is appreciated. Thanks.

     

    0
    コメントアクション Permalink
  • kapeshi

     I will reply to your questions above later today when I have some time after work.

     

    Can you elaborate on what you mean by 'Box configuration', is this the configuration in 'Developer Console' of the box app?

    0
    コメントアクション Permalink
  • prashanthm

    thank you!

     

    Yes, the config from the developer console...

    0
    コメントアクション Permalink
  • kapeshi

    1. It was mentioned that you are using your own public/private key rather than using BOX generated ones.

    - I generated my own public/private key (I used Cygwin to generate public/private keys, you can try GitBash):

    openssl genrsa -aes256 -out private_key.pem 2048
    openssl rsa -pubout -in private_key.pem -out public_key.pem

    - Salesforce (last time I used it) doesn't handle encrypted private keys so you have to decrypt the key (make sure only admin people can access this key as it's already decrypted - doesn't need passphrase anymore)

    openssl pkcs8 -topk8 -nocrypt -in private_key.pem -out decryptedkey.pem

    - Salesforce (again) doesn't like whitespace, use command below to remove white space from decrypted key:

    awk 'NF {sub(/\r/, ""); printf "%s",$0;}' decryptedkey.pem

    copy the decrypted key without the -----BEGIN PRIVATE KEY-----, and the -----END PRIVATE KEY-----

    The copied key is your private key which you will use in your client application (in my case Salesforce).

     

    2. How are you passing your own public/private key into the BOX configuration? In our experience, manually adding the public key is resulting in the JSON being left blank for the keys.

     

    You don't pass the private key in Box Configuration. You only pass the public key. From the Developer Console under Configuration. Click the "Add a public key" button, copy and paste inside the public key, you can get the content of the public key using:

     

    cat public_key.pem

     

    Once you paste and click "Verify and save", Box will generate a "public key id", you will then use this public key id in your application, together with the private key to authenticate using Box SDK helpers.

     

    I documented all this here: https://github.com/kapeshifk/box-salesforce-sdk/blob/master/doc/platform.md

     

    But here is the example code:

     

    String enterpriseId = 'YOUR_ENTERPRISE_ID'; //You get this from Dev Console in the box app
    String publicKeyId = 'YOUR_PUBLIC_KEY_ID'; //This is the public key id generated by box
    String privateKey = 'YOUR_PRIVATE_KEY'; //This is the decrypted one (as needed by salesforce)
    String clientId = 'YOUR_CLIENT_ID'; //You get this from Dev Console in the box app
    String clientSecret = 'YOUR_CLIENT_SECRET'; //You get this from Dev Console in the box app
    
    BoxJwtEncryptionPreferences preferences = new BoxJwtEncryptionPreferences();
    preferences.setPublicKeyId(publicKeyId);
    preferences.setPrivateKey(privateKey);
    BoxPlatformApiConnection api = BoxPlatformApiConnection.getAppEnterpriseConnection(enterpriseId, clientId, clientSecret, preferences);

     

    0
    コメントアクション Permalink

サインインしてコメントを残してください。