I have a legacy application written in VB6 (I Know!!) to which I am adding a DocuSign feature. I a using InterOp to run .NET code written is VS2019 VB.Net. The reason I am using 4.0.4.0 as this is the version I can successfully call using InterOp. I have all the code working except for requesting a JWT token. Does anyone have JWT code working under this version of the API ?
This is what I have working under later versions of DocuSign and am trying to replace
`Dim privatekey As Byte() = File.ReadAllBytes("docusign_private_key.key")
Dim result As Object = x.RequestJWTApplicationToken(gsSIGNERCLIENTID, docuSignAuthServer, privatekey, 1, scopes)
txtAccessToken.Text = result
'
' Second attempt at alternative
'
` Dim authToken As OAuth.OAuthToken = x.RequestJWTUserToken(gsSIGNERCLIENTID, gsUserIDGUID, docuSignAuthServer, privatekey, 1)
txtAccessToken.Text = authToken.access_token`
'
' Third attempt
'
Dim request = TryCast(System.Net.WebRequest.Create("https://account-d.docusign.com/oauth/token"), System.Net.HttpWebRequest)
request.Method = "POST"
request.Headers.Add("username", "user123")
request.Headers.Add("password", "123")
request.Headers.Add("auth_access_type", "read")
request.ContentLength = 0
Dim responseContent As String = ""
Using response = TryCast(request.GetResponse(), System.Net.HttpWebResponse)
Using reader = New System.IO.StreamReader(response.GetResponseStream())
responseContent = reader.ReadToEnd()
End Using
End Using
'
' Fifth attempt
'
Dim apiClient5 As New ApiClient(gsBASEPATH)
Dim authToken5 As OAuth.OAuthToken = apiClient5.RequestJWTUserToken(gsINTEGRATIONKEY, gsUserIDGUID, "https://account-d.docusign.com/oauth/token", privatekey, 1, scopes)
All results in 'Error while requesting server, received a non-successful HTPC code Error with response Body'
Your second attempt is correct:
Dim authToken As OAuth.OAuthToken = x.RequestJWTUserToken(gsSIGNERCLIENTID, gsUserIDGUID, docuSignAuthServer, privatekey, 1)
txtAccessToken.Text = authToken.access_token
AuthServer has to be "account-d.docusign.com"
The privateKey has to be the exact thing you got from DocuSign, including the new lines and all. To get it use this code:
File.ReadAllBytes(path) where path is the path on the disk to a plain text file with your private key.
gsSIGNERCLIENTID should be the GUID for the user that you use that has consent. You must make sure user gave consent by building a consent URL as explained in here:
https://developers.docusign.com/platform/auth/consent/obtaining-individual-consent/
If you did all of this correctly - it should work.
Related
my server is Flask based, my client is android studio, and i'm communication using retrofit.
The problem is that i'm not able to pass the jwt token correctly from the android to the server after logging in.
With postman it's working good:
{{url}}/auth - I'm logging in as the user, and getting the JWT token.
Later i'm adding "Authorization" header, with the Value "JWT {{jwt_token}}" and
{{url}}/users/john - I'm asking for user info, which is recieved without problems.
The endpoint from android studio:
public interface RunnerUserEndPoints {
// #Headers("Authorization")
#GET("/users/{user}")
Call<RunnerUser> getUser(#Header("Authorization") String authHeader, #Path("user") String user);
The call itself (The access_token is correct before sending!):
final RunnerUserEndPoints apiService = APIClient.getClient().create(RunnerUserEndPoints.class);
Log.i("ACCESS","Going to send get request with access token: " + access_token);
Call<RunnerUser> call = apiService.getUser("JWT" + access_token, username);
Log.i("DEBUG","Got call at loadData");
call.enqueue(new Callback<RunnerUser>() {
#Override
public void onResponse(Call<RunnerUser> call, Response<RunnerUser> response) { ....
The response error log from the server:
File "C:\Users\Yonatan Bitton\RestfulEnv\lib\site-packages\flask_restful\__init__.py", line 595, in dispatch_request
resp = meth(*args, **kwargs)
File "C:\Users\Yonatan Bitton\RestfulEnv\lib\site-packages\flask_jwt\__init__.py", line 176, in decorator
_jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
File "C:\Users\Yonatan Bitton\RestfulEnv\lib\site-packages\flask_jwt\__init__.py", line 151, in _jwt_required
token = _jwt.request_callback()
File "C:\Users\Yonatan Bitton\RestfulEnv\lib\site-packages\flask_jwt\__init__.py", line 104, in _default_request_handler
raise JWTError('Invalid JWT header', 'Unsupported authorization type')
flask_jwt.JWTError: Invalid JWT header. Unsupported authorization type
10.0.0.6 - - [30/Sep/2017 01:46:11] "GET /users/john HTTP/1.1" 500 -
My api-client
public class APIClient {
public static final String BASE_URL = "http://10.0.0.2:8000";
private static Retrofit retrofit = null;
public static Retrofit getClient(){
if (retrofit==null){
retrofit = new Retrofit.Builder().baseUrl(BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.build();
}
Log.i("DEBUG APIClient","CREATED CLIENT");
return retrofit;
}
}
Actually i'm really stuck. Tried to follow along all of the tutorials at retrofit's website without success.
I'm sure that there is a simple solution, I just need to add "Authorization" Header with Value "JWT " + access_token like it works in postman and that's it! Thanks.
EDIT:
The problem was the build of the access_token in my client.
I did:
JsonElement ans = response.body().get("access_token");
access_token = "JWT " + ans.toString();
Which I should have done:
JsonElement ans = response.body().get("access_token");
access_token = "JWT " + ans.getAsString();
So before it sent "JWT "ey..." " (Double "" )
And now it sends "JWT ey ... "
Let's start to look at what we know about the problem.
We know that the request is sent
We know that the server processes the request
We know that the JWT is invalid thanks to the error:
JWTError('Invalid JWT header', 'Unsupported authorization type')
If we look for that error in the flask_jwt source code, we can see that this is where our error is raised:
def _default_request_handler():
auth_header_value = request.headers.get('Authorization', None)
auth_header_prefix = current_app.config['JWT_AUTH_HEADER_PREFIX']
if not auth_header_value:
return
parts = auth_header_value.split()
if parts[0].lower() != auth_header_prefix.lower():
raise JWTError('Invalid JWT header', 'Unsupported authorization type')
elif len(parts) == 1:
raise JWTError('Invalid JWT header', 'Token missing')
elif len(parts) > 2:
raise JWTError('Invalid JWT header', 'Token contains spaces')
return parts[1]
Basically flask_jwt takes the Authorization header value and tries to split it into two. The function split can split a string by a delimiter, but if you call it without a delimiter it will use whitespace.
That tells us that flask_jwt expects a string that contains 2 parts separated by whitespace, such as space, and that the first part must match the prefix we are using (in this case JWT).
If we go back and look at your client code, we can see that when you are building the value to be put in the Authorization header you are not adding a space between JWT and the actual token:
apiService.getUser("JWT" + access_token, username);
This is what you should have been doing:
apiService.getUser("JWT " + access_token, username);
Notice the space after JWT?
I'm getting a 404 error when attempting to post to this url:
https://www.googleapis.com/oauth2/v3/token
which is referenced in the Google Oauth documentaiton here:
https://developers.google.com/identity/protocols/OAuth2ServiceAccount#creatingjwt
Here's a snippet of code in case it helps:
Dim tokenRequestURL As String = "https://www.googleapis.com/oauth2/v3/token?grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9." & GetJWTclaimSet() & "." & GetJWTsignature()
Dim client As New WebClient()
Dim json = client.DownloadString(tokenRequestURL)
update copied from comment:
Dim tokenRequestURL As String "https://www.googleapis.com/oauth2/v3/token"
Dim client As New WebClient()
Dim params As New Specialized.NameValueCollection
params.Add("grant_type", "urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer")
params.Add("assertion", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9." & GetJWTclaimSet() & "." & GetJWTsignature())
Dim responsebytes = client.UploadValues(tokenRequestURL, "POST", params)
I am trying to log on this website: http://www.broadinstitute.org/cmap/index.jsp. I am using python 3.3 on Windows. I followed this answer https://stackoverflow.com/a/2910487/651779. My code:
import http.cookiejar
import urllib
url = 'http://www.broadinstitute.org/cmap/index.jsp'
values = {'j_username' : 'username',
'j_password' : 'password'}
data = urllib.parse.urlencode(values)
binary_data = data.encode('ascii')
cookies = http.cookiejar.CookieJar()
opener = urllib.request.build_opener(
urllib.request.HTTPRedirectHandler(),
urllib.request.HTTPHandler(debuglevel=0),
urllib.request.HTTPSHandler(debuglevel=0),
urllib.request.HTTPCookieProcessor(cookies))
response = opener.open(url, binary_data)
the_page = response.read()
http_headers = response.info()
It runs without erros, however the html in the_page is just the log in page. How can I log onto this page?
The site is using a JSESSIONID cookie to create session since HTTP requests are stateless. When you're making your request, you're not getting that session id first.
I sniffed a session to log into that site using Fiddler and found that the POST is made to a different URL, but it has that JSESSIONID cookie set. So you need to make a get to the URL first, capture that cookie using the cookiehandler, then POST to this URL:
post_url = 'http://www.broadinstitute.org/cmap/j_security_check'
You don't need to save the HTTP GET request at all, you can simply call opener.open(url), then in your code change the response line to this:
response = opener.open(post_url, binary_data)
Also the payload was missing the submit method. Here's the whole thing with the changes I suggest:
import http.cookiejar
import urllib
get_url = 'http://www.broadinstitute.org/cmap/index.jsp'
post_url = 'http://www.broadinstitute.org/cmap/j_security_check'
values = urllib.parse.urlencode({'j_username': <MYCOOLUSERNAME>,
'j_password': <MYCOOLPASSSWORD>,
'submit': 'sign in'})
payload = bytes(values, 'ascii')
cj = http.cookiejar.CookieJar()
opener = urllib.request.build_opener(
urllib.request.HTTPRedirectHandler(),
urllib.request.HTTPHandler(debuglevel=0),
urllib.request.HTTPSHandler(debuglevel=0),
urllib.request.HTTPCookieProcessor(cj))
opener.open(get_url) #First call to capture the JSESSIONID
resp = opener.open(post_url, payload)
resp_html = resp.read()
resp_headers = resp.info()
Any other requests using the opener you created will re-use that cookie and you should be able to freely navigate the site.
This is my code:
string accessToken = "##";
string accessTokenSecret = "##";
string consumerKey = "##";
string consumerSecret = "##";
string appToken = "##";
string realmId = "##"; //company id in quickbooks online
OAuthRequestValidator oauthValidator = new OAuthRequestValidator(accessToken, accessTokenSecret, consumerKey, consumerSecret);
ServiceContext context = new ServiceContext(oauthValidator, appToken, realmId, IntuitServicesType.QBO);
I am receiving: InvalidTokenException was unhandled by user code - {"Unauthorized"}
in the creating the new ServiceContext line. Not sure what the problem is.
Thanks for any help provided.
This error message:
InvalidTokenException was unhandled by user code - {"Unauthorized"}
Occurs when the OAuth tokens you're using are no longer valid.
I would double-check that:
You're using a valid set of OAuth tokens that you got from Intuit
The tokens are not expired (the Developer Playground tokens are very
short lived, longer-lived 6-month tokens are available if you set up
your own actual OAuth endpoint)
Here is Intuit's documentation for setting up your own OAuth endpoint:
http://docs.developer.intuit.com/0025_Intuit_Anywhere/0010_Getting_Started/0020_Connect/0010_From_Within_Your_App/Implement_OAuth_in_Your_App
I want to implement Paypal dodirect method for user can do payment directly on my website instead of redirecting to user
so for that i have added this URL as https://www.sandbox.paypal.com/wsdl/PayPalSvc.wsdl
and i am using following code
PayPalAPIAAInterfaceClient objpaypalapiaainterfaceclient = new PayPalAPIAAInterfaceClient("paypalapiaa");
CustomSecurityHeaderType objcustomsecurityheadertype = new CustomSecurityHeaderType();
objcustomsecurityheadertype.Credentials = new UserIdPasswordType();
objcustomsecurityheadertype.Credentials.Signature = "a8ft-8ji.2tzocnfshfjj4ahgxn4avlxzply8bmsbupxafkbty2--c6p";
objcustomsecurityheadertype.Credentials.Username = "fred_1350925179_biz_api1.gmail.com";
objcustomsecurityheadertype.Credentials.Password = "1350925199";
DoDirectPaymentReq objdodirectpaymentreq = new DoDirectPaymentReq();
objdodirectpaymentreq.DoDirectPaymentRequest = new DoDirectPaymentRequestType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails = new DoDirectPaymentRequestDetailsType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentAction = new PaymentActionCodeType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentAction = PaymentActionCodeType.Sale;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails = new PaymentDetailsType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard = new CreditCardDetailsType();
//objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.InvoiceID = "1";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.IPAddress = Request.ServerVariables["remote_addr"].ToString();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.MasterCard;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal = new BasicAmountType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner = new PayerInfoType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName = new PersonNameType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.currencyID = CurrencyCodeType.USD;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address = new AddressType();
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.Value = "120";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CreditCardNumber ="1111222233334444";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CVV2 = "258";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.ExpMonth = 9;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.ExpYear = 2013;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Payer = "rahularyansharma#gmail.com";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.FirstName = "Shakti";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.LastName = "Kapoor";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Street1 ="test address";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.CityName = "Atlanta";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.StateOrProvince = "ga";
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Country = CountryCodeType.US;
objdodirectpaymentreq.DoDirectPaymentRequest.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.PostalCode = "12345";
DoDirectPaymentResponseType objdodirectpaymentresponsetype = objpaypalapiaainterfaceclient.DoDirectPayment(ref objcustomsecurityheadertype, objdodirectpaymentreq);
now when i am run this code throwing followin exception
'
The request was aborted: Could not create SSL/TLS secure channel.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
You can confirm the SSL protocol for https://www.sandbox.paypal.com, using https://www.ssllabs.com/ssltest. The screenshot shows that it supports TLS 1.2 You will need to add the following two lines to your code at the point of making httpclient call:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
Sample:
The implementation should solve the problem.
Sorry, i cannot add this as a comment/question.
It seems like one of certificates for paypal is not in the trusted list.
Can you try download paypal root certificate and install it as trusted CA?
I think this two links can help you:
https://www.sslshopper.com/ssl-certificate-not-trusted-error.html
and
http://raysilvadotnet.wordpress.com/2014/02/13/problema-system-net-webexception-the-request-was-aborted-could-not-create-ssltls-secure-channel/
(sorry, cannot insert more than 2 links as normal links)
Also, please make sure you authenticating via login/password not certificate. If you are using certificate for API, you should follow last paragraph of this link