This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Constructing the JWT Assertion to box

Posted on 03-22-2016 07:22 PM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

@Dino:

As per https://community.apigee.com/questions/13878/jwt-policy.html creating a new thread as it is getting little tricky to use the existing java code in github.

Ref:

https://github.com/apigee/iloveapis2015-jwt-jwe-jws

Two issues:

1. Issue with "audience" standard property , as per box(https://box-content.readme.io/docs/app-auth)it

expects as string which is valid as per JWT spec.

https://tools.ietf.org/html/rfc7519

Even though we convert it to string when the claim set gets generated with base64encoded url it is converting to array and not as string.

<Property name="audience">https://api.box.com/oauth2/token</Property>

2.Other issue with escape characters "/" with in the audience URI ,even though we replace the string it still shows as https:/\/\api.box.com/\oauth2/\token

If we fix the passing a string & get rid of escape characters we should be able to get the token.

Still trying to figure out but let me know if you can try with box & let us know if it is successful to get the token?

Solved Solved
0 7 1,126
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

To create a JWT for use with Box, you can use something like this for the policy config: 

<JavaCallout name='JavaCallout-JWT-Create'>
  <DisplayName>JavaCallout-JWT-Create</DisplayName>
  <Properties>
    <Property name="algorithm">RS256</Property>
    <Property name="debug">true</Property>
    <Property name="private-key">{variable-that-contains-private-key-PEM}</Property>
    <Property name="private-key-password">{variable-holding-PEM-password-here}</Property>
    <Property name="subject">urn:75E70AF6-B468-4BCE-B096-88F13D6DB03F</Property>
    <Property name="issuer">api-key-goes-here-78B13CD0-CEFD-4F6A-BB76</Property>
    <Property name="audience">https://api.box.com/oauth2/token</Property>
    <Property name="expiresIn">30</Property> <!-- in seconds -->
    <Property name="claim_box_sub_type">enterprise</Property>
    <Property name="claim_jti">45760806-BAD5-4A01-896A-C5811436C377</Property>


    <!-- other custom claims to embed -->
    <Property name="claim_my_custom_claim1">{context.var.here}</Property>


  </Properties>


  <ClassName>com.apigee.callout.jwt.JwtCreatorCallout</ClassName>
  <ResourceURL>java://jwt-signed-edge-callout.jar</ResourceURL>
</JavaCallout>

View solution in original post

Jump to Solution
0 Likes
7 REPLIES 7
Top Solution Authors
View all