You need to sign in to do that
Don't have an account?
Yogesh Malbhage 18
Forbidden error on JWT access token
We are trying to generate JWT access token. Code for the same is provided below:
I am getting response with status as Forbidden and error code 403. So please help me through this.
ContentVersion cv = [SELECT VersionData FROM ContentVersion WHERE Title='einstein_platform' AND IsLatest = true]; System.debug('##cv'+cv); String keyContents = cv.VersionData.toString(); keyContents = keyContents.replace('-----BEGIN RSA PRIVATE KEY-----', ''); keyContents = keyContents.replace('-----END RSA PRIVATE KEY-----', ''); keyContents = keyContents.replace('\n',''); JWT jwt = new JWT('RS256'); jwt.pkcs8 = keyContents; jwt.iss = 'developer.force.com'; jwt.sub = 'abc@efg.com'; jwt.aud = 'https://api.einstein.ai/v2/oauth2/token'; jwt.exp = '3600'; String access_token = JWTBearerFlow.getAccessToken('https://api.einstein.ai/v2/oauth2/token', jwt); System.debug('##access_token'+access_token);
public class JWT { public String alg {get;set;} public String iss {get;set;} public String sub {get;set;} public String aud {get;set;} public String exp {get;set;} public String iat {get;set;} public Map<String,String> claims {get;set;} public Integer validFor {get;set;} public String cert {get;set;} public String pkcs8 {get;set;} public String privateKey {get;set;} public static final String HS256 = 'HS256'; public static final String RS256 = 'RS256'; public static final String NONE = 'none'; public JWT(String alg) { this.alg = alg; this.validFor = 300; } public String issue() { String jwt = ''; JSONGenerator header = JSON.createGenerator(false); header.writeStartObject(); header.writeStringField('alg', this.alg); header.writeEndObject(); String encodedHeader = base64URLencode(Blob.valueOf(header.getAsString())); JSONGenerator body = JSON.createGenerator(false); body.writeStartObject(); body.writeStringField('iss', this.iss); body.writeStringField('sub', this.sub); body.writeStringField('aud', this.aud); Long rightNow = (dateTime.now().getTime()/1000)+1; body.writeNumberField('iat', rightNow); body.writeNumberField('exp', (rightNow + validFor)); if (claims != null) { for (String claim : claims.keySet()) { body.writeStringField(claim, claims.get(claim)); } } body.writeEndObject(); jwt = encodedHeader + '.' + base64URLencode(Blob.valueOf(body.getAsString())); if ( this.alg == HS256 ) { Blob key = EncodingUtil.base64Decode(privateKey); Blob signature = Crypto.generateMac('hmacSHA256',Blob.valueof(jwt),key); jwt += '.' + base64URLencode(signature); } else if ( this.alg == RS256 ) { Blob signature = null; if (cert != null ) { signature = Crypto.signWithCertificate('rsa-sha256', Blob.valueOf(jwt), cert); } else { Blob privateKey = EncodingUtil.base64Decode(pkcs8); signature = Crypto.sign('rsa-sha256', Blob.valueOf(jwt), privateKey); } jwt += '.' + base64URLencode(signature); } else if ( this.alg == NONE ) { jwt += '.'; } return jwt; } public String base64URLencode(Blob input){ String output = encodingUtil.base64Encode(input); output = output.replace('+', '-'); output = output.replace('/', '_'); while ( output.endsWith('=')){ output = output.subString(0,output.length()-1); } return output; } }
public class JWTBearerFlow { public static String getAccessToken(String tokenEndpoint, JWT jwt) { String access_token = null; try{ String body = 'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=' + jwt.issue(); HttpRequest req = new HttpRequest(); req.setMethod('POST'); req.setEndpoint(tokenEndpoint); req.setHeader('Content-type', 'application/x-www-form-urlencoded'); req.setBody(body); Http http = new Http(); HTTPResponse res = http.send(req); System.debug('###res:'+res); System.debug('###getStatusCode:'+res.getStatusCode()); if ( res.getStatusCode() == 200 ) { System.JSONParser parser = System.JSON.createParser(res.getBody()); while (parser.nextToken() != null) { if ((parser.getCurrentToken() == JSONToken.FIELD_NAME) && (parser.getText() == 'access_token')) { parser.nextToken(); access_token = parser.getText(); break; } } } }catch(Exception ex){ System.debug('## Exception '+ ex.getMessage() + ex.getStackTraceString()); } return access_token; } }
I am getting response with status as Forbidden and error code 403. So please help me through this.