CODEWITHSUNDEEP
apigojwtapp-store-connectjwt-go
Cawa
Cawa

Reputation: 1299

ItunesConnectApi JWT

I'm trying to use App Store Connect API. According to the docs, first I'm trying to generate JWT token. Here's the code in golang:

    package main

    import (
        "fmt"
        "io/ioutil"
        "log"
        "time"
        "github.com/dgrijalva/jwt-go"
    )
var iss = "xxxxxxxxxxxxxxxxxxxxx"
var kid = "xxxxx"

func main() {

        bytes, err := ioutil.ReadFile("AuthKey.p8")
        if err!=nil {
            fmt.Println(err)
        }

        token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{
            "iss": iss,
            "exp": time.Now().Unix()+6000,
            "aud": "appstoreconnect-v1",
        })

        token.Header["kid"] = kid

        tokenString, err := token.SignedString(bytes)
        if err != nil {
            log.Fatal(err)
        }
        fmt.Println(tokenString)

    }

AuthKey.p8 - p8 private key from https://appstoreconnect.apple.com/access/api

Seems jwt lib can't use this p8 at a sign key, so Im getting error: key is of invalid type

Maybe someone already hade same problems? Or got example in other langusge?

UPD: After this suggestin I've updated the code to:

func main() {

    bytes, err := ioutil.ReadFile("AuthKey.p8")
    if err!=nil {
        fmt.Println(err)
    }

    block, _ := pem.Decode(bytes)
    key, err := x509.ParsePKCS8PrivateKey(block.Bytes)
    if err != nil {
        log.Fatal(err)
    }

    token := jwt.NewWithClaims(jwt.SigningMethodES256, jwt.MapClaims{
        "iss": iss,
        "exp": time.Now().Unix()+6000,
        "aud": "appstoreconnect-v1",
    })

    token.Header["kid"] = kid

    tokenString, err := token.SignedString(key)
    if err != nil {
        log.Fatal(err)
    }
    fmt.Println(tokenString)

}

And getting the JWT token, but when I'm trying to use it got 401 from apple api.

 {
        "errors": [{
                "status": "401",
                "code": "NOT_AUTHORIZED",
                "title": "Authentication credentials are missing or invalid.",
                "detail": "Provide a properly configured and signed bearer token, and make sure that it has not expired. Learn more about Generating Tokens for API Requests https://developer.apple.com/go/?id=api-generating-tokens"
        }]
}

Upvotes: 2

Views: 272

Answers (2)

Cawa
Cawa

Reputation: 1299

Found the problem, replaced "exp": time.Now().Unix()+6000, with "exp": time.Now().Add(time.Minute * 20).Unix(),

Upvotes: 1

Sah4ez
Sah4ez

Reputation: 103

Seems this problem from the issue from jwt-go library.

Author said:

The library will not automatically parse your key from a byte slice. For ES256, I believe you need to provide a key of type *ecdsa.PrivateKey. As of v4, this will also accept a crypto.Signer so long as it produces a valid signature for that signing method.

And you can try this code example.

Upvotes: 1

Related Questions