Bartosz Żaczek
Reputation: 1
Salesforce authorization ECDSA-521
I have problem with creating integration with an external system. I have key provided by clients It's a ECDSA-521 key pair, it uses the P-521 curve and its in this format: pkcs8. They also gave us snippet of code in node js which should help us with an authentication.
const key = await crypto.subtle.importKey(
'pkcs8',
Buffer.from(PRIVATE_KEY, 'base64'),
{ name: 'ECDSA', namedCurve: 'P-521' },
true,
['sign'],
);
const signature = await crypto.subtle.sign(
{ name: 'ECDSA', hash: 'SHA-512' },
key,
Buffer.from(JSON.stringify(event)),
);
const signatureBase64 = Buffer.from(signature).toString('base64');
My apex code currently looks like this:
Blob privateKeyBlob = EncodingUtil.base64Decode(keyBase64);
Blob dataToSignBlob = Blob.valueOf(payload);
Blob signed = Crypto.sign('ECDSA-SHA512', dataToSignBlob, privateKeyBlob);
String signatureBase64 = EncodingUtil.base64Encode(signed);
HttpRequest req = new HttpRequest();
req.setBody(payload);
req.setHeader('xyz', signatureBase64);
req.setEndpoint('xyz');
req.setMethod('POST');
Http http = new Http();
HttpResponse response = http.send(req);
System.debug(response.getHeaderKeys());
System.debug(response.toString());
I'm receiving always the same result: [Status=Bad Request, StatusCode=400]
Any ideas what's wrong?
Upvotes: 0
Views: 43
Answers (0)
Related Questions
- Google OAuth 2 authorization - Error: redirect_uri_mismatch
- Authentication versus Authorization
- Salesforce Redirect to Salesforce ID based on External ID
- Why is there an "Authorization Code" flow in OAuth2 when "Implicit" flow works so well?
- Restrict access of a connected app (Salesforce)
- Salesforce Authorization with Sandbox
- Salesforce Integration With facebook messanger
- Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?