如何在 DocuSign 中使用生产环境获取访问令牌?
How to obtain Access Token using production environment in DocuSign?
在 Docusing 中,我成功获得了模拟账户的访问令牌并创建了信封,当我转移到生产账户时,我无法获得访问令牌并出现错误“远程服务器返回错误:(400)错误的请求。”我成功进行了 20 API 次调用,并通过开发者帐户审查并使 Go 生效,API 关键细节也反映在生产登录中。
旧代码
这是我用来获取访问令牌的代码。
Dim PrivateKey As String = odjDTRep.Rows(0)("PrivateKey").ToString().Trim.Replace(vbLf, "").Replace(vbCr, "")
'This section to generate jwt Header
Dim ar1 As JObject = New JObject()
ar1.Add("typ", "JWT")
ar1.Add("alg", "RS256")
Dim header As String = Base64UrlEncoder.Encode(ar1.ToString)
'This section to generate jwt Body
Dim ar2 As JObject = New JObject()
ar2.Add("iss", odjDTRep.Rows(0)("iss_Int_Key").ToString())
ar2.Add("sub", odjDTRep.Rows(0)("sub1_Api_UserName").ToString())
ar2.Add("iat", DateDiff(DateInterval.Second, New Date(1970, 1, 1), Now().ToUniversalTime))
ar2.Add("exp", DateDiff(DateInterval.Second, New Date(1970, 1, 1), DateAdd(DateInterval.Hour, 1, Now().ToUniversalTime)))
ar2.Add("aud", odjDTRep.Rows(0)("aud").ToString())' aud i pass account.docusign.com
ar2.Add("scope", odjDTRep.Rows(0)("scope").ToString())
Dim body As String = Base64UrlEncoder.Encode(ar2.ToString)
Dim stringToSign As String = header & "." & body
Dim bytesToSign() As Byte = Encoding.UTF8.GetBytes(stringToSign)
Dim keyBytes() As Byte = Convert.FromBase64String(PrivateKey)
Dim privKeyObj = Asn1Object.FromByteArray(keyBytes)
Dim privStruct = RsaPrivateKeyStructure.GetInstance(privKeyObj)
'This section to generate jwt Signature
Dim sig As ISigner = SignerUtilities.GetSigner("SHA256withRSA")
sig.Init(True, New RsaKeyParameters(True, privStruct.Modulus, privStruct.PrivateExponent))
sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length)
Dim signature() As Byte = sig.GenerateSignature()
Dim sign As String = Base64UrlEncoder.Encode(signature)
Dim a As String = header & "." & body & "." & sign
ServicePointManager.Expect100Continue = True
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
ServicePointManager.SecurityProtocol = DirectCast(3072, SecurityProtocolType)
ServicePointManager.Expect100Continue = True
Dim request As WebRequest = WebRequest.Create("https://account.docusign.com/oauth/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=" & a & "")
request.Method = "POST"
request.ContentType = "application/x-www-form-urlencoded"
request.ContentLength = 0
request.Headers.Add("X-DocuSign-Authentication", "{ ""Username"":""" & odjDTRep.Rows(0)("UserName").ToString() & """, ""Password"":""" & odjDTRep.Rows(0)("Password").ToString() & """, ""IntegratorKey"":""" & odjDTRep.Rows(0)("iss_Int_Key").ToString() & """ }")
Dim response As WebResponse = request.GetResponse()
Console.WriteLine((CType(response, HttpWebResponse)).StatusCode)
If (CType(response, HttpWebResponse)).StatusCode <> HttpStatusCode.OK Then
Return "002:Fail"
End If
Dim dataStream As Stream = response.GetResponseStream()
Dim reader As New StreamReader(dataStream)
Dim responseFromServer As String = reader.ReadToEnd()
reader.Close()
response.Close()
我从 SQL table 读取并存储在 DataTable 中的所有详细信息,我从 DataTable 传递该代码中的所有详细信息。还有其他 URL 我需要在上面提到的生产环境中进行更改吗?
获取访问令牌的新代码
var apiCent = new ApiClient("https://demo.docusign.net/restapi");
string ik = "xxxx-6a8b-4a7d-ba0f-xxxx";
string userId = "xxxxx-db97-xxx-a398-0e5986fadf49";
string accountId = "xxxxx-3e10-42af-xxxxx-xxxx";
string envId = "";
string authserver = "account.docusign.com";
string rsaKey = "xxxxxxxxxi7+b8i7SmfRdx8sExxxxxxxKmwIbLFOv1LtmUk/KRP8wPmMeNpq10kAzizzAeqnuBgW9ECHjV/gUA984dzk128UPmIRqTW+69e1dSknGA+nJWshyZEqJXmvFB8Ueie5EiCW6FIlXpdLVWwmJwUGiQQsV+r8hpmbhSImr5A40HQPPpasYAnKPNDgRbKwxrOONrCdUUre34Up2sk8gcAcMQRwKosPBn6/dAXadYP0sKEGSVKogguNSCyoHOLh74MPepDLnEVs9VAiyk+zQEmZxYaXhrV4pvO2C5WNXdnqHUdcC/McZOBVGwRdG0xOaC8t4lplJHjiis+8YQEWQIDAQABAoIBACTzxYJBBWGtVXRyqo+jzqmSOKJrBumvtHlC6k7IvYYInJI3IVPV44pC+eROAdDiYgQE9LZvag2MW7A8IAeYwWJZhBKCq8odz4plgJaZwX2YdItDP4kSjIOco5W4lMjMQd66KNMTKFkS2fgbtBF0crogO8cuAwn+kZtsdFH8IKA+LPQjvp09yXZvDN6Q8XTKfcIkW2TqthdUOcJP65h72KwQnQGGvTDAd8p3OsHqAt7LEwW6xg0ci2HT1fGZbdwrXVHFHX9mFPndLmQ1CZlwX8XiVIHYPdbEEjO+3U29jGsi/k8+h54ngcf5H1An8t+fdDVzknprbCGOIdynnLFq0CgYEA1os/qHEXObHe+Yn2EQWM924hPtOjY5Z6p60EEALaaKVLYiCyhI7fXkhfB0475gC0+HhGgyu0zts04iOE2Agr8Yc8jAkZ3/UGOrbBFoSSyHvKYQaYqdWJ4HjbV3L5jkWSzplmn5/KFM9COMecEpx0cXkhxt1MMC5gu3WKU5QWhMcCgYEAvdLlwOf33KUsG/dojZAtzK6Lz6UoBi+nHHg9jZ2V561xSzhrGGBTRkpUL5kf66AOrHRNYZvNX051WCzsQ94NBOzgwykhqcC+gYBx6ravoBgyyrw/YICQB69xkxJlq/uGZQf3cvcPfcxFbjySzjCqgmgXewmqJE2U0drnhDVzd8CgYBOGViuB6UNwptJuZgSsDOVqsh9Z2t2CERUH553+aHqMCnV6dMygBP97Vhyf188pgs63AXHIDTsjE2e+JEWVzsv7Cv1SibaKQcAfqChgtcwFigg09blFC/hv/0Qw3DnApqjjKIX/4H/u0b/BmLhP4T//bl2+/4NGATsmKgnLqRX5wKBgBFP36ZVQZS896XhTYbDpHmrXZLldB4EUJBXIv38ZkSH2/JJRfMmLdIWS1E//NpHca8muDvzsqpDhJn7qMe4KnVNaqzEBWlGaA4XaCgmm+aN3MYKt4nXRo9EfnhMUtXMW8G3caSPyBlapv5dLLPRjGdnk1mdhPUQsUytEdKLpIQvAoGAbcb1rHbHv9AlmBBq5JODGgfN9GbLpPR6KyCtUGPhIrcSyZF00PcIEckwwt1XvqFJXFzFWCs9SEq7YbmGKuxSVZ7NLOOLaX6lZ3HdBiHvqcsCdMiqw9egTqqkn2po7pGCQzwxYmGLBfF+MXDo3KTynvNMz31efrZlmQsVq3VBt9U=";
var scopes = new List<string>
{
"signature"
};
OAuth.OAuthToken authToken = apiCent.RequestJWTUserToken(ik, userId, authserver,Encoding.UTF8.GetBytes(rsaKey), 1, scopes);
string accessToken = authToken.access_token;
现在我收到“意外的 PEM 类型”错误,在生产帐户中我使用 IK、UserID 并生成了新的 RSA 密钥。
首先,using legacy auth is not allowed 用于新应用程序。您正在使用带有明文密码的 X-DocuSign-Authentication header,这是一种传统的身份验证机制。 不安全,不能使用。
使用 JWT authentication 并从开发环境更改为生产环境时,您必须执行以下操作:
- 通过 go-live 并获准将您的 IK(应用程序)投入生产。
- 将您的 IK 提升到您的生产帐户。
- 为生产帐户中的新 IK 创建一个新的 RSA 密钥。您不能使用开发者帐户中的 RSA 密钥。
- 身份验证的 URL 由 https://account-s.docusign.com to https://account.docusign.com
更改
- 用户的 userId 将是不同的 GUID - 需要更新
- 帐户的 accountId 将是不同的 GUID - 需要更新
在 Docusing 中,我成功获得了模拟账户的访问令牌并创建了信封,当我转移到生产账户时,我无法获得访问令牌并出现错误“远程服务器返回错误:(400)错误的请求。”我成功进行了 20 API 次调用,并通过开发者帐户审查并使 Go 生效,API 关键细节也反映在生产登录中。
旧代码 这是我用来获取访问令牌的代码。
Dim PrivateKey As String = odjDTRep.Rows(0)("PrivateKey").ToString().Trim.Replace(vbLf, "").Replace(vbCr, "")
'This section to generate jwt Header
Dim ar1 As JObject = New JObject()
ar1.Add("typ", "JWT")
ar1.Add("alg", "RS256")
Dim header As String = Base64UrlEncoder.Encode(ar1.ToString)
'This section to generate jwt Body
Dim ar2 As JObject = New JObject()
ar2.Add("iss", odjDTRep.Rows(0)("iss_Int_Key").ToString())
ar2.Add("sub", odjDTRep.Rows(0)("sub1_Api_UserName").ToString())
ar2.Add("iat", DateDiff(DateInterval.Second, New Date(1970, 1, 1), Now().ToUniversalTime))
ar2.Add("exp", DateDiff(DateInterval.Second, New Date(1970, 1, 1), DateAdd(DateInterval.Hour, 1, Now().ToUniversalTime)))
ar2.Add("aud", odjDTRep.Rows(0)("aud").ToString())' aud i pass account.docusign.com
ar2.Add("scope", odjDTRep.Rows(0)("scope").ToString())
Dim body As String = Base64UrlEncoder.Encode(ar2.ToString)
Dim stringToSign As String = header & "." & body
Dim bytesToSign() As Byte = Encoding.UTF8.GetBytes(stringToSign)
Dim keyBytes() As Byte = Convert.FromBase64String(PrivateKey)
Dim privKeyObj = Asn1Object.FromByteArray(keyBytes)
Dim privStruct = RsaPrivateKeyStructure.GetInstance(privKeyObj)
'This section to generate jwt Signature
Dim sig As ISigner = SignerUtilities.GetSigner("SHA256withRSA")
sig.Init(True, New RsaKeyParameters(True, privStruct.Modulus, privStruct.PrivateExponent))
sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length)
Dim signature() As Byte = sig.GenerateSignature()
Dim sign As String = Base64UrlEncoder.Encode(signature)
Dim a As String = header & "." & body & "." & sign
ServicePointManager.Expect100Continue = True
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
ServicePointManager.SecurityProtocol = DirectCast(3072, SecurityProtocolType)
ServicePointManager.Expect100Continue = True
Dim request As WebRequest = WebRequest.Create("https://account.docusign.com/oauth/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=" & a & "")
request.Method = "POST"
request.ContentType = "application/x-www-form-urlencoded"
request.ContentLength = 0
request.Headers.Add("X-DocuSign-Authentication", "{ ""Username"":""" & odjDTRep.Rows(0)("UserName").ToString() & """, ""Password"":""" & odjDTRep.Rows(0)("Password").ToString() & """, ""IntegratorKey"":""" & odjDTRep.Rows(0)("iss_Int_Key").ToString() & """ }")
Dim response As WebResponse = request.GetResponse()
Console.WriteLine((CType(response, HttpWebResponse)).StatusCode)
If (CType(response, HttpWebResponse)).StatusCode <> HttpStatusCode.OK Then
Return "002:Fail"
End If
Dim dataStream As Stream = response.GetResponseStream()
Dim reader As New StreamReader(dataStream)
Dim responseFromServer As String = reader.ReadToEnd()
reader.Close()
response.Close()
我从 SQL table 读取并存储在 DataTable 中的所有详细信息,我从 DataTable 传递该代码中的所有详细信息。还有其他 URL 我需要在上面提到的生产环境中进行更改吗?
获取访问令牌的新代码
var apiCent = new ApiClient("https://demo.docusign.net/restapi");
string ik = "xxxx-6a8b-4a7d-ba0f-xxxx";
string userId = "xxxxx-db97-xxx-a398-0e5986fadf49";
string accountId = "xxxxx-3e10-42af-xxxxx-xxxx";
string envId = "";
string authserver = "account.docusign.com";
string rsaKey = "xxxxxxxxxi7+b8i7SmfRdx8sExxxxxxxKmwIbLFOv1LtmUk/KRP8wPmMeNpq10kAzizzAeqnuBgW9ECHjV/gUA984dzk128UPmIRqTW+69e1dSknGA+nJWshyZEqJXmvFB8Ueie5EiCW6FIlXpdLVWwmJwUGiQQsV+r8hpmbhSImr5A40HQPPpasYAnKPNDgRbKwxrOONrCdUUre34Up2sk8gcAcMQRwKosPBn6/dAXadYP0sKEGSVKogguNSCyoHOLh74MPepDLnEVs9VAiyk+zQEmZxYaXhrV4pvO2C5WNXdnqHUdcC/McZOBVGwRdG0xOaC8t4lplJHjiis+8YQEWQIDAQABAoIBACTzxYJBBWGtVXRyqo+jzqmSOKJrBumvtHlC6k7IvYYInJI3IVPV44pC+eROAdDiYgQE9LZvag2MW7A8IAeYwWJZhBKCq8odz4plgJaZwX2YdItDP4kSjIOco5W4lMjMQd66KNMTKFkS2fgbtBF0crogO8cuAwn+kZtsdFH8IKA+LPQjvp09yXZvDN6Q8XTKfcIkW2TqthdUOcJP65h72KwQnQGGvTDAd8p3OsHqAt7LEwW6xg0ci2HT1fGZbdwrXVHFHX9mFPndLmQ1CZlwX8XiVIHYPdbEEjO+3U29jGsi/k8+h54ngcf5H1An8t+fdDVzknprbCGOIdynnLFq0CgYEA1os/qHEXObHe+Yn2EQWM924hPtOjY5Z6p60EEALaaKVLYiCyhI7fXkhfB0475gC0+HhGgyu0zts04iOE2Agr8Yc8jAkZ3/UGOrbBFoSSyHvKYQaYqdWJ4HjbV3L5jkWSzplmn5/KFM9COMecEpx0cXkhxt1MMC5gu3WKU5QWhMcCgYEAvdLlwOf33KUsG/dojZAtzK6Lz6UoBi+nHHg9jZ2V561xSzhrGGBTRkpUL5kf66AOrHRNYZvNX051WCzsQ94NBOzgwykhqcC+gYBx6ravoBgyyrw/YICQB69xkxJlq/uGZQf3cvcPfcxFbjySzjCqgmgXewmqJE2U0drnhDVzd8CgYBOGViuB6UNwptJuZgSsDOVqsh9Z2t2CERUH553+aHqMCnV6dMygBP97Vhyf188pgs63AXHIDTsjE2e+JEWVzsv7Cv1SibaKQcAfqChgtcwFigg09blFC/hv/0Qw3DnApqjjKIX/4H/u0b/BmLhP4T//bl2+/4NGATsmKgnLqRX5wKBgBFP36ZVQZS896XhTYbDpHmrXZLldB4EUJBXIv38ZkSH2/JJRfMmLdIWS1E//NpHca8muDvzsqpDhJn7qMe4KnVNaqzEBWlGaA4XaCgmm+aN3MYKt4nXRo9EfnhMUtXMW8G3caSPyBlapv5dLLPRjGdnk1mdhPUQsUytEdKLpIQvAoGAbcb1rHbHv9AlmBBq5JODGgfN9GbLpPR6KyCtUGPhIrcSyZF00PcIEckwwt1XvqFJXFzFWCs9SEq7YbmGKuxSVZ7NLOOLaX6lZ3HdBiHvqcsCdMiqw9egTqqkn2po7pGCQzwxYmGLBfF+MXDo3KTynvNMz31efrZlmQsVq3VBt9U=";
var scopes = new List<string>
{
"signature"
};
OAuth.OAuthToken authToken = apiCent.RequestJWTUserToken(ik, userId, authserver,Encoding.UTF8.GetBytes(rsaKey), 1, scopes);
string accessToken = authToken.access_token;
现在我收到“意外的 PEM 类型”错误,在生产帐户中我使用 IK、UserID 并生成了新的 RSA 密钥。
首先,using legacy auth is not allowed 用于新应用程序。您正在使用带有明文密码的 X-DocuSign-Authentication header,这是一种传统的身份验证机制。 不安全,不能使用。
使用 JWT authentication 并从开发环境更改为生产环境时,您必须执行以下操作:
- 通过 go-live 并获准将您的 IK(应用程序)投入生产。
- 将您的 IK 提升到您的生产帐户。
- 为生产帐户中的新 IK 创建一个新的 RSA 密钥。您不能使用开发者帐户中的 RSA 密钥。
- 身份验证的 URL 由 https://account-s.docusign.com to https://account.docusign.com 更改
- 用户的 userId 将是不同的 GUID - 需要更新
- 帐户的 accountId 将是不同的 GUID - 需要更新