如何在 python 中生成 JWT 断言
How to generate JWT Assertion in python
我正在尝试实施 salesforce einstein 并尝试为他们的 api 获得授权。
在docs中写着:
Create the JWT payload. The payload is JSON that contains:
sub—Your email address. This is your email address contained in the Salesforce org you used to sign up for an Einstein Platform Services account.
aud—The API endpoint URL for generating a token.
exp—The expiration time in Unix time. This value is the current Unix time in seconds plus the number of seconds you want the token to be valid. For testing purposes, you can get the Unix time at Time.is.
The JWT payload looks like this JSON.
JSON
{
"sub": "<EMAIL_ADDRESS>",
"aud": "https://api.einstein.ai/v2/oauth2/token",
"exp": <EXPIRATION_SECONDS_IN_UNIX_TIME>
}
Sign the JWT payload with your RSA private key to generate an assertion. The private key is contained in the einstein_platform.pem file you downloaded when you signed up for an account. The code to generate the assertion varies depending on your programming language. If you're doing manual testing, you can generate an assertion using jwt.io.
如何在python中生成断言字符串?
发现jwt处理可以用pyjwt来完成。
https://pyjwt.readthedocs.io/en/latest/
但是我对获取断言字符串到底需要做什么感到困惑。
调用 curl 请求获得响应
curl -X POST \
https://api.einstein.ai/v2/oauth2/token \
-H 'Content-type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJodHRwczovL2FwaS5laW5zdGVpbi5haS92Mi9vYXV0aDIvdG9rZW4iLCJleHAiOjM2MDAsInN1YiI6ImJpdHR1LmNwcEBnbWFpbC5jb20ifQ.MHPzgIGThAwHzGCgEAHU8MyJafbIBQVuK_nW4f5ZUh8hN6eh50XbuP7YnDsCeTH0tIQA0OZlEveVnwnmvi1slnNEhad30NB76J-eLCBYK1xUnj2ZfESRaXxP65XMj_KRWdqgF9dMNLsjA08pPeFkBT1rSM8EmWxlCm_BuDPuQRt1zuSSdtWBInIeBafHhyMmdptTHMTeah0epZiyVhyiGscVkApU0bzhUG5AYGixEldemM6xATWs5EjEfZa-4kG26p2QhyHdjIno2n63nuq82A4Kna4GpHlo7QdqRvvUSDJFB_pM33s_LmMxGY_mNmUuDqpQdJ2k15OF9fvnVTUuVg&undefined='
但得到的答案是
{
"message": "Invalid JWT assertion"
}
首先安装pyjwt和cryptography:
$ pip install pyjwt
$ pip install cryptography
读取您的 .pem 文件内容并使用它来生成断言字符串,如下所示:
import jwt
payload = {
"sub": "<EMAIL_ADDRESS>",
"aud": "https://api.einstein.ai/v2/oauth2/token",
"exp": "<EXPIRATION_SECONDS_IN_UNIX_TIME>" # UNIX timestamp (integer)
}
with open('einstein_platform.pem') as f:
assertion_string = jwt.encode(payload, f.read(), algorithm='RS256')
print(assertion_string)
我正在尝试实施 salesforce einstein 并尝试为他们的 api 获得授权。
在docs中写着:
Create the JWT payload. The payload is JSON that contains:
sub—Your email address. This is your email address contained in the Salesforce org you used to sign up for an Einstein Platform Services account.
aud—The API endpoint URL for generating a token.
exp—The expiration time in Unix time. This value is the current Unix time in seconds plus the number of seconds you want the token to be valid. For testing purposes, you can get the Unix time at Time.is.
The JWT payload looks like this JSON.
JSON
{
"sub": "<EMAIL_ADDRESS>",
"aud": "https://api.einstein.ai/v2/oauth2/token",
"exp": <EXPIRATION_SECONDS_IN_UNIX_TIME>
}
Sign the JWT payload with your RSA private key to generate an assertion. The private key is contained in the einstein_platform.pem file you downloaded when you signed up for an account. The code to generate the assertion varies depending on your programming language. If you're doing manual testing, you can generate an assertion using jwt.io.
如何在python中生成断言字符串?
发现jwt处理可以用pyjwt来完成。 https://pyjwt.readthedocs.io/en/latest/ 但是我对获取断言字符串到底需要做什么感到困惑。
调用 curl 请求获得响应
curl -X POST \
https://api.einstein.ai/v2/oauth2/token \
-H 'Content-type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJodHRwczovL2FwaS5laW5zdGVpbi5haS92Mi9vYXV0aDIvdG9rZW4iLCJleHAiOjM2MDAsInN1YiI6ImJpdHR1LmNwcEBnbWFpbC5jb20ifQ.MHPzgIGThAwHzGCgEAHU8MyJafbIBQVuK_nW4f5ZUh8hN6eh50XbuP7YnDsCeTH0tIQA0OZlEveVnwnmvi1slnNEhad30NB76J-eLCBYK1xUnj2ZfESRaXxP65XMj_KRWdqgF9dMNLsjA08pPeFkBT1rSM8EmWxlCm_BuDPuQRt1zuSSdtWBInIeBafHhyMmdptTHMTeah0epZiyVhyiGscVkApU0bzhUG5AYGixEldemM6xATWs5EjEfZa-4kG26p2QhyHdjIno2n63nuq82A4Kna4GpHlo7QdqRvvUSDJFB_pM33s_LmMxGY_mNmUuDqpQdJ2k15OF9fvnVTUuVg&undefined='
但得到的答案是
{
"message": "Invalid JWT assertion"
}
首先安装pyjwt和cryptography:
$ pip install pyjwt
$ pip install cryptography
读取您的 .pem 文件内容并使用它来生成断言字符串,如下所示:
import jwt
payload = {
"sub": "<EMAIL_ADDRESS>",
"aud": "https://api.einstein.ai/v2/oauth2/token",
"exp": "<EXPIRATION_SECONDS_IN_UNIX_TIME>" # UNIX timestamp (integer)
}
with open('einstein_platform.pem') as f:
assertion_string = jwt.encode(payload, f.read(), algorithm='RS256')
print(assertion_string)