如何获取 Cylance 用户 API 的访问令牌?

How to get an access token for the Cylance User API?

我想使用 Cylance 用户 API。我从他们那里得到了 C# 示例代码来使用,但他们告诉我他们不会回答任何问题。

这是我用来获取访问令牌的代码:

    private const int TimeoutSecs = 1800;
    private static void Main()
    {
        const string tenantId = "...";     // Tenant Id. The "..." are the real values of course. I just deleted them here because this is no info which belongs in the internet.
        const string appId = "...";
        const string appSecret = "...";    // Application secret.

        var utcNow = DateTime.UtcNow;
        var jwtClaims = new JwtClaims
        {
            jti = Guid.NewGuid().ToString(),
            iat = utcNow.ToUnixTimestamp(),
            exp = utcNow.AddSeconds(TimeoutSecs).ToUnixTimestamp(),
            iss = "http://cylance.com",
            tid = tenantId,
            sub = appId
        };

        try
        {
            var authToken = GenerateAuthorizationToken(jwtClaims, appSecret);
            Console.WriteLine($"\n[Authorization Token]\n{authToken}\n");

            var accessToken = GenerateAccessToken(authToken);
            Console.WriteLine($"\n[Access Token]\n{accessToken}\n");
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex);
        }

        Console.WriteLine("Press <Enter> to exit...");
        Console.ReadLine();
    }

    private static string GenerateAuthorizationToken(JwtClaims jwtClaims, string appSecret)
    {
        if (jwtClaims == null)
        {
            throw new ArgumentNullException(nameof(jwtClaims));
        }

        if (string.IsNullOrWhiteSpace(appSecret))
        {
            throw new ArgumentException(nameof(appSecret));
        }

        var algorithm = new HMACSHA256Algorithm();
        var serializer = new JsonNetSerializer();
        var encoder = new JwtBase64UrlEncoder();
        var jwt = new JwtEncoder(algorithm, serializer, encoder);

        return jwt.Encode(jwtClaims, appSecret);
    }

    private static string GenerateAccessToken(string authToken)
    {
        if (string.IsNullOrWhiteSpace(authToken))
        {
            throw new ArgumentException(nameof(authToken));
        }

        const string authEndpoint = "https://protectapi.cylance.com/auth/v2/token";

        var authRequest = new AuthTokenRequest
        {
            AuthToken = authToken
        };

        var authTask = authEndpoint
            .PostJsonAsync(authRequest)
            .ReceiveJson<AuthTokenResponse>();

        Task.WaitAll(authTask);

        var authResponse = authTask.Result;

        return authResponse.AccessToken;
    }
}


internal sealed class AuthTokenRequest
{
    [JsonProperty("auth_token")]
    public string AuthToken { get; set; }
}

internal sealed class AuthTokenResponse
{
    [JsonProperty("access_token")]
    public string AccessToken { get; set; }
}

internal sealed class JwtClaims
{
    public long exp { get; set; }
    public long iat { get; set; }
    public string iss { get; set; }
    public string sub { get; set; }
    public string jti { get; set; }
    public string tid { get; set; }
}

但是当我调用 main 时抛出异常(auth_token-text 实际上更大,但由于与上述相同的原因我将其删除):

POST https://protectapi.cylance.com/auth/v2/token failed with status code 401 (Unauthorized).
Request body:
{"auth_token":"ey...
                    ...wQQ"}
Response body:
{"message":"Invalid JWT payload"}

关于响应消息“无效的 JWT 负载”,我认为我在创建 AuthorizationToken 时做错了,但我不知道是什么。

问题是,认证端点的 url 是错误的。所以这是正确的行(在函数中:GenerateAccessToken)

const string authEndpoint = "https://protectapi-euc1.cylance.com/auth/v2/token";

因为我来自欧洲中部。

这是文档中描述的完整服务端点列表: