I import JWT(using .Package(url:"https ://github.com/vapor/jwt.git", majorVersion: 1))
enter image description here
The project can build and run. But when I look into CTLS, the Xcode shows "Could not load module: CTLS". I don't know why.
At the same time, the JWT I create seems not right. Here is my codes:
import JWT
import Vapor
get("token") { req in
let algValue = StructuredData.string("ES256")
let kidValue = StructuredData.string("CapExedKid")
let headerData = StructuredData.object(["alg":algValue,"kid":kidValue])
let header = JSON.init(headerData)
let issValue = StructuredData.string("CapExdTeam")
let sec = Int(Date().timeIntervalSince1970)
let iatValue = StructuredData.number(StructuredData.Number(sec))
let expValue = StructuredData.number(StructuredData.Number(sec+1000000))
let claimsData = StructuredData.object(["iss":issValue,"iat":iatValue,"exp":expValue])
let claims = JSON.init(claimsData)
let url = URL.init(fileURLWithPath: "/Users/aamac/Desktop/HelloWorld/AuthKey_demoKey.p8")
let data = try Data.init(contentsOf: url)
let signer = ES256.init(key: data.makeBytes())
let jwt = try JWT.init(headers: header, payload: claims, signer: signer)
let token = try jwt.createToken()
return token }
I use the token to do the authenticate requests as Apple Music API says, I got a http status code 500..
I enter this in terminal:
curl -v -H 'Authorization: Bearer [developer token]' "https ://api.music.apple.com/v1/catalog/us/songs/203709340"
and got 500..
But I use a Python library to get the token and do the request in terminal, it works, so I doubt that the JWT in swift have some kind of problem...Can anyone tell me??
I experienced a similar problem (https://github.com/vapor/jwt/issues/47). What worked for me was using data.bytes.base64Decoded instead of data.makeBytes() when initializing the signer.
Related
I have created a B2C instance called myB2CDemonstration and there I created a Experience Framework flow called B2C_1A-SIGNUP_SIGNIN.
My code looks like this:
let kClientID = "d7628 ... 4a34d"
let kGraphEndpoint = "https://graph.microsoft.com/"
let kAuthority1 = "https://login.microsoftonline.com/7fb6a ... 427"
let kAuthority2 = "https://myB2CDemonstration.b2clogin.com/myB2CDemonstration.onmicrosoft.com/B2C_1A_SIGNUP_SIGNIN"
let kAuthority3 = "https://myB2CDemonstration.onmicrosoft.com/7fb6a ... 427"
let kRedirectUri = "msauth.br.com.edenred.ticket://auth"
let kAuthority = kAuthority1 // or 2 or 3
guard let authorityURL = URL(string: kAuthority) else {
self.updateLogging(text: "Unable to create authority URL")
return
}
let authority = try MSALAADAuthority(url: authorityURL)
let msalConfiguration = MSALPublicClientApplicationConfig(clientId: kClientID,
redirectUri: kRedirectUri,
authority: authority)
msalConfiguration.knownAuthorities = [authority]
self.applicationContext = try MSALPublicClientApplication(configuration: msalConfiguration)
self.initWebViewParams()
if I use kAuthority1 or kAuthority2 I get the error
Could not acquire token: Error Domain=MSALErrorDomain Code=-50000
UserInfo={MSALErrorDescriotionKey=AADSTS50049: Unknown or invalid instance.
MSALOAutherrorKey=invalid_instance, MSALInternalErrorCOdeKey=-42010}
(and a bunch of trace ids e correlation ids and etc)
if I use kAuthority3 I get the error
The operation couldn’t be completed. (MSIDErrorDomain error -51112.)
TID=3929455 MSAL 1.2.5 iOS Sim 16.2 [2023-01-05 20:48:01] Creating Error with description: Trying to initialize AAD authority with B2C authority url.
can anyone tell me what im doing wrong?
Try the sample here, you seem to be using an AAD sample. https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-sample-ios-app
I actually got it myself: I changed the MSALAADAuthority to MSALB2CAuthority and removed the scopes and used the variant 2 (with name of tenant and no GUIDs)
I am going to implement SSO Auth to our enterprise application. I watched this WWDC talk. There is not enough information. I tried to use a simple code from this talk like this:
let url = URL(string: "realm://{{identity_server_url}")! //I checked this by changing realm: to https:.
let ssoProvider = ASAuthorizationSingleSignOnProvider(identityProvider: url)
let request = ssoProvider.createRequest()
request.requestedOperation = .operationLogin
let authController = ASAuthorizationController(authorizationRequests: [request])
authController.delegate = self
authController.presentationContextProvider = self
authController.performRequests()
self.ssoProvider = ssoProvider
self.authController = authController
But this is always failed with this error description:
Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1000 "(null)"
I'm trying unsuccessfully to get a userToken for Apple Music SDK using the developerToken from JWT. I've used pelauimagineering/apple-music-token-generator and I could get a valid and static userToken. But apple recommend to make dynamic, so I'm trying to use JWT again.
Someone can tell me please what's wrong with my code? Thank you
func fetchDeveloperToken() -> String? {
func fetchDeveloperToken() -> String? {
let iat = Date().timeIntervalSince1970
let days = TimeInterval(24*60*60*120) //120 days
let exp = TimeInterval(iat + days)
let kid = "TBESJXXXXX"
let iss = "KQ6Z6XXXXX"
let alg = "ES256"
let secret = "MIGTAgEAMBMGByqEU7ZHQsoVfmKCCxS5W6BnCgCgYIKoZIzj0AAQcggNoN7dTkNG/8timkkf+Z2toogAqN41YgOXXXXXXXXXXXXXXXXXXsecretkey"
let header:[AnyHashable:Any] = ["alg":alg, "kid":kid]
let payload:[AnyHashable:Any] = ["iss": iss,
"iat": iat,
"exp": exp]
let algorithm256 = JWTAlgorithmHS256()
return JWT.encodePayload(payload, withSecret: secret, withHeaders: header, algorithm: algorithm256)
}
Apple requires you to use the ES256 algorithm, not HS256, I ran into the same issue too. The JWT libray that you're using doesn't support ES256 as you can see here. The only other library on iOS that is listed that supports it is this one
I'm having problems when trying to do Wishlist Member authentication from an iOS Swift application. The goal is to retrieve the current users email address. I’ve tried to interpret this info: http://codex.wishlistproducts.com/tutorial-authenticating-with-the-wishlist-member-api-from-a-non-php-application-ios-android-netetc/, but keep getting "success" :0, "ERROR_CODE" :65537, "ERROR" : "Access denied - Invalid authentication”. First step works, i.e. I’m able to get the “lock” cookie. I’m using SwiftHash for MD5. This is what I'm doing:
1) Run auth command in order to get the “lock” cookie.
http://content.xxxxxxxx.com/?/wlmapi/2.0/json/auth
This works fine and I get a lock cookie.
2) Then I run the following request using the API key and the “lock” cookie
let lock = self.getWLMAPILock(). // retrieve lock cookie
let key = “xxxxxxxxxxxxxxxxxxxx” // key removed for security
let newString = “\(lock)\(key)” // concatenate the two strings
let newKey = MD5(newString). // create auth_key
let postString = ("key=\(newKey),support_emulation=1")
let postData = postString.data(using: String.Encoding.utf8, allowLossyConversion: true)
let request : NSMutableURLRequest = NSMutableURLRequest(url: URL(string: “http://content.xxxxxxxx.com/?/wlmapi/2.0/json/auth")!)
request.httpMethod = “POST"
request.httpBody = postData
otiWebview.loadRequest((request as NSMutableURLRequest) as URLRequest)
This generates an error: "success" :0, "ERROR_CODE" :65537, "ERROR" : "Access denied - Invalid authentication"
3) Run request with url:
http://content.xxxxxxxx.com/?/wlmapi/2.0/json/members
Not run yet.
Solved it! The above scheme is basically correct, just had to add
let newKey = MD5(newString).lowercased()
I am trying to access update profile api of twitter. But its giving error.
let conn = WebserviceConnectionManager(serviceTokenId: "Twitter profile")
let url = NSURL(string: "https://api.twitter.com/1.1/account/update_profile.json")
let request = NSMutableURLRequest(URL: url!)
request.HTTPMethod = "POST"
let oAuthToken = FHSTwitterEngine.sharedEngine().accessToken.key
let oAuthTokenSecret = FHSTwitterEngine.sharedEngine().accessToken.secret
request.addValue(oAuthToken, forHTTPHeaderField:"oauth_token")
request.addValue(oAuthTokenSecret, forHTTPHeaderField:"oauth_token_secret")
conn.delegate = self
conn.startConnection(request)
Callback method gives me following error:
errors = (
{
code = 215;
message = "Bad Authentication data.";
}
);
Any help would be highly appreciated.
Since Twitter's API 1.1 does not allow access without authentication, because you have to use access tokens and secret keys; all requests must be made with a server-side script.
follow steps here and you will fixed your problem.