REST API's, JSON Web Tokens & Hash Algorithms
Mark Wieder
ahsoftware at sonic.net
Tue Nov 12 17:06:33 EST 2019
On 11/12/19 6:23 AM, Bleiler, Timothy via use-livecode wrote:
> Hi,
>
> I’ve seen some great presentations in the last few years from the conferences and Livecode Global sessions using Livecode to access REST API’s from web services, so I’m hoping someone can help me out here.
>
> I need to access a web service (Box.com<http://Box.com>) from my Livecode app using JSON web tokens.
> The service documentation states that they only support RS256, RS384, and RS512 for hashing the signature in the token. Unfortunately, in the 139 options and variations listed by the Livecode CipherNames function I don’t see these.
>
> Have I missed or misunderstood something or am I out of luck for using Livecode for this task?
Box integration has been on my back burner for a while now, so I'll be
very much interested in what you come up with here.
Are you referring to the authorization step for the Box api?
If so, this might help... this should be a one-time thing, so I would
just do this once at the command line by hand and then grab the existing
key with LiveCode.
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
That will give you both the private and public keys to pass to the Box api.
--
Mark Wieder
ahsoftware at gmail.com
More information about the use-livecode
mailing list