REST API's, JSON Web Tokens & Hash Algorithms

Mark Wieder ahsoftware at sonic.net
Tue Nov 12 17:06:33 EST 2019


On 11/12/19 6:23 AM, Bleiler, Timothy via use-livecode wrote:
> Hi,
> 
> I’ve seen some great presentations in the last few years from the conferences and Livecode Global sessions using Livecode to access REST API’s from web services, so I’m hoping someone can help me out here.
> 
> I need to access a web service (Box.com<http://Box.com>) from my Livecode app using JSON web tokens.
> The service  documentation states that they only support RS256, RS384, and RS512 for hashing the signature in the token. Unfortunately, in the 139 options and variations listed by the Livecode CipherNames function I don’t see these.
> 
> Have I missed or misunderstood something or am I out of luck for using Livecode for this task?

Box integration has been on my back burner for a while now, so I'll be 
very much interested in what you come up with here.

Are you referring to the authorization step for the Box api?
If so, this might help... this should be a one-time thing, so I would 
just do this once at the command line by hand and then grab the existing 
key with LiveCode.

ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub

That will give you both the private and public keys to pass to the Box api.

-- 
  Mark Wieder
  ahsoftware at gmail.com



More information about the use-livecode mailing list