Generate token from javascript client

SIVAM.P · September 21, 2016, 7:08am

Hi,

I ran into cross domain issues when using jquery ajax method to generate an access token.
I got below error using jsonp.Moreover i don’t think POST method and custom headers are possible with jsonp.

Failed to load resource: the server responded with a status of 404 (Not Found)

https://services.poynt.net/token?callback=jQuery111109397320797222035_1474441361038&{"grantType":"urn:ietf:params:oauth:grant-type:jwt-bearer","assertion":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NzQ1Mjc3NjIsImlhdCI6MTQ3NDQ0MTM2MiwiaXNzIjoidXJuOmFpZDo1MmYzMGUwMC1iMDAwLTQ2N2YtOTQ5MC0xNjU1MWI0NjJmMjQiLCJzdWIiOiJ1cm46YWlkOjUyZjMwZTAwLWIwMDAtNDY3Zi05NDkwLTE2NTUxYjQ2MmYyNCIsImF1ZCI6Imh0dHBzOi8vc2VydmljZXMucG95bnQubmV0IiwianRpIjoiMzlmZTRkZGQtMjUxNC00ZTNlLTllYWMtY2IyODMyZjNkMTZkIn0.NrcsF_EtCFbh96DUkmPW9Gq4pkDwJ9XpwrCpqKfaRyKz-GKBN02TkcqwF6cTOh6OoE885yvYj97X2hWeK8vx02A174d-Qbc4ArS4hX7uZficr-9i9ejKNuBl8DI3bIZC988LXwd2EQ988yd74neBr_4hIxxhPtSSC6p-zAd9tVlfuCnIzYNal37-esXUaAW4kzPbTL2a_0pOC1mHoD7G2J-zzRjjuy88Pa13fkfrZpmPNiVOGwmUqTu1U1RRWH3EXa3MmmR8_3fyzzgV_npRheMWZ6gAXN9sljsXDZA4gkuTMMIVtsQfznYfV86KUFZWrQ5DCOXQtUz8G0qZtIGQ"}&_=1474441361039

Following is my code

                var appId = 'urn:aid:52f30e00-b000-467f-9490-16551b462f24';
                var oHeader = { alg: 'RS256', typ: 'JWT' };
                
                var oPayload = {};
                var tNow = KJUR.jws.IntDate.get('now');
                var tEnd = KJUR.jws.IntDate.get('now + 1day');

                oPayload.exp = tEnd;
                oPayload.iat = tNow;
                oPayload.iss = appId;
                oPayload.sub = appId;
                oPayload.aud = "https://services.poynt.net";
                oPayload.jti = generateUUID();
                var keyObj = KEYUTIL.getHexFromPEM(keyPrivate);
              
                var sHeader = JSON.stringify(oHeader);
                var sPayload = JSON.stringify(oPayload);

               

                var sJWT = KJUR.jws.JWS.sign("RS256", sHeader, sPayload, keyPrivate);
                alert(sJWT);

                var encodedJWT = sJWT;
                var params = { 'grantType': 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion': encodedJWT }


                $.ajax({
                    type: "POST",
                    url: "https://services.poynt.net/token",
                    data: JSON.stringify(params),
                    contentType: "application/json; charset=utf-8",
                    dataType: "jsonp",                        
                    success: function (data) {
                        alert(data);
                    },
                    error: function (e) {
                        alert(e);
                    },
                    headers: {
                        "api-version": "1.2"
                    }
                });

How am I supposed to access poynt cloud api methods from my javascript client.

Regards,

Shibin

dennis · September 21, 2016, 4:43pm

Hi Shibin,

Our API services are not meant to be consumed from a web client therefore we do not support CORS requests.

SIVAM.P · September 21, 2016, 6:33pm

Hi Dennis,

Do you have sample code for generating access token from a .net C# client?

dennis · September 21, 2016, 10:05pm

I don’t have a C# example, but here’s Java: How to generate JWT token in Android? in case you can port it to C#.

SIVAM.P · September 22, 2016, 12:27pm

Hi Dennis,

I got the following error
The underlying connection was closed: An unexpected error occurred on a send.

@ response = (HttpWebResponse)request.GetResponse();

Please find my code below.

        HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://services.poynt.net/token");
        request.Method = "POST";           
        request.ContentType = "application/x-www-form-urlencoded";
        request.KeepAlive = false;
        request.ServicePoint.Expect100Continue = false;
                    
        request.Headers.Add("api-version: 1.2");
        request.Headers.Add("Poynt-Request-Id:" + Guid.NewGuid().ToString());

        string postData = "grantType=urn:ietf:params:oauth:grant-type:jwt-bearer";
        postData += "&assertion="xxxxxxx JWT Token xxxxxxxxxx";

                                
        ASCIIEncoding encoding = new ASCIIEncoding();
        byte[] bytData = encoding.GetBytes(postData);

        request.ContentLength = bytData.Length;
        
        using (Stream reqStream = request.GetRequestStream())
        {
            reqStream.Write(bytData, 0, bytData.Length);
        }
        

        HttpWebResponse response = (HttpWebResponse)request.GetResponse();
        Stream dataStream = response.GetResponseStream();
        StreamReader reader = new StreamReader(dataStream);
        string txtResponse = reader.ReadToEnd();

I have tried the resolutions mentioned in https://support.microsoft.com/en-us/kb/915599

dennis · September 22, 2016, 11:50pm

Please log poynt-request-id and we can look up in our server logs why it failed.

SIVAM.P · September 23, 2016, 2:31pm

86813782-ce04-4a79-ad30-b615d87735ec

dennis · September 24, 2016, 12:44am

I am unable to find this request in our application logs which means that the server closes the connection during a handshake. Our API server only supports TLS 1.2, so please verify that that’s the protocol used by your client.

SIVAM.P · September 26, 2016, 8:07am

Thank you. It is resolved.

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;