Databases
StackOverflow2013
Postsdbo
POForce.com Apex Code to generate Google API oAuth 2.0 JWT
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POForce.com Apex Code to generate Google API oAuth 2.0 JWT
    text
    copied!<p>I am trying to generate a JWT in Apex on Force.com but keep getting a 400 "error" : "invalid_grant". I've tried numerous variations, but just can't get a valid response. My clientEmailAddress is correct (eg ##@developer.gserviceaccount.com). I extracted the value of my Private Key using openSSL. I wrote a method to base64URL encode based on other posts on the board. Any help would be greatly appreciated.</p> <pre><code>public static String base64URLencode(Blob input){ String output = encodingUtil.base64Encode(input); output = output.replace('+', '-'); output = output.replace('/', '_'); while ( output.endsWith('=')){ output = output.subString(0,output.length()-1); } return output; } public static void generateJWT(){ Long rightNow = (dateTime.now().getTime()/1000)+1; JSONGenerator gen = JSON.createGenerator(false); gen.writeStartObject(); gen.writeStringField('iss',clientEmailAddress); gen.writeStringField('scope','https:\\/\\/www.googleapis.com\\/auth\\/prediction'); gen.writeStringField('aud','https:\\/\\/accounts.google.com\\/o\\/oauth2\\/token'); gen.writeNumberField('exp',rightNow+300); gen.writeNumberField('iat',rightNow); String claimSet = gen.getAsString().trim(); String header = '{"alg":"RS256","typ":"JWT"}'; String signatureInput = base64URLencode(blob.valueOf(header))+'.'+base64URLencode(blob.valueOf(claimSet)); Blob signature = crypto.sign('RSA', blob.valueOf(signatureInput), encodingUtil.base64decode(privatekey)); String jwt = signatureInput+'.'+base64URLencode(signature); http h = new http(); httpRequest req = new httpRequest(); req.setHeader('Content-Type','application/x-www-form-urlencoded'); req.setMethod('POST'); req.setBody('grant_type='+encodingUtil.urlEncode('urn:ietf:params:oauth:grant-type:jwt-bearer','UTF-8')+'&amp;assertion='+encodingUtil.urlEncode(jwt,'UTF-8')); req.setEndpoint('https://accounts.google.com/o/oauth2/token'); httpResponse res = h.send(req); } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload