我需要为 Store Connect API 生成 JWT 令牌。这是我的令牌生成代码:console.log("🏃 appStoreConnectAPIFromNode.js running 🏃")const fs = require('fs');const jwt = require('jsonwebtoken'); // npm i jsonwebtoken// You get privateKey, apiKeyId and issuerId from your Apple App Store Connect accountconst privateKey = fs.readFileSync("./AuthKey-XXXXXXXX.p8") // this is the file you can only download once and should treat like a real, very precious key.const apiKeyId = "XXXXXXXX"const issuerId = "XXXXXXXX-XXXX-XXXX-XXX-XXXXXXXXXX"let now = Math.round((new Date()).getTime() / 1000); // Notice the /1000 let nowPlus20 = now + 1199 // 1200 === 20 minuteslet payload = { "iss": issuerId, "exp": nowPlus20, "aud": "appstoreconnect-v1", "iat": now}let signOptions = { "algorithm": "ES256", // you must use this algorythm, not jsonwebtoken's default header : { "alg": "ES256", "kid": apiKeyId, "typ": "JWT" }};let token = jwt.sign(payload, privateKey, signOptions);console.log('@token: ', token);fs.writeFile('Output.txt', token, (err) => { // In case of a error throw err. if (err) throw err; })我收到了这个回复 "errors": [{ "status": "401", "code": "NOT_AUTHORIZED", "title": "Authentication credentials are missing or invalid.", "detail": "Provide a properly configured and signed bearer token, and make sure that it has not expired. Learn more about Generating Tokens for API Requests https://developer.apple.com/go/?id=api-generating-tokens" }]我认为问题在于令牌(直接带有签名)。当我尝试在https://jwt.io/#debugger-io上解码令牌时,我的有效负载和标头已正确解码。状态:签名无效我做错了什么?有什么想法如何正确地做到这一点吗?
4 回答
绝地无双
TA贡献1946条经验 获得超4个赞
我也遇到这个问题,我和队友解决了。。。。。
解决方案:
删除有效负载中的“iat”(这很重要):像这样,
let payload = {
iss: *******,
exp: *******,
aud: "appstoreconnect-v1",
bid: "your_bundle_id",
};
网址:我用的是axios:
const { data } = await axios({
method: "GET",
url: "https://api.storekit.itunes.apple.com/inApps/v1/history/",
headers: {
"Content-type": "application/json",
Authorization: `Bearer ${token}`,
},
});
res.json(data);
慕标5832272
TA贡献1966条经验 获得超4个赞
我最近也需要解决这个问题,在学习了很多教程之后,这些教程经常给出应用程序商店连接 api 的错误答案。我找到了一种让它发挥作用的方法。我在 Java 中就是这样做的。
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.interfaces.ECPrivateKey;
import java.security.KeyFactory;
import java.io.FileReader;
import java.util.Base64;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
// The code is like this so try it in whatever method you want,
// break it up into pieces so it's a bit more readable
// These variables are the minimum you should need
String keyFile = "/path/to/app_store_AuthKey_XXXX.p8";
// The XXXX is the same XXXX from the keyFile filename itself
String keyId = "XXXX";
String issuerId = "1234-1234-1234-1234-1234";
FileReader kfReader = new FileReader(keyFile);
PEMParser pemParser = new PEMParser(kfReader);
PrivateKeyInfo info = (PrivateKeyInfo) pemParser.readObject();
byte[] pkData = info.getEncoded();
// Convert the PrivateKeyInfo object to a PKCS8EncodedKeySpec object
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkData);
KeyFactory keyFactory = KeyFactory.getInstance("EC");
ECPrivateKey privateKey = (ECPrivateKey) keyFactory.generatePrivate(keySpec);
Algorithm algorithm = Algorithm.ECDSA256(null, privateKey);
Instant expiration = Instant.now().plus(TIMEOUT_MINUTES, ChronoUnit.MINUTES);
return JWT.create()
.withKeyId(keyId)
.withIssuer(issuerId)
.withExpiresAt(expiration)
.withAudience("appstoreconnect-v1")
.sign(algorithm);
Helenr
TA贡献1780条经验 获得超3个赞
我试图解决我自己的问题,即使用 JWT 连接到 Apple Music API,我在您的有效负载中注意到了两件事。首先,您将 1200 添加到 IAT 中,修复了我的问题,所以谢谢您。第二个是函数现在返回一个浮点数。我认为 API 需要一个 int。我会尝试"iat": parseInt(now)或者now = Math.floor(new Date().getTime() / 1000)
呼啦一阵风
TA贡献1802条经验 获得超6个赞
根据jsonwebtoken使用说明。options您可以直接在空负载上使用,如下所示:
let signOptions = {
issuer: issuerId,
keyid: apiKeyId,
expiresIn: '20m',
audience: 'appstoreconnect-v1',
algorithm: 'ES256'
};
let token = jwt.sign({}, privateKey, signOptions);
添加回答
举报
0/150
提交
取消