我必须通过ColdFusion创建一个Apple Connect API JWT令牌。我找到了jwt。IO库并使用过:
variables.jwtTest = new BB.jwtio.jwt();
variables.token = variables.jwtTest.encode({
'aud': 'appstoreconnect-v1',
'iss': variables.appleConnectAPISetting.IssuerID,
'iat': variables.timestampNowUTC,
'exp': variables.timestampExpUTC
},
variables.appleConnectAPISetting.PrivateKey,
'ES256',
{
'kid': variables.appleConnectAPISetting.KeyID
});
writeDump(variables.token);
但是他创建的令牌没有工作。我尝试如下代码:
variables.timestampNowUTC = dateDiff("s", CreateDate(1970,1,1), dateConvert('local2Utc', now()));
variables.timestampExpUTC = dateDiff("s", CreateDate(1970,1,1), dateConvert('local2Utc', dateAdd('n', 10, now())));
//generate jwt
variables.jwt_header = {
'alg': 'ES256',
'typ': 'JWT',
'kid': variables.appleConnectAPISetting.KeyID
};
variables.jwt_header = serializeJSON(variables.jwt_header);
variables.jwt_header = toBase64(variables.jwt_header);
variables.jwt_claim = {
'aud': 'appstoreconnect-v1',
'iss': variables.appleConnectAPISetting.IssuerID,
'iat': variables.timestampNowUTC,
'exp': variables.timestampExpUTC
};
variables.jwt_claim = serializeJSON(variables.jwt_claim);
variables.jwt_claim = toBase64(variables.jwt_claim);
variables.jwt = variables.jwt_header & '.' & variables.jwt_claim;
//sign jwt
variables.keyText = reReplace( variables.appleConnectAPISetting.PrivateKey, "-----(BEGIN|END)[^rn]+", "", "all" );
variables.keyText = trim( variables.keyText );
variables.privateKeySpec = createObject( "java", "java.security.spec.PKCS8EncodedKeySpec" )
.init(binaryDecode(variables.keyText, "base64"));
variables.privateKey = createObject( "java", "java.security.KeyFactory" )
.getInstance("EC")
.generatePrivate(variables.privateKeySpec);
variables.signer = createObject( "java", "java.security.Signature" )
.getInstance("SHA256withECDSA");
variables.signer.initSign( variables.privateKey );
variables.signer.update( charsetDecode( variables.jwt, "utf-8" ) );
variables.signedBytes = signer.sign();
variables.signedBase64 = toBase64(signedBytes);
variables.token = variables.jwt & '.' & variables.signedBase64;
writeDump(variables.token);
我已经尝试了这些令牌的正宗苹果连接api,但他们没有工作。你知道吗?
我在这里使用了一个jwt CFC:https://github.com/jcberquist/jwt-cfml
苹果的文档在这里:https://developer.apple.com/documentation/appstoreserverapi/generating_tokens_for_api_requests
这个函数为我工作:
<cffunction name="createAPIToken" output="No">
<cfset nonce = createUUID()>
<!--- 'kid' value is private key ID from App Store Connect --->
<cfset tokenHeader = {
"kid":"YOURPRIVATEKEYID"
}>
<!--- iss value: issuer ID from the Keys page in App Store Connect --->
<cfset tokenPayload = {
"iss":"issuer ID from the Keys page in App Store Connect",
"iat":now(),
"exp":dateAdd("n",60,now()),
"aud":"appstoreconnect-v1",
"nonce":"#nonce#",
"bid":"Your app’s bundle ID"
}>
<cfset jwt = createobject("component","path.to.jwt").init()>
<cfset token = jwt.encode(tokenPayload, YourAppStoreConnectPrivateKey, 'ES256',tokenHeader)>
<cfreturn token>
</cffunction>