php - 需要连接iTunes Connect API,总是显示未授权JWT
问题描述
我正在尝试生成一个令牌来签署我对 iTunes Connect API 的请求。那是我的 PHP 文件:
function encode($data)
{
return str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($data));
}
function sign($data)
{
if (!$key = openssl_pkey_get_private('file://AuthKey_qwerty.p8')) {
throw new \Exception('Failed to read PEM');
}
if (!openssl_sign($data, $signature, $key, OPENSSL_ALGO_SHA256)) {
throw new \Exception('Claims signing failed');
}
return $signature;
}
function create()
{
$header = encode(
json_encode([
'kid' => 'frfc343r4',
'alg' => 'ES256',
'typ' => 'JWT',
])
);
$claims = encode(
json_encode([
'iss' => 'ddd-aaa-bbbb-cccc-ddddd',
'exp' => time() + (20 * 60),
'aud' => 'appstoreconnect-v1',
])
);
$signature = encode(
sign("$header.$claims")
);
return $header . '.' . $claims . '.' . $signature;
}
echo create();
这给出了一个错误,“身份验证凭据丢失或无效。”,App Store Connect API 必须使用 ES256 加密进行签名
解决方案
require_once '../vendor/autoload.php';
use Curl\Curl;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Ecdsa\Sha256;
$signer = new Sha256();
$privateKey = new Key('file://AuthKey_ed2erd424.p8');
$time = time();
$Issuer_ID = "3455355-3535-4f8g-8x2r-3dcfrr43ed33";
$Key_ID = "4DD3R45DT45";
$token = (new Builder())->issuedBy($Issuer_ID)// Configures the issuer (iss claim)
->permittedFor("appstoreconnect-v1")// Configures the audience (aud claim)
//->identifiedBy('XXYYZZ', true)// Configures the id (jti claim), replicating as a header item
->withHeader('kid', $Key_ID)
->withHeader('type', 'JWT')
->withHeader('alg', 'ES256')
->issuedAt($time)// Configures the time that the token was issue (iat claim)
->expiresAt($time + 1200)// Configures the expiration time of the token (exp claim)
->withClaim('uid', 1)// Configures a new claim, called "uid"
->getToken($signer, $privateKey); // Retrieves the generated token
$token->getHeaders(); // Retrieves the token headers
$token->getClaims(); // Retrieves the token claims
$date = $_GET['date'];
$url ='https://api.appstoreconnect.apple.com/v1/salesReports';
$dataArray = array(
'filter[frequency]'=>'DAILY',
'filter[reportDate]'=>$date,
'filter[reportSubType]'=>'SUMMARY',
'filter[reportType]'=>'SALES',
'filter[vendorNumber]'=>'345434463',
'filter[version]'=>'1_0'
);
$ch = curl_init();
$data = http_build_query($dataArray);
$getUrl = $url."?".$data;
$authorization = "Authorization: Bearer ".$token; // Prepare the authorisation token
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json' , $authorization )); // Inject the token into the header
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_URL, $getUrl);
curl_setopt($ch, CURLOPT_TIMEOUT, 80);
$response = curl_exec($ch);
if(curl_error($ch)){
echo 'Request Error:' . curl_error($ch);
}
else
{
// if(!gzdecode($response)){ echo $response; exit; }
$uncompressed = $fp = @gzdecode($response);
if ($uncompressed === false) {
// do something related to error here
echo $response; exit;
}
;
$fp1 = array();
$myArray = [];
$lines = explode(PHP_EOL, $uncompressed);
$l = 0;
foreach($lines as $line) {
if($line == ''){continue;}
if($l == 0){ $myArray[$l] = explode("\t", $line); $l++; continue;}
//explode("\t", $line);
$key =0;
foreach(explode("\t", $line) as $value){
$myArray[$l][$myArray[0][$key]] = $value;
$key++;
}
$fp1[] = $myArray[$l];
$l++;
}
echo json_encode($fp1);
//echo $response;
}
curl_close($ch);
推荐阅读
- eclipse - Eclipse 无法从主机操作系统识别 m2 存储库
- cuda - NVCC unistd.h(792):错误:需要一个标识符
- ios - 如何在 Swift 中隐藏 UITableView?
- object - Access VBA 如何在记录集中查找值,此类对象不支持错误代码“3251”操作
- r - 从 .Rnw 到 .Rmd 的自动转换
- javascript - 加载组件时出现奇怪的错误
- javascript - 在新窗口中打开聊天小部件
- matlab - 向量的不同元素的不同操作
- javascript - 第二次到达页面顶部后触发功能
- python - 在欠定线性系统中找出哪些变量是自由的