DocuSign JWT 身份验证：意外的 PEM 类型

Question

由于错误，我无法使用 DocuSign 的 OAuth JWT 进行身份验证Unexpected PEM Type。我正在使用他们的 Nuget 包 2.2.0。如果我更改为 2.1.10 并稍微调整我的代码，我会收到此错误

Error calling Login: {
    "errorCode": "PARTNER_AUTHENTICATION_FAILED",
    "message": "The specified Integrator Key was not found or is disabled. An Integrator key was not specified."
}

我只有一个沙盒帐户，我已经创建了一个集成商密钥。我的重定向 uri 是https://docusign.com，我创建了一个 RSA 密钥对，我将私钥保存在 PEM 文件中。

我正在按照此处的说明进行操作https://github.com/docusign/docusign-csharp-client/blob/master/README.md但在线上引发了异常OAuth.OAuthToken tokenInfo = apiClient.ConfigureJwtAuthorizationFlowByKey(integratorKey, userId, oauthBasePath, privateKey, expiresInHours);

我还使用 url 授予了对 JWT 的访问权限https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=<integrator-key>&redirect_uri=https://docusign.com。

string userId = "e1f43c1a-2546-4317-85a9-cea367f8f92c";
string oauthBasePath = "account-d.docusign.net";
string integratorKey = "<integrator-key>";
string privateKey = @"C:\Users\me\privateKey.pem";
int expiresInHours = 1;
string host = "https://demo.docusign.net/restapi";

Answer 1

不管出于什么原因，将userId、oauthBasePath、integratorKey、privateKey和全部放在一个新类中是有效的。expiresInHourshost

我还必须传递 PEM 文件的内容而不是文件路径。

 public class FooConfig
{
    public string Host { get; set; }

    public string IntegratorKey { get; set; }

    public string UserId { get; set; }

    public string OAuthBasePath { get; set; }

    public string PrivateKeyFilename { get; set; }

    public int ExpiresInHours { get; set; }

    public ApiClient ApiClient { get; set; }

    public FooConfig()
    {
        this.UserId = "e1f43c1a-2546-4317-85a9-cea367f8f92c";
        this.OAuthBasePath = "account-d.docusign.com";
        this.IntegratorKey = "<integrator-key>";
        this.PrivateKeyFilename = @"C:\Users\me\privateKey.pem";
        this.ExpiresInHours = 1;
        this.Host = "https://demo.docusign.net/restapi";
    }
}


///////////////////////////////////////////////////////////////////////////////////////

FooConfig testConfig = new FooConfig();
testConfig.ApiClient = new ApiClient(testConfig.Host);

// If this is the first time logging in - Get Consent from the user - this is a onetime step.
Uri oauthURI = testConfig.ApiClient.GetAuthorizationUri(testConfig.IntegratorKey, scopes, "https://docusign.com", OAuth.CODE, "testState");
Process.Start(oauthURI.ToString());

string key = File.ReadAllText(testConfig.PrivateKeyFilename);
OAuth.OAuthToken tokenInfo = testConfig.ApiClient.ConfigureJwtAuthorizationFlowByKey(testConfig.IntegratorKey, testConfig.UserId, testConfig.OAuthBasePath, key, testConfig.ExpiresInHours);