Im using the chilkat plugin so it does all that heavy lifting.
// INSTANTIATE OBJECT Var jwt As New Chilkat.Jwt// Build the JOSE header Var jose As New Chilkat.JsonObject// SET ALGORITHM Var success As Boolean success = jose.AppendString("typ","JWT") success = jose.AppendString("alg","HS256")// BUILD CLAIMS Var claims As New Chilkat.JsonObject success = claims.AppendString("secret", secretStr) success = claims.AppendString("iss", issStr) Var strJwt As String = jwt.CreateJwt(jose.Emit(),claims.Emit(), secretStr)// DEBUG TO STDOUT System.DebugLog(jose.Emit()) System.DebugLog("Claims JSON String: " + claims.Emit()) System.DebugLog("JSON String: " + strJwt)Return strJwt
JWT doesnāt ask for authenticationā¦ it just expects it in the header.
As mentioned in my thread, try putting a trailing slash on your request and see if that makes a difference.
In case youāre wondering how I noticed it, I actually ended up tailing the apache log file after making a configuration edit that included more infoā¦ it wasnāt until I saw the requests from Xojo and Postman on top of each other that I realized that one had a trailing slash and one didnāt.
Thanks I just saw that. Trying that also. -> I donāt have any trailing slashes in my POST URL. Thanks @Kristin_Green for the idea as this must be something else.
I found that JWT server I used spat back the same āAuthentication credentials were not provided.ā error even though the issue had nothing to do with authentication. So, donāt trust the error message.
I also found that some clients automatically inserted a trailing slash in the background so it wasnāt immediately obvious.
Is the server under your control or is it someone elseās? If itās yours, Iād be interested to know what youāre using.
Its under our Devās control (My), but I did find my issue - and I hate I wasted some of your time, but fortunately it was a dumb white space char I missed in my copy/paste w/ my secret.
Somewhere between my broken code and fixed code I inserted it
Thank you very much @DerkJand@Kristin_Green ā I appreciate the help.
FYI - Here is the feedback case to have Xojo expose the header / content to us in the URLConnection object similar to how HTTPSecureSocket allows us to view the header / content prior to post.
Unfortunately that may not be possible. URLConnection uses system libraries to make the requests. HTTPSecureSocket would create the HTTP request itself, so getting an exact view of the output was possible because it was doing the work anyway. If the system classes donāt expose what would be needed, thereās just no way to satisfy the request. I believe this is the case, as looking over URLSession (which I think URLConnection uses on Mac) I donāt see a way to get what you need. Though I could be wrong, I just took a quick look.
