laeggan
May 2, 2020, 1:36am
1
Why doesn’t this work. In PHP 7.3
<?php
define("API_KEY", "my API Key");
define ("API_SECRET", "my AOI Secret");
$header = '{"alg":"HS256","typ":"JWT"}';
$payload = '{"iss":"' . API_KEY . '","exp":' . (time() + 50) . '}';
$signature = hash_hmac("sha256", base64url_encode($header) . "." . base64url_encode($payload), API_SECRET, true);
$token = base64url_encode($header) . "." . base64url_encode($payload) . "." . $signature;
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.zoom.us/v2/users",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"authorization: Bearer " . $token,
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
function base64url_encode($data)
{
// Encode $data to Base64 string
$b64 = base64_encode($data);
// Valid result? Otherwise, return FALSE, as the base64_encode() function does
if ($b64 === false) {
return false;
}
// Convert Base64 to Base64URL by replacing "+" with "-" and "/" with "_"
$url = strtr($b64, '+/', '-_');
// Remove padding character from the end of line and return the Base64URL result
return rtrim($url, '=');
}
function base64url_decode($data, $strict = false)
{
// Convert Base64URL to Base64 by replacing "-" with "+" and "_" with "/"
$b64 = strtr($data, '-_', '+/');
// Decode Base64 string and return the original data
return base64_decode($b64, $strict);
}
?>
samly
May 5, 2020, 4:44pm
2
In your call to hash_hmac, the last argument should be False, not True. Your code generates a proper JWT with that change:
laeggan:
Why doesn’t this work. In PHP 7.3
<?php
define("API_KEY", "my API Key");
define ("API_SECRET", "my AOI Secret");
$header = '{"alg":"HS256","typ":"JWT"}';
$payload = '{"iss":"' . API_KEY . '","exp":' . (time() + 50) . '}';
$signature = hash_hmac("sha256", base64url_encode($header) . "." . base64url_encode($payload), API_SECRET, false);
$token = base64url_encode($header) . "." . base64url_encode($payload) . "." . $signature;
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.zoom.us/v2/users",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"authorization: Bearer " . $token,
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
function base64url_encode($data)
{
// Encode $data to Base64 string
$b64 = base64_encode($data);
// Valid result? Otherwise, return FALSE, as the base64_encode() function does
if ($b64 === false) {
return false;
}
// Convert Base64 to Base64URL by replacing "+" with "-" and "/" with "_"
$url = strtr($b64, '+/', '-_');
// Remove padding character from the end of line and return the Base64URL result
return rtrim($url, '=');
}
function base64url_decode($data, $strict = false)
{
// Convert Base64URL to Base64 by replacing "-" with "+" and "_" with "/"
$b64 = strtr($data, '-_', '+/');
// Decode Base64 string and return the original data
return base64_decode($b64, $strict);
}
?>
1 Like
laeggan
May 6, 2020, 5:23pm
3
It did not work for me with false. I got the error I reported at the beginning of my post.jwt.io packages.
tommy
May 12, 2020, 5:53am
4
Hey @laeggan ,
Can you please private message me your JWT Key and I will take a look?
Thanks,
laeggan
May 12, 2020, 9:08pm
5
Please don’t bother.
1 Like
tommy
May 15, 2020, 10:24pm
6
Happy to hear it’s working!
-Tommy
skodali
June 2, 2020, 2:07am
7
Hello Llyod,
tommy
March 16, 2021, 9:59pm
8
If you are still having this issue, please create a new topic: #api-and-webhooks
Thanks,
