How to do Payload Encryption with the SDK

[jerryOkafor]

I am working on a project that uses the SDK, I have followed the guide on the Readme.md and when I make a call, I get Invalid credentials. I am thinking it is because of the payload encryption as stated here: https://portal.hyperwallet.com/docs/api/v3/overview/payload-encryption. When I informed my boss, he sent this link: https://github.com/hyperwallet/node-sdk/blob/master/test/utils/ApiClient.spec.js#L220. My confusion is this, the entire doc does not show how you can add encryption to the request that you make seamlessly. I don't know if anyone has done that before.

[jerryOkafor]

I see this param in the src: @param {Object} [config.encryptionData] - The JSON object of encryption data What is encrptionData?

[wmews-hw]

Hi @jerryOkafor

Sorry for the delay. See if this example helps you:

var encryptionData = {
     clientPrivateKeySetPath : EncryptionConfig.CLIENT_PRIVATE_KEYSET_PATH,
     hyperwalletKeySetPath : EncryptionConfig.HYPERWALLET_KEYSET_PATH
};

var client = new Hyperwallet({
    username: username,
    password: password,
    programToken: programToken,
    encryptionData: encryptionData
});

client.getBankAccountStatusTransition(userToken, bankAccountToken, statusTransitionToken, (error, body, res) -> {
   console.log(res);
});

Also before using encrypted calls by sdk, public jwk set of sdk user must be registered on the Hyperwallet side, without this encryption won’t work

[wmews-hw]

Btw... thanks for your feedback about our documentation. We are working now finding the gaps and make our integrator's life easier.

[jerryOkafor]

Thanks for your feedback, I think I am getting close. One more thing, the filed : EncryptionConfig.CLIENT_PRIVATE_KEYSET_PATH is set to https://uat-api.paylution.com/jwkset while CLIENT_PRIVATE_KEYSET_PATH is set to /app/layer7/private-jwkset. I am still confused on how these paths are set. I can not find the specified path /app/layer7/private-jwkset in the example Here.

[wmews-hw]

CLIENT_PRIVATE_KEYSET_PATH - is the path where your private jwk keys set is located( it can be path to file or URL). The file located on /app/layer7/private-jwkset at github is encrypted because it contains private keys, so you can’t view it. In this example CLIENT_PRIVATE_KEYSET_PATH must be set with user’s own private jwk set, that can be easily generated. And the public part of that generated jwk set must be registered (you may contact our team to do it for you) at Hyperwallet side along with the REST user with which you make REST calls.

HYPERWALLET_KEYSET_PATH - is the location of Hyperwallet public jwk keys set. For example: https://uat-api.paylution.com/jwkset

[jerryOkafor]

@wmews-hw thanks for your support. I have tried to generate the jwkset using the following command : openssl x509 -in certificate.pem -pubkey -noout and tool : https://russelldavies.github.io/jwk-creator/. I hope I am in the right direction. If not, I would appreciate it if you can give me any definitive guide on how to generate and use this key.

[jerryOkafor]

@wmews-hw after weeks of trial, I have succeeded in doing payload encryption using the jwkset in this repo for testing purposes. Another issue showed up :
[ { "message": "Invalid Content-Type specified in Response Header" } ]
What could be the reason for such an error?

Thanks in advance.

[wmews-hw]

@jerryOkafor could you confirm if it is related to this issue: #16
We didn't release it yet, but if so I will prioritize it. Please let me know.

[jerryOkafor]

@wmews-hw I have confirmed, it does not relate to the above issue. I am still experiencing the issue at the moment.

[wmews-hw]

@jerryOkafor We will need more information to be able to reproduce this issue. Could you please give us a example how your request looks like?

[jerryOkafor]

@wmews-hw I will give you access to the local test app so that you can run it and see the response.

[wmews-hw]

@jerryOkafor A new version of our sdk was released. Could you please confirm whether it fix or not the issue you've reported?
https://www.npmjs.com/package/hyperwallet-sdk/v/1.3.1

[jerryOkafor]

ok, I will do that @wmews-hw. Thanks for your assistance.

[Marcin-TA]

@wmews-hw I have a similar problem with Encryption and there is nothing said in the Hyperwallet documentation. Could you explain how to generate these private and public keys? I reckon it's easy when you know what you do :) Do I need server private key and based on this can I generate keys?

[Marcin-TA]

@jerryOkafor Could your guide on how to generate and use this key?