Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to do Payload Encryption with the SDK #19

Open
jerryOkafor opened this issue Mar 8, 2019 · 15 comments
Open

How to do Payload Encryption with the SDK #19

jerryOkafor opened this issue Mar 8, 2019 · 15 comments

Comments

@jerryOkafor
Copy link

I am working on a project that uses the SDK, I have followed the guide on the Readme.md and when I make a call, I get Invalid credentials. I am thinking it is because of the payload encryption as stated here: https://portal.hyperwallet.com/docs/api/v3/overview/payload-encryption. When I informed my boss, he sent this link: https://github.com/hyperwallet/node-sdk/blob/master/test/utils/ApiClient.spec.js#L220. My confusion is this, the entire doc does not show how you can add encryption to the request that you make seamlessly. I don't know if anyone has done that before.
@jerryOkafor
Copy link
Author

jerryOkafor commented Mar 8, 2019
edited
Loading

I see this param in the src: @param {Object} [config.encryptionData] - The JSON object of encryption data What is encrptionData?

@wmews-hw
Copy link
Collaborator

Hi @jerryOkafor

Sorry for the delay. See if this example helps you:

var encryptionData = {
     clientPrivateKeySetPath : EncryptionConfig.CLIENT_PRIVATE_KEYSET_PATH,
     hyperwalletKeySetPath : EncryptionConfig.HYPERWALLET_KEYSET_PATH
};

var client = new Hyperwallet({
    username: username,
    password: password,
    programToken: programToken,
    encryptionData: encryptionData
});

client.getBankAccountStatusTransition(userToken, bankAccountToken, statusTransitionToken, (error, body, res) -> {
   console.log(res);
});

Also before using encrypted calls by sdk, public jwk set of sdk user must be registered on the Hyperwallet side, without this encryption won’t work

@wmews-hw
Copy link
Collaborator

Btw... thanks for your feedback about our documentation. We are working now finding the gaps and make our integrator's life easier.

@jerryOkafor
Copy link
Author

Thanks for your feedback, I think I am getting close. One more thing, the filed : EncryptionConfig.CLIENT_PRIVATE_KEYSET_PATH is set to https://uat-api.paylution.com/jwkset while CLIENT_PRIVATE_KEYSET_PATH is set to /app/layer7/private-jwkset. I am still confused on how these paths are set. I can not find the specified path /app/layer7/private-jwkset in the example Here.

@wmews-hw
Copy link
Collaborator

wmews-hw commented Mar 13, 2019
edited
Loading

CLIENT_PRIVATE_KEYSET_PATH - is the path where your private jwk keys set is located( it can be path to file or URL). The file located on /app/layer7/private-jwkset at github is encrypted because it contains private keys, so you can’t view it. In this example CLIENT_PRIVATE_KEYSET_PATH must be set with user’s own private jwk set, that can be easily generated. And the public part of that generated jwk set must be registered (you may contact our team to do it for you) at Hyperwallet side along with the REST user with which you make REST calls.

HYPERWALLET_KEYSET_PATH - is the location of Hyperwallet public jwk keys set. For example: https://uat-api.paylution.com/jwkset

@jerryOkafor
Copy link
Author

@wmews-hw thanks for your support. I have tried to generate the jwkset using the following command : openssl x509 -in certificate.pem -pubkey -noout and tool : https://russelldavies.github.io/jwk-creator/. I hope I am in the right direction. If not, I would appreciate it if you can give me any definitive guide on how to generate and use this key.

@jerryOkafor
Copy link
Author

@wmews-hw after weeks of trial, I have succeeded in doing payload encryption using the jwkset in this repo for testing purposes. Another issue showed up :
[ { "message": "Invalid Content-Type specified in Response Header" } ]
What could be the reason for such an error?

Thanks in advance.

@wmews-hw
Copy link
Collaborator

wmews-hw commented Mar 22, 2019
edited
Loading

@jerryOkafor could you confirm if it is related to this issue: #16
We didn't release it yet, but if so I will prioritize it. Please let me know.

@jerryOkafor
Copy link
Author

@wmews-hw I have confirmed, it does not relate to the above issue. I am still experiencing the issue at the moment.

@wmews-hw
Copy link
Collaborator

@jerryOkafor We will need more information to be able to reproduce this issue. Could you please give us a example how your request looks like?

@jerryOkafor
Copy link
Author

@wmews-hw I will give you access to the local test app so that you can run it and see the response.

@wmews-hw
Copy link
Collaborator

wmews-hw commented Apr 9, 2019

@jerryOkafor A new version of our sdk was released. Could you please confirm whether it fix or not the issue you've reported?
https://www.npmjs.com/package/hyperwallet-sdk/v/1.3.1

@jerryOkafor
Copy link
Author

jerryOkafor commented Apr 18, 2019
edited
Loading

ok, I will do that @wmews-hw. Thanks for your assistance.

@Marcin-TA
Copy link

@wmews-hw I have a similar problem with Encryption and there is nothing said in the Hyperwallet documentation. Could you explain how to generate these private and public keys? I reckon it's easy when you know what you do :) Do I need server private key and based on this can I generate keys?

@Marcin-TA
Copy link

@jerryOkafor Could your guide on how to generate and use this key?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jerryOkafor @wmews-hw @Marcin-TA