cancel
Showing results for 
Search instead for 
Did you mean: 

Azure Function - Generate JWT token for Google Auth api

VS
Level 2

I am trying to generate JWT token using below token and its generating as well but am get below error while making an actual google api call using the generated JWT.
Actual Code below :

{
               string privateKeyPem = "testkeyfgdfa";
                byte[] privateKeyRaw = Convert.FromBase64String(privateKeyPem);
                // creating the RSA key 
                RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
                provider.ImportPkcs8PrivateKey(new ReadOnlySpan<byte>(privateKeyRaw), out _);
                RsaSecurityKey rsaSecurityKey = new RsaSecurityKey(provider);
                // Generating the token 
                var now = DateTime.UtcNow;
                var claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Sub, "645564"),
                    new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
                };
                var handler = new JwtSecurityTokenHandler();
                var token = new JwtSecurityToken
                (
                    "645564",
                    "https://www.googleapis.com/oauth2/v4/token",
                    claims,
                    now.AddMilliseconds(-30),
                    now.AddMinutes(60),
                    new SigningCredentials(rsaSecurityKey, SecurityAlgorithms.RsaSha256)
                );
                
                // handler.WriteToken(token) returns the token.
                Console.WriteLine( handler.WriteToken(token) );
}

Getting below error while making call to google API
{
    "error""invalid_scope",
    "error_description""Invalid OAuth scope or ID token audience provided."
}

My question is how to add scope ? cannot find a way to do this...
Appreciate your help and suggestions


------------------------------
V S
------------------------------
2 REPLIES 2

BenoitCayla
Staff
Staff

Hi V S.
Unfortunately this is the wrong community, can you post your question in the "Digital Exchange Community" instead ?
Many thanks.



------------------------------
Benoit Cayla
Solution Consultant / AI Analyst
BLUEPRISM
Europe/Paris
------------------------------

ewilson
Staff
Staff

@VS 

As Benoit mentioned, this question is better suited to the DX community. With that said, have you taken a look at the Google Cloud Authentication VBO available on the Digital Exchange? 

https://digitalexchange.blueprism.com/dx/entry/9648/solution/google-cloud---authentication

Cheers,



------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------