Cybersource jwt token using p12 file

chrismartin97 · October 21, 2022, 10:10pm

I am trying to create a postman collection for the cybersource APIs. They support 2 authentication schemes. the first is a shared secret http signature model and the second involves creating a jwt token generation using a .p12 certification file.

I was able to use pre-request scripting to get the http signature authentication to work but I’m having trouble with the jwt authentication.

How can I read in the p12 file so that I can create the jwt token?

for reference, here is the example node.js code from cybersource.

github.com

CyberSource/cybersource-rest-samples-node/blob/master/Samples/Authentication/SampleCodes/StandAloneJWT.js

'use strict';

const superagent = require('superagent');
const crypto = require('crypto');

var fs = require('fs');
var forge = require('node-forge');
var Jwt = require('jwt-simple');
var path = require('path');

var requestHost = "apitest.cybersource.com";
var merchantId = "testrest";
var keyPass = "testrest";
var payload = "{" +
		"	\"clientReferenceInformation\": {" +
		"	\"code\": \"TC50171_3\"" +
		"	}," +
		"	\"processingInformation\": {" +
		"	\"commerceIndicator\": \"internet\"" +
		"	}," +

This file has been truncated. show original

Thanks
Chris

chrismartin97 · November 1, 2022, 6:59pm

I got this to work…sort of…I wasn’t able to read the p12 file directly but through a lot of searches I was able to figure out how to extract the public/private keys from the P12 file via OpenSSL and store them in an environment variable. I then used those environment variables along with importing jsrsasign-js through another environment variable to do the necessary RS256 signing of the jwt header.

spacecraft-archite15 · October 10, 2023, 2:17pm

Hi Chris, I am also working with Cybs APIs, can you maybe share the request and environments you created to make this work? I am also stuck in the encryption since I use postman free. Thank you!