Error parsing private key for Box Developer Edition

Hi,

I tried to get BoxDeveloperEditionAPIConnection using a stand alone java

String privateKey = new String(Files.readAllBytes(Paths.get(PRIVATE_KEY_FILE)));

JWTEncryptionPreferences encryptionPref = new JWTEncryptionPreferences();
encryptionPref.setPublicKeyID(PUBLIC_KEY_ID);
encryptionPref.setPrivateKey(privateKey);
encryptionPref.setPrivateKeyPassword(PRIVATE_KEY_PASSWORD);
encryptionPref.setEncryptionAlgorithm(EncryptionAlgorithm.RSA_SHA_256);

//It is a best practice to use an access token cache to prevent unneeded requests to Box for access tokens.
//For production applications it is recommended to use a distributed cache like Memcached or Redis, and to
//implement IAccessTokenCache to store and retrieve access tokens appropriately for your environment.
IAccessTokenCache accessTokenCache = new InMemoryLRUAccessTokenCache(MAX_CACHE_ENTRIES);

api = BoxDeveloperEditionAPIConnection.getAppUserConnection(USER_ID, CLIENT_ID,
CLIENT_SECRET, encryptionPref, accessTokenCache);

I am getting the below exception, Please help me if you come across this exception.

com.box.sdk.BoxAPIException: Error parsing private key for Box Developer Edition.
at com.box.sdk.BoxDeveloperEditionAPIConnection.decryptPrivateKey(BoxDeveloperEditionAPIConnection.java:379)
at com.box.sdk.BoxDeveloperEditionAPIConnection.constructJWTAssertion(BoxDeveloperEditionAPIConnection.java:327)
at com.box.sdk.BoxDeveloperEditionAPIConnection.authenticate(BoxDeveloperEditionAPIConnection.java:237)
at com.box.sdk.BoxDeveloperEditionAPIConnection.tryRestoreUsingAccessTokenCache(BoxDeveloperEditionAPIConnection.java:305)
at com.box.sdk.BoxDeveloperEditionAPIConnection.getAppUserConnection(BoxDeveloperEditionAPIConnection.java:212)
at com.fig.box.SearchExamplesAsAppUser.main(SearchExamplesAsAppUser.java:59)
Caused by: org.bouncycastle.openssl.EncryptionException: exception using cipher - please check password and data.
at org.bouncycastle.openssl.jcajce.PEMUtilities.crypt(Unknown Source)
at org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder$1$1.decrypt(Unknown Source)
at org.bouncycastle.openssl.PEMEncryptedKeyPair.decryptKeyPair(Unknown Source)
at com.box.sdk.BoxDeveloperEditionAPIConnection.decryptPrivateKey(BoxDeveloperEditionAPIConnection.java:373)
... 5 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.a(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
... 9 more

Page 1 / 1

did you put the jce files in java/jre/lib/security?

http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters

Thank you for the quick help.

I tried with the JCE but didn't work, with the link you provided I realised that i need to use JCE from IBM since I am using the IBM JRE for running.When I use the IBM JCE files it worked.

Thanks

Chandra

Hi Ken,

Now i am getting the below exception when it tries to authenticate.

com.box.sdk.BoxAPIException: The API returned an error code: 400
at com.box.sdk.BoxAPIResponse.(BoxAPIResponse.java:70)
at com.box.sdk.BoxJSONResponse.(BoxJSONResponse.java:30)
at com.box.sdk.BoxAPIRequest.trySend(BoxAPIRequest.java:423)
at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:209)
at com.box.sdk.BoxAPIRequest.send(BoxAPIRequest.java:184)
at com.box.sdk.BoxDeveloperEditionAPIConnection.authenticate(BoxDeveloperEditionAPIConnection.java:245)

I have set the required scope in for my box application. I am using the enterprise account to connect to.

Please help me wher could be the mistake.

Thanks

Chandra

Yes I got this error too.

If you set a breakpoint in your code and drill down, you can capture what goes across the wire. I captured the call and put it in postman and ran it and got the real error.

The solution was 's https://community.box.com/t5/Developer-Forum/Current-date-time-MUST-be-before-the-expiration-date-time-listed/m-p/17929#M392

Hi Ken,

Thanks for the solution, After troubleshooting with the postman, this is the response from the /token endpoint

This app is not authorized by the enterprise admin.

I am not able to see authorise button for this app, when I locate the app in admin console.

Please advise, how to authorize the app.

Thanks

Chandra

Yes, you're right.

The enterprise admin has to go to admin console -> enterprise settings -> apps -> Authorize App.

I don't think there's any way around this but to talk to your admin.

I also got the same error when I tried with Postman

Request

URL: https://api.box.com/oauth2/token

Method: POST

Body: grant_type, client_id, client_secret, assertion

Response: 400 Bad Request

{
"error": "invalid_grant",
"error_description": "Current date/time MUST be before the expiration date/time listed in the 'exp' claim"
}

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded