Hello there,
Based on the other posts and the POC on github, I’ve developed the following python code to get the access token.
It uses the gnupg python GPG wrapper. (pip3 install gnupg)
It requires your private GPG key, your passphrase and your UUID on the passbolt instance.
Hope it helps…
import gnupg
import os
import time
import json
import requests
import uuid
from datetime import datetime, timedelta
domain = 'https://your-fqdn-instance'
userUUID = 'your user UUID'
secret_pp = 'Your Priv Key GPG passphrase'
#Get JWT Token to access the API
# Return both JWT access token and the refresh token
def getToken():
gpg = gnupg.GPG()
json_data = {
"version": "1.0.0",
"domain": domain,
"verify_token":str( uuid.uuid1()),
"verify_token_expiry":(datetime.now() + timedelta(seconds=2*60)).strftime('%s')
}
passphrase = ""
with open('./passbolt_private.asc', mode='rb') as f:
client_private_key_armored = f.read()
priv_key = gpg.import_keys(client_private_key_armored, passphrase = secret_pp)
pub_key = gpg.import_keys(getVerify())
data = (json.dumps(json_data))
encrypted = gpg.encrypt((data), pub_key.fingerprints, sign=True, always_trust = True, passphrase= secret_pp)
hdr = {'Content-Type': "application/json"}
payload = { 'user_id' : userUUID,'challenge' :str(encrypted)}
url = domain + '/auth/jwt/login.json'
x = requests.post(url,headers= hdr, json = payload)
data = json.loads(x.text)
decrypted = gpg.decrypt(data['body']['challenge'] )
jwt_token = json.loads(str(decrypted))['access_token']
refresh_token = json.loads(str(decrypted))['refresh_token']
return jwt_token,refresh_token
#To get the Public Key of the Passbolt Server
def getVerify():
url = domain + '/auth/verify.json'
x = requests.get(url, verify=False)
return json.loads(x.text)['body']['keydata']
def main():
a,r = getToken(password)
print(a)
if __name__ == "__main__":
main()