I am trying to establish connection between my Application and DocuSign Sandbox.
I'am using JWT Authorization.
I have Integration key with RSA private key generated.
I have user to impersonate with GUID and consent aquired
I call https://account-d.docusign.com/oauth/token with proper data which response with success and give me back Access token
Everything works well until this moment.
I've downloaded library for PHP "docusign/esign-client"
and used this fragment of code:
$recipientId = uniqid(5);
$clientUserId = uniqid(5);
$document = new Document([
'document_base64' => $base64FileContent,
'name' => 'Application Form',
'file_extension' => 'pdf',
'document_id' => '1'
]);
$signer = new Signer([
'email' => $email,
'name' => $name,
'recipient_id' => $recipientId,
'routing_order' => "1",
'client_user_id' => $clientUserId,
]);
$signHere = new SignHere([
'document_id' => '1', 'page_number' => '3', 'recipient_id' => $recipientId,
'tab_label' => 'SignHereTab', 'x_position' => '195', 'y_position' => '147'
]);
$signer->setTabs(new Tabs(['sign_here_tabs' => [$signHere]]));
$envelopeDefinition = new EnvelopeDefinition([
'email_subject' => "Please sign this document",
'documents' => [$document],
'recipients' => new Recipients(['signers' => [$signer]]),
'status' => "sent"
]);
$config = new Configuration();
$config->setHost('https://demo.docusign.net/restapi');
$config->addDefaultHeader("Authorization", "Bearer " . $accessToken);
$config->setAccessToken($accessToken);
$apiClient = new ApiClient($config);
$envelopeApi = new EnvelopesApi($apiClient);
$results = $envelopeApi->createEnvelope($integrationKey, $envelopeDefinition);
The result is an error (400) comes from API with info:
PARTNER_AUTHENTICATION_FAILED
The specified Integrator Key was not found or is disabled. Invalid account specified for user.
It says integration key is wrong but few lines before I used this integration key to generate Access Token with success.
Do you have any idea whats is going wrong ?
Before JWT integrations, I was using different integration key and access token from OAuth Token Generator and it worked fine (this previous key didn't have RSA generated)
Could you guys help me with that issue ?
If any more informations could help to find a solution just let me know and I will update my post.
Thanks for help.
The issue is in this line
$results = $envelopeApi->createEnvelope($integrationKey, $envelopeDefinition);
The first parameter of the createEnvelope method should be the Account ID, not the integrator key.
After you receive the access token, you can make a UserInfo call and pull the account ID from that.
Related
I'm trying to create a card token by using Braintree with language of PHP
$gateway = new Braintree\Gateway([
'environment' => 'sandbox',
'merchantId' => 'your_merchantId',
'publicKey' => 'publicKey',
'privateKey' => 'privateKey'
]);
$clientToken = $gateway->clientToken()->generate();
$nonce = $gateway->paymentMethodNonce()->create($clientToken, [
'cardNumber' => '2223000048400011',
'expirationMonth' => '05',
'expirationYear' => '2023',
'cvv' => '321'
]);
$cardToken = $nonce->paymentMethodNonce->nonce;
print_r($cardToken);
exit;
In this code, I have replaced my all required key from Braintree.
Then I'm trying to create a card token by the method of payment nonce but am not able to create a token
Please help me or suggest how to create this token.
I try to implement a php client, access a mailbox of a user with graph api. Because it's a background service, which should fetching specific mails attachment, it must run with grant type password.
So far, I got it really easy working make a login with thephpleague/oauth2-client and grant type client_credentials:
$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => '...',
'clientSecret' => '...',
'redirectUri' => 'https://login.microsoftonline.com/common/oauth2/nativeclient',
'urlAuthorize' => null,
'urlAccessToken' => 'https://login.microsoftonline.com/.../oauth2/token?api-version=1.0',
'urlResourceOwnerDetails' => 'https://graph.microsoft.com/v1.0/me',
]);
$accessToken = $provider->getAccessToken('client_credentials');
Now I try it with grant type password, but it fails:
$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => '...',
'clientSecret' => '...',
'redirectUri' => 'https://login.microsoftonline.com/common/oauth2/nativeclient',
'urlAuthorize' => null,
'urlAccessToken' => 'https://login.microsoftonline.com/.../oauth2/token?api-version=1.0',
'urlResourceOwnerDetails' => 'https://graph.microsoft.com/v1.0/me',
]);
$accessToken = $provider->getAccessToken('password', [
'username' => '...',
'password' => '...',
]);
Response I get: invalid_request. Google that error, I come to https://learn.microsoft.com/de-de/azure/active-directory/develop/v2-oauth2-auth-code-flow which tells me, I should fix my request.
Now... somehow it's hard, finding a) a ressource telling which urls are right and b) finding a tutorial, tell how I add right a app so I can get it working (maybe also a result, because the o365 layout changes fast...)
Does anyone have a idea, what the right parameters are and what I must do in the Azure Active Directory Admin Center so its working?
My goal is "only", access a users mailbox and get attachments from existing mails. I think, when I can authenticate successfully, all other things are easy (hope so).
Please refer to the official tutorial: Authenticate with the Microsoft Graph service.
To authenticate as an application you can use the Guzzle HTTP client, which comes preinstalled with this library, for example like this:
<?php
require __DIR__ . '/vendor/autoload.php';
$guzzle = new \GuzzleHttp\Client();
$tenantId = 'your_tenanet_id, e4c9ab4e-****-****-****-230ba2a757fb';
$clientId = 'your_app_id_registered_in_portal, dc175b96-****-****-****-ea03e56da5e7';
$clientSecret = 'app_key_generated_in_portal, /pGggH************************Zr732';
$url = 'https://login.microsoftonline.com/' . $tenantId . '/oauth2/token';
$user_token = json_decode($guzzle->post($url, [
'form_params' => [
'client_id' => $clientId,
'client_secret' => $clientSecret,
'resource' => 'https://graph.microsoft.com/',
'grant_type' => 'password',
'username' => 'your_user_id, jack#***.onmcirosoft.com',
'password' => 'your_password'
],
])->getBody()->getContents());
$user_accessToken = $user_token->access_token;
$graph = new Graph();
$graph->setAccessToken($user_accessToken );
$response = $graph->createRequest('Get','/me/messages')
->setReturnType(Model\Message::class)
->execute();
?>
Note that the resource should be https://graph.microsoft.com/
My scenario would be this flow in my application: Register > Sign Document > Return to Finish Page.
The user register on my application and he need to sign a document to finish his registration. He is not a DocuSign user. At the moment all my tests are at the Sandbox environment.
The envelope creation works great. If I don't use the client_user_id it sends the email for signing. But I need to use the client_user_id to use the embedded signing and get the URL for next step.
When I try to to get the URL of the envelope, I receive the following error:
errorCode: SHARED_VIEW_USER_LACKS_PERMISSION
message: User lacks shared permission to envelope. Only a user with shared access to the envelope may perform the requested operation.
Here is the code I'm using on my PHP application to try to get the URL of the recent created envelope:
$envelope = $this->docusignlib->create_document_for_signing($user, $file);
$result = $this->docusignlib->get_url_document($user, $envelope['envelope_id'], $return_url);
public function create_document_for_signing($user, $file)
{
# Document
$document = new DocuSign\eSign\Model\Document([
'document_base64' => base64_encode(file_get_contents($file)),
'name' => 'Document name',
'file_extension' => 'pdf',
'document_id' => '1'
]);
# Sign Here Position
$signHere = new DocuSign\eSign\Model\SignHere([
'document_id' => '1', 'page_number' => '2', 'recipient_id' => '1',
'tab_label' => 'Sign here', 'x_position' => '100', 'y_position' => '720'
]);
# The signer object
$signer = new DocuSign\eSign\Model\Signer([
'email' => $user->user_email,
'name' => $user->user_name,
'recipient_id' => "1",
'client_user_id' => $user->user_id,
'tabs' => new DocuSign\eSign\Model\Tabs([
'sign_here_tabs' => [$signHere]
])
]);
# Next, create the top level envelope definition and populate it.
$envelopeDefinition = new DocuSign\eSign\Model\EnvelopeDefinition([
'email_subject' => "Email subject",
'documents' => [$document],
'recipients' => new DocuSign\eSign\Model\Recipients(['signers' => [$signer]]),
'status' => "sent"
]);
$config = new DocuSign\eSign\Configuration();
$config->setHost($this->api);
$config->addDefaultHeader("Authorization", "Bearer " . $this->accessToken);
$apiClient = new DocuSign\eSign\Client\ApiClient($config);
$envelopeApi = new DocuSign\eSign\Api\EnvelopesApi($apiClient);
return $envelopeApi->createEnvelope($this->accountId, $envelopeDefinition);
}
public function get_url_document($user, $envelopeId, $returnUrl)
{
$recipientViewRequest = new DocuSign\eSign\Model\RecipientViewRequest([
'user_name' => $user->user_name,
'email' => $user->user_email,
"recipient_id" => "1",
"client_user_id" => $user->user_id,
"authentication_method" => "email",
"return_url" => $returnUrl
]);
$config = new DocuSign\eSign\Configuration();
$config->setHost($this->api);
$config->addDefaultHeader("Authorization", "Bearer " . $this->accessToken);
$apiClient = new DocuSign\eSign\Client\ApiClient($config);
$envelopeApi = new DocuSign\eSign\Api\EnvelopesApi($apiClient);
return $envelopeApi->createEnvelopeRecipientSharedView($this->accountId, $envelopeId, $recipientViewRequest);
}
I couldn't find ANYTHING related to this error on the documentation and I checked all the permissions and everything seems ok. I'm using the admin user of my demoaccount. Any ideas what I'm doing wrong here?
Thanks!
SHARED_VIEW_USER_LACKS_PERMISSION is about the user and the account. You may want to try a different account and/or a new envelope. I would also ensure that you are making API call to demo.docusign.net URL and not www.docusign.net since you are still in demo/sandbox.
The accessToken should match the account and if you're using the token generator, it's the account that you used when token generator prompted you to log in.
Currently Using:
Laravel 5.5
"tucker-eric/docusign-rest-client": "^1.0",
"tucker-eric/laravel-docusign": "^0.1.1"
Intention is to generate a URL so all customers / agents sign on the spot
Here is what I have so far
I first create the client
$client = new DocuSign\Rest\Client([
'username' => env('DOCUSIGN_USERNAME'),
'password' => env('DOCUSIGN_PASSWORD'),
'integrator_key' => env('DOCUSIGN_INTEGRATOR_KEY'),
'host' => env('DOCUSIGN_HOST')
]);
For each signer I assign their name and email
$templateRole1 = $client->templateRole([
'email' => 'abc#gmail.com',
'name' => 'abc',
'role_name' => 'Agent'
]);
$templateRole2 = $client->templateRole([
'email' => 'abc123#gmail.com',
'name' => 'abc',
'role_name' => 'Purchaser 1'
]);
$templateRole3 = $client->templateRole([
'email' => 'abc124#gmail.com',
'name' => 'abc124',
'role_name' => 'Purchaser 2'
]);
$templateRole4 = $client->templateRole([
'email' => 'abc125#gmail.com',
'name' => 'abc125',
'role_name' => 'Seller'
]);
I create the envelope (not sure why it sends it, I dont want it sent yet
$envelopeDefinition = $client->envelopeDefinition([
'status' => 'sent',
'email_subject' => '[DocuSign PHP SDK] - Signature Request Sample',
'template_id' => '***abc-123-',
'template_roles' => [
$templateRole1,
$templateRole2,
$templateRole3,
$templateRole4,
],
]);
Envelope options just because even tho I don't have any
$envelopeOptions = $client->envelopes->createEnvelopeOptions([]);
Creates the final envelope
$envelopeSummary = $client->envelopes->createEnvelope($envelopeDefinition, $envelopeOptions);
Prepare the embedding so I can extract the URL
$envelopeApi = $client->envelopes;
$recipient_view_request = new \DocuSign\eSign\Model\RecipientViewRequest();
$recipient_view_request->setReturnUrl('https://www.example.net/callback/docusign');
$recipient_view_request->setClientUserId((string) $client->getAccountId());
$recipient_view_request->setAuthenticationMethod("None");
try {
$signingView = $envelopeApi->createRecipientView($client->getAccountId(), $envelopeSummary->getEnvelopeId(), $recipient_view_request);
} catch (DocuSign\eSign\ApiException $e){
echo "Error connecting Docusign : " . $e->getResponseBody()->errorCode . " " . $e->getResponseBody()->message;
}
Which returns:
object(DocuSign\eSign\Model\ErrorDetails)#419 (1) { ["container":protected]=> array(2) { ["error_code"]=> string(20) "INVALID_REQUEST_BODY" ["message"]=> string(94) "The request body is missing or improperly formatted. Input string was not in a correct format." } } Error connecting Docusign : INVALID_REQUEST_BODY The request body is missing or improperly formatted. Input string was not in a correct format.done
My question is what I'm doing wrong to get this error returned, and why is it sending the email to the people signing as I didn't explicitly tell it
Thanks
I'm not familiar with the DocuSign Laravel facades by Eric Tucker. If you need to add attributes beyond what Eric's facades provide then you'll need to fork that project to add support for the additional attributes.
You have a server-resident template. You want to use it to provide an embedded signing ceremony in your Laravel app for the signers.
For a signer recipient to be marked as an embedded signer, set the client_user_id attribute to the signer object. For example:
$templateRole1 = $client->templateRole([
'email' => 'abc#gmail.com',
'name' => 'abc',
'role_name' => 'Agent',
'client_user_id' => '1000'
]);
Note that the client_user_id should uniquely identify this signer as a user within your application.
Re: Why are the signers receiving email invites to sign?
Setting the client_user_id will suppress the email notification to the signer.
Re: should the envelope be sent or be in draft status?
You want sent status, which enables recipients to sign via the embedded signing ceremony you'll be next creating.
Re: Envelope Options for creating the envelope.
Normally, you don't supply an EnvelopeOptions when creating an envelope with the PHP SDK. However, Eric Tucker could be combining calls or something. You'll need to check his code.
Here is a standard PHP call to send an envelope:
$config = new \DocuSign\eSign\Configuration();
$config->setHost($args['base_path']);
$config->addDefaultHeader('Authorization', 'Bearer ' . $args['ds_access_token']);
$api_client = new \DocuSign\eSign\ApiClient($config);
$envelope_api = new \DocuSign\eSign\Api\EnvelopesApi($api_client);
$results = $envelope_api->createEnvelope($args['account_id'], $envelope_definition);
$envelope_id = $results->getEnvelopeId();
Obtaining the redirect URL for the embedded signing ceremony
Normal PHP way to do this is to call the createRecipientView method. You need to provide the signer's name, email, and client_user_id from the create envelope step, along with the authentication method your app is using to identify the signer. And, of course, the envelope id too.
Example:
# Create the Recipient View request object
$authentication_method = 'None'; # How is this application authenticating
# the signer? See the `authenticationMethod' definition
# https://developers.docusign.com/esign-rest-api/reference/Envelopes/EnvelopeViews/createRecipient
$recipient_view_request = new \DocuSign\eSign\Model\RecipientViewRequest([
'authentication_method' => $authentication_method,
'client_user_id' => $envelope_args['signer_client_id'],
'recipient_id' => '1',
'return_url' => $envelope_args['ds_return_url'],
'user_name' => $envelope_args['signer_name'],
'email' => $envelope_args['signer_email']
]);
# 4. Obtain the recipient_view_url for the signing ceremony
# Exceptions will be caught by the calling function
$results = $envelope_api->createRecipientView($args['account_id'], $envelope_id,
$recipient_view_request);
$redirect_url = $results['url'];
I'm integrating with a affiliate platform for a client which provides an oAuth2 API, don't usually do massive amounts of work with oAuth2.
I've decided for my client, I'll use the PHP Leagues oAuth2 package: https://github.com/thephpleague/oauth2-client
Anyway, I've got an accessToken no problem! using the following:
$provider = new GenericProvider([
'clientId' => $this->config->affiliates->rakuten->clientId,
'clientSecret' => $this->config->affiliates->rakuten->clientSecret,
'redirectUri' => 'http://www.newintoday.com/',
'urlAuthorize' => 'https://api.rakutenmarketing.com/token', // Ignore
'urlAccessToken' => 'https://api.rakutenmarketing.com/token',
'urlResourceOwnerDetails' => 'https://api.rakutenmarketing.com/' // Ignore
]);
try {
// Try to get an access token using the resource owner password credentials grant.
$accessToken = $provider->getAccessToken('password', [
'username' => $this->config->affiliates->rakuten->username,
'password' => $this->config->affiliates->rakuten->password,
'scope' => $this->config->affiliates->rakuten->publisherId,
]);
$productSearchApiBaseUri = 'https://api.rakutenmarketing.com/productsearch/1.0';
$request = $provider->getAuthenticatedRequest('GET', $productSearchApiBaseUri, $accessToken, [
'body' => '?keyword=shirt',
]);
\Utils::dump($provider->getResponse($request));
} catch (IdentityProviderException $e) {
echo $e->getMessage();
}
My question is once we have the accessToken what do we use in it to make the request, I followed through the code and came up with the above but the API responds saying that the keyword is not specified? Is
$request = $provider->getAuthenticatedRequest('GET', $productSearchApiBaseUri, $accessToken, [
'body' => 'keyword=shirt',
]);
The correct way to provide it with a GET variable?
Thanks in advance.
Realised I could simply include the get vars in the URI alla:
$productSearchApiBaseUri = 'https://api.rakutenmarketing.com/productsearch/1.0?keyword=shirt';