Before requesting a new system user ticket, you have to sign your system user token with your RSA private key. The timestamp is also updated.
The SignedSystemToken element has the following format:
- plain text system user token
- a period (.)
- a UTC date time formatted as YYYYMMddhhmm using leading zeros
- a period (.)
- a Base64 encoded, signed version of the first 3 items
For example:
System User Token.YYYYMMDDHHMM.mwhpYcNBfFqEaL0uLkCwXB99sM/Wo7DOnhjRwsmwNAd2EmBM1z+Co=
Pre-requisites:
You can get the SuperOffice public key from SuperOfficeOnlineCertificates.zip in the online-sdk-downloads.
To sign the token:
-
Concatenate the first 3 items: PLAINTEXT_TOKEN.TIMESTAMP
-
Using the partner's private certificate key, sign the concatenated items
-
Base64 encode the signed result
Signing with JavaScript
const utcTimestamp = moment.utc().format('YYYYMMDDHHmm');
const data = `YOUR_SYSTEM_USER_TOKEN.${utcTimestamp}`;
let sign = crypto.createSign('SHA256');
sign.update(data);
sign.end();
sign = sign.sign(rsaPrivateKey, 'base64');
const signedToken = `${data}.${sign}`;
Signing with PHP
$systemUserTokenAndTime = Application Name-pzqc70604i.201511111342
$signature = signVariable($systemUserTokenAndTime)
$signedSystemToken = $systemUserTokenAndTime + "." + base64_encode($signature)