jwt console project (#48)

paigesrossi · web-flow · commit ac1b13c1076e · 2022-01-28T15:43:47.000-08:00
* jwt console project

* removing commented lines

* better message

* updating redirect to dev center page

* refactoring for using fewer files

* fixing hard coding of demo doc path in example

* only ask for consent if needed

* removing unnecessary comments

* adding note to consent dialog

* removing flask dependency for jwt project
diff --git a/app/docusign/ds_client.py b/app/docusign/ds_client.py
@@ -11,6 +11,7 @@
 from ..ds_config import DS_CONFIG, DS_JWT
 from ..api_type import EXAMPLES_API_TYPE
 from ..error_handlers import process_error
+from ..jwt_helpers import get_jwt_token, get_private_key
 
 SCOPES = [
      "signature"
@@ -99,22 +100,15 @@ def _jwt_auth(cls):
 
         # Catch IO error
         try:
-            private_key = cls._get_private_key().encode("ascii").decode("utf-8")
+            private_key = get_private_key(DS_JWT["private_key_file"]).encode("ascii").decode("utf-8")
         except (OSError, IOError) as err:
             return render_template(
                 "error.html",
                 err=err
             )
 
         try:
-            cls.ds_app = api_client.request_jwt_user_token(
-                client_id=DS_JWT["ds_client_id"],
-                user_id=DS_JWT["ds_impersonated_user_id"],
-                oauth_host_name=DS_JWT["authorization_server"],
-                private_key_bytes=private_key,
-                expires_in=4000,
-                scopes=use_scopes
-            )
+            cls.ds_app = get_jwt_token(private_key, use_scopes, DS_JWT["authorization_server"], DS_JWT["ds_client_id"], DS_JWT["ds_impersonated_user_id"])
             return redirect(url_for("ds.ds_callback"))
 
         except ApiException as err:
@@ -138,21 +132,6 @@ def _jwt_auth(cls):
     def destroy(cls):
         cls.ds_app = None
 
-    @staticmethod
-    def _get_private_key():
-        """
-        Check that the private key present in the file and if it is, get it from the file.
-        In the opposite way get it from config variable.
-        """
-        private_key_file = path.abspath(DS_JWT["private_key_file"])
-
-        if path.isfile(private_key_file):
-            with open(private_key_file) as private_key_file:
-                private_key = private_key_file.read()
-        else:
-            private_key = DS_JWT["private_key_file"]
-
-        return private_key
 
     @classmethod
     def login(cls, auth_type):
diff --git a/app/eSignature/examples/eg002_signing_via_email.py b/app/eSignature/examples/eg002_signing_via_email.py
@@ -2,49 +2,23 @@
 from os import path
 
 from docusign_esign import EnvelopesApi, EnvelopeDefinition, Document, Signer, CarbonCopy, SignHere, Tabs, Recipients
-from flask import session, request
 
 from ...consts import demo_docs_path, pattern
-from ...docusign import create_api_client
-from ...ds_config import DS_CONFIG
+from ...jwt_helpers import create_api_client
 
 
 class Eg002SigningViaEmailController:
-    @staticmethod
-    def get_args():
-        """Get request and session arguments"""
-
-        # More data validation would be a good idea here
-        # Strip anything other than characters listed
-        signer_email = pattern.sub("", request.form.get("signer_email"))
-        signer_name = pattern.sub("", request.form.get("signer_name"))
-        cc_email = pattern.sub("", request.form.get("cc_email"))
-        cc_name = pattern.sub("", request.form.get("cc_name"))
-        envelope_args = {
-            "signer_email": signer_email,
-            "signer_name": signer_name,
-            "cc_email": cc_email,
-            "cc_name": cc_name,
-            "status": "sent",
-        }
-        args = {
-            "account_id": session["ds_account_id"],
-            "base_path": session["ds_base_path"],
-            "access_token": session["ds_access_token"],
-            "envelope_args": envelope_args
-        }
-        return args
 
     @classmethod
-    def worker(cls, args):
+    def worker(cls, args, doc_docx_path, doc_pdf_path):
         """
         1. Create the envelope request object
         2. Send the envelope
         """
 
         envelope_args = args["envelope_args"]
         # 1. Create the envelope request object
-        envelope_definition = cls.make_envelope(envelope_args)
+        envelope_definition = cls.make_envelope(envelope_args, doc_docx_path, doc_pdf_path)
         api_client = create_api_client(base_path=args["base_path"], access_token=args["access_token"])
         # 2. call Envelopes::create API method
         # Exceptions will be caught by the calling function
@@ -56,7 +30,7 @@ def worker(cls, args):
         return {"envelope_id": envelope_id}
 
     @classmethod
-    def make_envelope(cls, args):
+    def make_envelope(cls, args, doc_docx_path, doc_pdf_path):
         """
         Creates envelope
         Document 1: An HTML document.
@@ -83,10 +57,10 @@ def make_envelope(cls, args):
         doc1_b64 = base64.b64encode(bytes(cls.create_document1(args), "utf-8")).decode("ascii")
         # read files 2 and 3 from a local directory
         # The reads could raise an exception if the file is not available!
-        with open(path.join(demo_docs_path, DS_CONFIG["doc_docx"]), "rb") as file:
+        with open(path.join(demo_docs_path, doc_docx_path), "rb") as file:
             doc2_docx_bytes = file.read()
         doc2_b64 = base64.b64encode(doc2_docx_bytes).decode("ascii")
-        with open(path.join(demo_docs_path, DS_CONFIG["doc_pdf"]), "rb") as file:
+        with open(path.join(demo_docs_path, doc_pdf_path), "rb") as file:
             doc3_pdf_bytes = file.read()
         doc3_b64 = base64.b64encode(doc3_pdf_bytes).decode("ascii")
 
diff --git a/app/eSignature/views/eg002_signing_via_email.py b/app/eSignature/views/eg002_signing_via_email.py
@@ -3,16 +3,40 @@
 from os import path
 
 from docusign_esign.client.api_exception import ApiException
-from flask import render_template, session, Blueprint
+from flask import render_template, session, Blueprint, request
 
 from ..examples.eg002_signing_via_email import Eg002SigningViaEmailController
 from ...docusign import authenticate
 from ...ds_config import DS_CONFIG
 from ...error_handlers import process_error
+from ...consts import pattern
 
 eg = "eg002"  # reference (and url) for this example
 eg002 = Blueprint("eg002", __name__)
 
+def get_args():
+    """Get request and session arguments"""
+
+    # More data validation would be a good idea here
+    # Strip anything other than characters listed
+    signer_email = pattern.sub("", request.form.get("signer_email"))
+    signer_name = pattern.sub("", request.form.get("signer_name"))
+    cc_email = pattern.sub("", request.form.get("cc_email"))
+    cc_name = pattern.sub("", request.form.get("cc_name"))
+    envelope_args = {
+        "signer_email": signer_email,
+        "signer_name": signer_name,
+        "cc_email": cc_email,
+        "cc_name": cc_name,
+        "status": "sent",
+    }
+    args = {
+        "account_id": session["ds_account_id"],
+        "base_path": session["ds_base_path"],
+        "access_token": session["ds_access_token"],
+        "envelope_args": envelope_args
+    }
+    return args
 
 @eg002.route("/eg002", methods=["POST"])
 @authenticate(eg=eg)
@@ -24,10 +48,11 @@ def sign_by_email():
     """
 
     # 1. Get required arguments
-    args = Eg002SigningViaEmailController.get_args()
+    #args = Eg002SigningViaEmailController.get_args()
+    args = get_args()
     try:
         # 1. Call the worker method
-        results = Eg002SigningViaEmailController.worker(args)
+        results = Eg002SigningViaEmailController.worker(args, DS_CONFIG["doc_docx"], DS_CONFIG["doc_pdf"])
     except ApiException as err:
         return process_error(err)
 
diff --git a/app/jwt_helpers/__init__.py b/app/jwt_helpers/__init__.py
@@ -0,0 +1 @@
+from .jwt_helper import create_api_client, get_jwt_token, get_private_key
diff --git a/app/jwt_helpers/jwt_helper.py b/app/jwt_helpers/jwt_helper.py
@@ -0,0 +1,39 @@
+from docusign_esign import ApiClient
+from os import path
+
+def get_jwt_token(private_key, scopes, auth_server, client_id, impersonated_user_id):
+    """Get the jwt token"""
+    api_client = ApiClient()
+    api_client.set_base_path(auth_server)
+    response = api_client.request_jwt_user_token(
+        client_id=client_id,
+        user_id=impersonated_user_id,
+        oauth_host_name=auth_server,
+        private_key_bytes=private_key,
+        expires_in=4000,
+        scopes=scopes
+    )
+    return response
+
+def get_private_key(private_key_path):
+        """
+        Check that the private key present in the file and if it is, get it from the file.
+        In the opposite way get it from config variable.
+        """
+        private_key_file = path.abspath(private_key_path)
+
+        if path.isfile(private_key_file):
+            with open(private_key_file) as private_key_file:
+                private_key = private_key_file.read()
+        else:
+            private_key = private_key_path
+
+        return private_key
+
+def create_api_client(base_path, access_token):
+    """Create api client and construct API headers"""
+    api_client = ApiClient()
+    api_client.host = base_path
+    api_client.set_default_header(header_name="Authorization", header_value=f"Bearer {access_token}")
+
+    return api_client
diff --git a/jwt_config_sample.py b/jwt_config_sample.py
@@ -0,0 +1,8 @@
+DS_JWT = {
+    "ds_client_id": "{INTEGRATION_KEY_JWT}",
+    "ds_impersonated_user_id": "{IMPERSONATED_USER_ID}",  # The id of the user.
+    "private_key_file": "./app/private.key", # Create a new file in your repo source folder named private.key then copy and paste your RSA private key there and save it.
+    "authorization_server": "account-d.docusign.com",
+    "doc_docx": "World_Wide_Corp_Battle_Plan_Trafalgar.docx",
+    "doc_pdf": "World_Wide_Corp_lorem.pdf"
+}
diff --git a/jwt_console.py b/jwt_console.py
@@ -0,0 +1,98 @@
+from os import path
+import sys
+import subprocess
+
+from docusign_esign import ApiClient
+from docusign_esign.client.api_exception import ApiException
+from app.jwt_helpers import get_jwt_token, get_private_key
+from app.eSignature.examples.eg002_signing_via_email import Eg002SigningViaEmailController
+from jwt_config import DS_JWT
+
+# pip install DocuSign SDK
+subprocess.check_call([sys.executable, '-m', 'pip', 'install', 'docusign_esign'])
+
+SCOPES = [
+     "signature", "impersonation"
+]
+
+def get_consent_url():
+    url_scopes = "+".join(SCOPES)
+
+    # Construct consent URL
+    redirect_uri = "https://developers.docusign.com/platform/auth/consent"
+    consent_url = f"https://{DS_JWT['authorization_server']}/oauth/auth?response_type=code&" \
+                  f"scope={url_scopes}&client_id={DS_JWT['ds_client_id']}&redirect_uri={redirect_uri}"
+
+    return consent_url
+
+def get_token(private_key, api_client):
+
+    # Call request_jwt_user_token method
+    token_response = get_jwt_token(private_key, SCOPES, DS_JWT["authorization_server"], DS_JWT["ds_client_id"], DS_JWT["ds_impersonated_user_id"])
+    access_token = token_response.access_token
+
+    # Save API account ID
+    user_info = api_client.get_user_info(access_token)
+    accounts = user_info.get_accounts()
+    api_account_id = accounts[0].account_id
+    base_path = accounts[0].base_uri + "/restapi"
+
+    return {"access_token": access_token, "api_account_id": api_account_id, "base_path": base_path}
+
+def get_args(api_account_id, access_token, base_path):
+    signer_email = input("Please enter the signer's email address: ")
+    signer_name = input("Please enter the signer's name: ")
+    cc_email = input("Please enter the cc email address: ")
+    cc_name = input("Please enter the cc name: ")
+
+    envelope_args = {
+        "signer_email": signer_email,
+        "signer_name": signer_name,
+        "cc_email": cc_email,
+        "cc_name": cc_name,
+        "status": "sent",
+    }
+    args = {
+        "account_id": api_account_id,
+        "base_path": base_path,
+        "access_token": access_token,
+        "envelope_args": envelope_args
+    }
+
+    return args
+
+def run_example(private_key, api_client):
+    jwt_values = get_token(private_key, api_client)
+    args = get_args(jwt_values["api_account_id"], jwt_values["access_token"], jwt_values["base_path"])
+    envelope_id = Eg002SigningViaEmailController.worker(args, DS_JWT["doc_docx"], DS_JWT["doc_pdf"])
+    print("Your envelope has been sent.")
+    print(envelope_id)
+
+def main():
+    
+    api_client = ApiClient()
+    api_client.set_base_path(DS_JWT["authorization_server"])
+    api_client.set_oauth_host_name(DS_JWT["authorization_server"])
+    
+    private_key = get_private_key(DS_JWT["private_key_file"]).encode("ascii").decode("utf-8")
+
+    try:
+        run_example(private_key, api_client)
+    except ApiException as err:
+            body = err.body.decode('utf8')
+
+            if "consent_required" in body:
+                consent_url = get_consent_url()
+                print("Open the following URL in your browser to grant consent to the application:")
+                print(consent_url)
+                consent_granted = input("Consent granted? Select one of the following: \n 1)Yes \n 2)No \n")
+                if consent_granted == "1":
+                    run_example(private_key, api_client)
+                else: 
+                    sys.exit("Please grant consent")
+
+            else:
+                process_error(err)
+    
+
+main()

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+from .jwt_helper import create_api_client, get_jwt_token, get_private_key`