Hi all,
i'm trying to setup a backend system able to send push notification to mobile app (not developed in creatio) through FCM rest API.
The first hurdle is obtaining a valid token to authenticate to notification api exposed by firebase. In order to obtain this token i do have to call another rest api passing a jwt token generated by me and signed by a private key downloaded from fcm.
I've got a code (pasted below) that manages to generate this encrypted token and it's working in visual studio. But if i try to use it in a script task i got the exception
'RSA' does not contain a definition for 'ImportPkcs8PrivateKey' and no accessible extension method 'ImportPkcs8PrivateKey' accepting a first argument of type 'RSA' could be found (are you missing a using directive or an assembly reference?)
As far as i know this exception is thrown if .net core being used is version 5 or below. But i'm on a demo instance with creation 8.2.0.4183 which should be already using net core 6 right?
Do you have any suggestion? (the flow is already configured to import System.Security.Cryptography)
--code--
var now = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
var header = new Dictionary
{
{ "alg", "RS256" },
{ "typ", "JWT" }
};
string headerJson = JsonConvert.SerializeObject(header);
string encodedHeader = Convert.ToBase64String(Encoding.UTF8.GetBytes(headerJson)).TrimEnd('=').Replace('+', '-').Replace('/', '_');
var payload = new Dictionary
{
{ "iss", CLIENT_EMAIL },
{ "scope", SCOPE },
{ "aud", TOKEN_URI },
{ "iat", now },
{ "exp", now + 3600 }
};
string payloadJson = JsonConvert.SerializeObject(payload);
string encodedPayload = Convert.ToBase64String(Encoding.UTF8.GetBytes(payloadJson)).TrimEnd('=').Replace('+', '-').Replace('/', '_');
string unsignedJwt = $"{encodedHeader}.{encodedPayload}";
byte[] dataBytes = Encoding.UTF8.GetBytes(unsignedJwt);
// Decode PEM -> PKCS#8 bytes
string cleanKey = PRIVATE_KEY
.Replace("-----BEGIN PRIVATE KEY-----", "")
.Replace("-----END PRIVATE KEY-----", "")
.Replace("\\n", "\n") // ← decodifica reale da stringa JSON
.Trim();
byte[] privateKeyBytes = Convert.FromBase64String(cleanKey);
// Firma con RSA-SHA256
byte[] signature;
using (var rsa = RSA.Create())
{
rsa.ImportPkcs8PrivateKey(privateKeyBytes, out _);
signature = rsa.SignData(dataBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
string encodedSignature = Convert.ToBase64String(signature)
.TrimEnd('=').Replace('+', '-').Replace('/', '_');
string jwt = $"{unsignedJwt}.{encodedSignature}";
return true;
Like
Hi Roberto,
In the cloud-based demo version of Creatio (including your current instance), the Script Task in business processes runs under .NET Framework 4.7.2. This limitation is specific to the cloud version. If you run Creatio on-premises, it's possible to configure and run business logic under .NET Core instead.
As a result, the method ImportPkcs8PrivateKey() is not available in the cloud version. Other types like RSASignaturePadding, HashAlgorithmName, and RSA.Create() are also unavailable in this context.
Recommended Solution:
Move JWT generation to an external service
- Create a small Web API (in .NET 6 or above).
- Let it generate and return the signed JWT token.
- Call it from Creatio using HTTP request.
Hi Roberto,
In the cloud-based demo version of Creatio (including your current instance), the Script Task in business processes runs under .NET Framework 4.7.2. This limitation is specific to the cloud version. If you run Creatio on-premises, it's possible to configure and run business logic under .NET Core instead.
As a result, the method ImportPkcs8PrivateKey() is not available in the cloud version. Other types like RSASignaturePadding, HashAlgorithmName, and RSA.Create() are also unavailable in this context.
Recommended Solution:
Move JWT generation to an external service
- Create a small Web API (in .NET 6 or above).
- Let it generate and return the signed JWT token.
- Call it from Creatio using HTTP request.