From 7669d92c26fb033d9f5f210b74324e053477f38a Mon Sep 17 00:00:00 2001 From: brennen-stripe <86444598+brennen-stripe@users.noreply.github.com> Date: Wed, 11 Jan 2023 09:04:58 -0800 Subject: [PATCH] Rolled new JWT Cert and updated readme (#975) * rolled new certificate and updated readme * tweaked comment to get fresh CI build * added temp debugging step * removing chromedriver license * removed LS step * added -f to safely remove --- .circleci/config.yml | 1 + sfdx/bin/extract-private-key | 2 +- sfdx/jwt-cert/certificate.pem | 30 +++++++++++------------ sfdx/jwt-cert/public_key.cer | Bin 708 -> 708 bytes sfdx/jwt-cert/public_key.pem | 44 +++++++++++++++++----------------- sfdx/jwt-cert/readme.md | 4 ++-- 6 files changed, 41 insertions(+), 40 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 7bab140c96..894f6cdeb1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -182,6 +182,7 @@ jobs: steps: - browser-tools/install-chrome - browser-tools/install-chromedriver + - run: rm -f LICENSE.chromedriver # ls -lR /home/circleci/project revealed this file after checkout step was failing due to a non-empty directory - checkout - sfdx/install: *sfdx_version - jq/install diff --git a/sfdx/bin/extract-private-key b/sfdx/bin/extract-private-key index b08ffae34b..654f038d01 100755 --- a/sfdx/bin/extract-private-key +++ b/sfdx/bin/extract-private-key @@ -15,5 +15,5 @@ fi # the certificate associated with this key is uploaded to our SF application on the billing PBO org # this is the closest thing we have to a platform key in salesforce -# set `SF_JWT_KEY` on CI to `cat sfdx/jwt-cert/private_key.pem | base64` +# set `SF_JWT_KEY` on CI to the output of `cat sfdx/jwt-cert/private_key.pem | base64` echo $SF_JWT_KEY | base64 --decode --ignore-garbage > $SF_JWT_PRIVATE_KEY_PATH diff --git a/sfdx/jwt-cert/certificate.pem b/sfdx/jwt-cert/certificate.pem index cae4b5ad73..7dad45e673 100644 --- a/sfdx/jwt-cert/certificate.pem +++ b/sfdx/jwt-cert/certificate.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICwDCCAagCCQCg7k4RDpskODANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV -UzETMBEGA1UEAwwKSnd0VWlMb2dpbjAeFw0yMjAzMTAwMDEzNDhaFw0yMzAzMTAw -MDEzNDhaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RVaUxvZ2luMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdtKKxnqvUuR9/24n0hMjqBseb2C -sL8++xUG93M3MjYnfE3XZ2vNS2KJU6jEmJlQvs7MlWQIbdhSwVjLKIhwPh7LbAS1 -t4RKezGC9AgxiE138506vS1qrzf2QBjU0y+DHGFwRkUWBvhW1hfW00DnHlS5C9g0 -uWZs4TTAnfmSMS6bjkiB8/LWUvxA7g+vF6R2/bmtDDaQZdQxXWUDJANG5YgYmH9K -29pxTbHBkCc0/n1wjroBCQ8L8VHHnsFQAYMqoD0yHQkOERsMGZzHfLQugG4kRNUX -J1XFL8KOebWxWfofdfvzUQqgtlRmkTLlEPcDhWlfUcZLrEA6O/y3U83OpQIDAQAB -MA0GCSqGSIb3DQEBCwUAA4IBAQB/12B2kt2ZwXZBxsmp5RogzhBsROEqt1w2Xv0F -QRRTrKItDTcs1sGJGdSzjFTbJrkML3+iH7ZVtNYNvr3WlJi/h+dyQyO7WLnxUN4n -T+A8u+XoEMnHQqWax2KAf3Ypbh2x0RHSEVFO4Pgd5gNPv48/bvm3lTLabeGKZPPs -1Y9idT6uHax8XPDt8Zw28VM31CGJkddnglvAgOgt+Cy+tnb0+UIbno7McE2EXoN/ -bXsHisogK1Ux27B1YgtnClIZX5fV6IyFENTpj0XhNOFhsqWKRj1Tt+axJjsGhY0O -K3oeUJRjweU0Uh4SJcKWmiYRKzYW3o/DzCXws2M8Cg6EyYQT +MIICwDCCAagCCQCFfL3a7VxiRTANBgkqhkiG9w0BAQsFADAiMQswCQYDVQQGEwJV +UzETMBEGA1UEAwwKSnd0Q0lMb2dpbjAeFw0yMzAxMTAyMTIzMTJaFw0yNDAxMTAy +MTIzMTJaMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQDDApKd3RDSUxvZ2luMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHWNoKIfSuRtcRlV+WR8KXK5v65H +0nhrX0bwWgQQni7NUr7hUbBeBEYarR6m1zNc1HnyCVZnY7wLtsvxY6hTOAVXM/d8 +asD5thh1TCMQjH0KrmZerpCq3dQq4GgfPr5L+31akIfVC7BDlgdHa9+eMo48QDRe +mIuyPSpLWggEULLgvEWcAzzeXxdzlt9yNrSPmYtCONADC4K535fMw4fR+T+xSehc +Eoqvi01eqJq5So1Rm433AYPloP3BdC9P8nTw+waIWMlphgIM+lCRXMs2bAXHV2Cb +J/MUgb/nyic1HToZeTIrJjwaklc9vENgMDvdL/ukkDhGjeqeQJHvspnDhQIDAQAB +MA0GCSqGSIb3DQEBCwUAA4IBAQAVmfs74kmeq3UyzrkBQrYd0Ol0hdSCKILyuguO +oyPxFqKebmnr77kg4YFqGNSB6lp4tDDFNxl+SMXNUTmL6DG8faelpdRGkuFxW/Hd +5+VqIx3bdBLg/aU8Yq8FX6AmqXMuFtSOJaYW1+2PFhZEQv1EcUb49C72rVkkf+Xd +lqyJ/ETCen1mpkWrAnlhLrp/0aXakwKyUqY8zrl0iyYUWn8FZ2AkI3yDMHP5omMU +6apEdefu5jpFEbvQbIqUWHKJofDGqoX2HVn2brTz6yTuJgU/EzxYBnJdbv7Yq4QI +L2fVu6U7Vk+m3C6X0c1iHyJBNoyRMuf4BblSDjcasqKKY2hN -----END CERTIFICATE----- diff --git a/sfdx/jwt-cert/public_key.cer b/sfdx/jwt-cert/public_key.cer index 652ed7dc029209fb8833a050a35ed1e39ecafbeb..aac2fe5f7ed3188588f2f268872371f0d9818201 100644 GIT binary patch delta 623 zcmV-#0+9X01;hmtFoFWWFoFT70toKqc7Y#BqFflPO zGBGkUF)~^g4Kg$^F)=VQF)}kTGFmVqF$*vW1_M%>prRj2oRrzFmDRQ~Lu1C^%YhOn2S_BZDF3nQD;Zd+&1V$RI9;Vkb zT-15;307xgybHF=@nfh{I0aWT_k3!=`L-B!Od}ACeG0B-UapX;-P9`JXdgblOZ$CV zkcZU^utSyyM{D1nGLAezG+vmCvOOwGS_lMCf3o1bMVtdX-d`7UmfvzVw2zsKLO9R^ z3xc`dm(0V5(fL2IN$6Y>im!`JUZ|S6N{vyQjrReA<)Hn+bT3cxbnyEIh*-&Kh5`)w zP?22AHf#mQS74hb^Av%<=gKEF9Xc6#GAkxL8j@E%yhC6xJKZn)q>wm9jq092k?*pZ z0>g!qs{t8*6`A`x;z^#Xbu!Mm0YbJN(CKuA)Pg92^12I-qa*PaqMmMP>+iWB;el!x z)Pd?+c(gFZHyM6N#m!MUi|8@DeW#_R)JBrwaa-}-=jCc69ouvg;QggMVy^{XpeCtv zE*8{|C8ieF?T;1~L_+;UaYp#`F7~ZiB!A`ImaK_?{6xZfeP*Ubs{(mpF1mlwrP`AM zvQnlz&bf4pCKOtK1!rI+BYcA}bNQlU6zQr&b?5HpIz@W!fz_8nRF zZnX33B<>~!KNCDy26A0){@AO82rp;VyQMo;Po~^1m(k5)A0k0EjFB?u_yxIA4mTRI JqKabzXiX`Y7BT<; delta 623 zcmV-#0+9X01;hmtFoFWWFoFT70to=1?oJU7nKqc7Y#BpFf%bQ zFfcJQG&oup4Kgz@GchnQFflVUI9f0wF$*vW1_Md*Jo?ZOJa#rsKl6= zP`=L0m1GEQ*iyk*%P5F&J|4?#1huz>N_#Pa^awGCO?UI1I=wAwuQ&EU7}V1*gB)RS zMnx6|_*T{z*3&@e9#pvt*fhCjY~eJ(o%xb6e=eJjNP+Y6)>8aH?hmgQq;~zetqeAh zWz;cUWdkGwM&*bYn14#!+Hp;>!H_33{(W$cx&a9f3-M9Mp21K7gDRjsG93vH5gQB{ zoX32$E`V+%MAa83RmCsDj(N4QS^6J!`}0u>pte+Ikuv2F_XCA#Us1+OtUx+D{I^rh z0?wtAs{t8*f7f7klHHlXc0tC;spT3V&Jb)w;VQRWHeUS&K@?N0qAd+KEY`t^8Pv0k zRNE%G3@?A8AGTGr)(yVB)|8mPhv#xbBfD6+@lf6;PvAVe<>(N}$3mr=$6|ngb}4Qh zvC$FI5m8Ry_#Ng0Prr{pZuz&BGTLq7ie&Tb)sJF-bv~{gtbAPX?eUy8@l!X{A&HUK zXM$V6faopwEWWmO^!Y*?o{r3LO@v;9e{FjQipn4>RWaMJbz%!=3Q`$gm(}Qug%H%~ zk451$;bF3+ibg$Cx8|`XI|hY~4l8;dP?TfA Setup > Manage Connected apps > View > Edit + - Log in to PBO Org -> Setup -> App Manager -> Stripe Connector for Salesforce (StripeConnector) -> Edit - Use Digital Signature: true - Upload jwt-cert/public_key.cer - There are some unique permissions that need to be added to the app even if "full access" is requested.