Delphi DLL
Delphi DLL
bitzlato.com whoami
See more JSON Web Token (JWT) Examples
Demonstrates sending a request to the bitzlato.com whoami endpoint using an ES256 JWT token for authentication.Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, PrivateKey, Jwt, JsonObject;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
jwk: HCkJsonObject;
eccKey: HCkPrivateKey;
jwt: HCkJwt;
jose: HCkJsonObject;
claims: HCkJsonObject;
curDateTime: Integer;
jwt_token: PWideChar;
http: HCkHttp;
responseStr: PWideChar;
begin
success := False;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Use the following ECC key loaded from JWK format.
jwk := CkJsonObject_Create();
success := CkJsonObject_UpdateString(jwk,'kty','EC');
success := CkJsonObject_UpdateString(jwk,'crv','P-256');
success := CkJsonObject_UpdateString(jwk,'x','...');
success := CkJsonObject_UpdateString(jwk,'y','...');
success := CkJsonObject_UpdateString(jwk,'d','...');
eccKey := CkPrivateKey_Create();
success := CkPrivateKey_LoadJwk(eccKey,CkJsonObject__emit(jwk));
if (success = False) then
begin
Memo1.Lines.Add(CkPrivateKey__lastErrorText(eccKey));
Exit;
end;
jwt := CkJwt_Create();
// Build the JOSE header
jose := CkJsonObject_Create();
success := CkJsonObject_AppendString(jose,'format','compact');
success := CkJsonObject_AppendString(jose,'alg','ES256');
// Now build the JWT claims (also known as the payload)
// Our JWT claims will contain members as shown here:
// {
// "email":"your_email@example.com",
// "aud":"usr",
// "iat":"1588286154",
// "jti":"555D9123"
// }
claims := CkJsonObject_Create();
CkJsonObject_AppendString(claims,'jti','555D9123');
CkJsonObject_AppendString(claims,'email','your_email@example.com');
// Set the timestamp of when the JWT was created to now minus 60 seconds
curDateTime := CkJwt_GenNumericDate(jwt,-60);
success := CkJsonObject_AddIntAt(claims,-1,'iat',curDateTime);
// Set the "not process before" timestamp to now minus 60 seconds
success := CkJsonObject_AddIntAt(claims,-1,'nbf',curDateTime);
// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
success := CkJsonObject_AddIntAt(claims,-1,'exp',curDateTime + 3600);
CkJsonObject_AppendString(claims,'aud','usr');
// Produce the smallest possible JWT:
CkJwt_putAutoCompact(jwt,True);
// Create the JWT token. This is where the RSA signature is created.
jwt_token := CkJwt__createJwtPk(jwt,CkJsonObject__emit(jose),CkJsonObject__emit(claims),eccKey);
Memo1.Lines.Add(jwt_token);
// Send the HTTPS GET with the jwt_token used for Authorization.
http := CkHttp_Create();
CkHttp_putAuthToken(http,jwt_token);
responseStr := CkHttp__quickGetStr(http,'https://bitzlato.com/api/auth/whoami');
if (CkHttp_getLastMethodSuccess(http) = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
Memo1.Lines.Add('status code = ' + IntToStr(CkHttp_getLastStatus(http)));
Memo1.Lines.Add(responseStr);
CkJsonObject_Dispose(jwk);
CkPrivateKey_Dispose(eccKey);
CkJwt_Dispose(jwt);
CkJsonObject_Dispose(jose);
CkJsonObject_Dispose(claims);
CkHttp_Dispose(http);
end;