Delphi DLL
Delphi DLL
PRODA Get OAuth2 Access Token using JWT
See more PRODA Examples
Demonstrates how to get an OAuth2 access token for the PRODA Australian Government Online Services using a JWT.Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Jwt, HttpResponse, HttpRequest, JsonObject, PrivateKey, Http;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
privKey: HCkPrivateKey;
jwt: HCkJwt;
jose: HCkJsonObject;
claims: HCkJsonObject;
curDateTime: Integer;
jwtToken: PWideChar;
http: HCkHttp;
req: HCkHttpRequest;
resp: HCkHttpResponse;
begin
success := False;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First create a JWT to be sent in the POST to https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token
privKey := CkPrivateKey_Create();
// Load an RSA private key from a PEM file.
// Chilkat provides alternative methods to load from other formats, or to load from a string or binary data.
success := CkPrivateKey_LoadEncryptedPemFile(privKey,'qa_data/pem/rsa_passwd.pem','passwd');
if (success = False) then
begin
Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
Exit;
end;
jwt := CkJwt_Create();
// Build the JOSE header
jose := CkJsonObject_Create();
// Use RS256. Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
success := CkJsonObject_AppendString(jose,'alg','RS256');
success := CkJsonObject_AppendString(jose,'typ','JWT');
success := CkJsonObject_AppendString(jose,'kid','test-device');
// Now build the JWT claims (also known as the payload)
claims := CkJsonObject_Create();
success := CkJsonObject_AppendString(claims,'iss','9646844092');
success := CkJsonObject_AppendString(claims,'sub','test-device');
success := CkJsonObject_AppendString(claims,'aud','https://proda.humanservices.gov.au');
// Set the timestamp of when the JWT was created to now.
curDateTime := CkJwt_GenNumericDate(jwt,0);
success := CkJsonObject_AddIntAt(claims,-1,'iat',curDateTime);
// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
success := CkJsonObject_AddIntAt(claims,-1,'exp',curDateTime + 3600);
// Produce the smallest possible JWT:
CkJwt_putAutoCompact(jwt,True);
// Create the JWT token. This is where the RSA signature is created.
jwtToken := CkJwt__createJwtPk(jwt,CkJsonObject__emit(jose),CkJsonObject__emit(claims),privKey);
// ---------------------------------------------------------------------
// Build and send the POST, which should look something like this:
// POST https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token HTTP/1.1
// Content-Type: application/x-www-form-urlencoded
// Content-Length: 666
// Host: vnd.proda.humanservices.gov.au
//
// grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=<jwt>&client_id=VendorClient03
http := CkHttp_Create();
req := CkHttpRequest_Create();
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
// Add the request params.
CkHttpRequest_AddParam(req,'grant_type','urn:ietf:params:oauth:grant-type:jwt-bearer');
CkHttpRequest_AddParam(req,'assertion',jwtToken);
CkHttpRequest_AddParam(req,'client_id','VendorClient03');
resp := CkHttpResponse_Create();
success := CkHttp_HttpReq(http,'https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token',req,resp);
if (success = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
Memo1.Lines.Add('Response status code = ' + IntToStr(CkHttpResponse_getStatusCode(resp)));
Memo1.Lines.Add('Response body:');
Memo1.Lines.Add(CkHttpResponse__bodyStr(resp));
CkPrivateKey_Dispose(privKey);
CkJwt_Dispose(jwt);
CkJsonObject_Dispose(jose);
CkJsonObject_Dispose(claims);
CkHttp_Dispose(http);
CkHttpRequest_Dispose(req);
CkHttpResponse_Dispose(resp);
end;