|
Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
(MFC) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
#include <CkHttp.h> #include <CkJsonObject.h> #include <CkStringBuilder.h> #include <CkRsa.h> #include <CkPublicKey.h> void ChilkatSample(void) { CkString strOut; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. CkHttp http; // First get the public key we'll be needing.. const char *jwkStr = http.quickGetStr("https://www.googleapis.com/oauth2/v3/certs"); if (http.get_LastMethodSuccess() == false) { strOut.append(http.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // We have the following: // { // "keys": [ // { // "kid": "e8732db06287515556213b80acbcfd08cfb302a9", // "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", // "kty": "RSA", // "e": "AQAB", // "alg": "RS256", // "use": "sig" // }, // { // "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", // "e": "AQAB", // "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", // "alg": "RS256", // "use": "sig", // "kty": "RSA" // } // ] // } CkJsonObject json; bool success = json.Load(jwkStr); // ------------------------------------------------- // Load the following.. // { // "access_token": "ya29.a0...0f", // "expires_in": 3599, // "scope": "openid https://www.googleapis.com/auth/userinfo.email", // "token_type": "Bearer", // "id_token": "eyJhb...o5nQ" // } CkJsonObject jsonToken; success = jsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json"); if (success == false) { strOut.append("Failed to load the JSON file..."); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Get the id_token; CkStringBuilder sbIdToken; success = sbIdToken.Append(jsonToken.stringOf("id_token")); // Get the signature in base64url format. // The header + payload remains in sbIdToken. const char *sig_b64Url = sbIdToken.getAfterFinal(".",true); const char *headerPlusPayload = sbIdToken.getAsString(); strOut.append(sig_b64Url); strOut.append("\r\n"); strOut.append(headerPlusPayload); strOut.append("\r\n"); // --------------------------------------------- // Try validating with each cert's public key. // Hopefully one will be the key that verifies. CkRsa rsa; rsa.put_EncodingMode("base64url"); int numKeys = json.SizeOfArray("keys"); int i = 0; while (i < numKeys) { json.put_I(i); CkJsonObject *jsonKey = json.ObjectOf("keys[i]"); CkPublicKey pubKey; success = pubKey.LoadFromString(jsonKey->emit()); if (success == false) { strOut.append(pubKey.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } strOut.appendInt(i); strOut.append("\r\n"); strOut.append(pubKey.getPem(true)); strOut.append("\r\n"); delete jsonKey; success = rsa.ImportPublicKeyObj(pubKey); bool bVerified = rsa.VerifyStringENC(headerPlusPayload,"sha256",sig_b64Url); strOut.append("bVerified = "); strOut.appendInt(bVerified); strOut.append("\r\n"); i = i + 1; } // The output is: // 0 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw // cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz // 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y // LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm // LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ // 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = True // 1 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn // IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB // Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 // E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI // TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg // 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = False SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
||||
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.