C
C
bitzlato.com whoami
See more JSON Web Token (JWT) Examples
Demonstrates sending a request to the bitzlato.com whoami endpoint using an ES256 JWT token for authentication.Chilkat C Downloads
#include <C_CkJsonObject.h>
#include <C_CkPrivateKey.h>
#include <C_CkJwt.h>
#include <C_CkHttp.h>
void ChilkatSample(void)
{
BOOL success;
HCkJsonObject jwk;
HCkPrivateKey eccKey;
HCkJwt jwt;
HCkJsonObject jose;
HCkJsonObject claims;
int curDateTime;
const char *jwt_token;
HCkHttp http;
const char *responseStr;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Use the following ECC key loaded from JWK format.
jwk = CkJsonObject_Create();
success = CkJsonObject_UpdateString(jwk,"kty","EC");
success = CkJsonObject_UpdateString(jwk,"crv","P-256");
success = CkJsonObject_UpdateString(jwk,"x","...");
success = CkJsonObject_UpdateString(jwk,"y","...");
success = CkJsonObject_UpdateString(jwk,"d","...");
eccKey = CkPrivateKey_Create();
success = CkPrivateKey_LoadJwk(eccKey,CkJsonObject_emit(jwk));
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(eccKey));
CkJsonObject_Dispose(jwk);
CkPrivateKey_Dispose(eccKey);
return;
}
jwt = CkJwt_Create();
// Build the JOSE header
jose = CkJsonObject_Create();
success = CkJsonObject_AppendString(jose,"format","compact");
success = CkJsonObject_AppendString(jose,"alg","ES256");
// Now build the JWT claims (also known as the payload)
// Our JWT claims will contain members as shown here:
// {
// "email":"your_email@example.com",
// "aud":"usr",
// "iat":"1588286154",
// "jti":"555D9123"
// }
claims = CkJsonObject_Create();
CkJsonObject_AppendString(claims,"jti","555D9123");
CkJsonObject_AppendString(claims,"email","your_email@example.com");
// Set the timestamp of when the JWT was created to now minus 60 seconds
curDateTime = CkJwt_GenNumericDate(jwt,-60);
success = CkJsonObject_AddIntAt(claims,-1,"iat",curDateTime);
// Set the "not process before" timestamp to now minus 60 seconds
success = CkJsonObject_AddIntAt(claims,-1,"nbf",curDateTime);
// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
success = CkJsonObject_AddIntAt(claims,-1,"exp",curDateTime + 3600);
CkJsonObject_AppendString(claims,"aud","usr");
// Produce the smallest possible JWT:
CkJwt_putAutoCompact(jwt,TRUE);
// Create the JWT token. This is where the RSA signature is created.
jwt_token = CkJwt_createJwtPk(jwt,CkJsonObject_emit(jose),CkJsonObject_emit(claims),eccKey);
printf("%s\n",jwt_token);
// Send the HTTPS GET with the jwt_token used for Authorization.
http = CkHttp_Create();
CkHttp_putAuthToken(http,jwt_token);
responseStr = CkHttp_quickGetStr(http,"https://bitzlato.com/api/auth/whoami");
if (CkHttp_getLastMethodSuccess(http) == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkJsonObject_Dispose(jwk);
CkPrivateKey_Dispose(eccKey);
CkJwt_Dispose(jwt);
CkJsonObject_Dispose(jose);
CkJsonObject_Dispose(claims);
CkHttp_Dispose(http);
return;
}
printf("status code = %d\n",CkHttp_getLastStatus(http));
printf("%s\n",responseStr);
CkJsonObject_Dispose(jwk);
CkPrivateKey_Dispose(eccKey);
CkJwt_Dispose(jwt);
CkJsonObject_Dispose(jose);
CkJsonObject_Dispose(claims);
CkHttp_Dispose(http);
}