|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Classic ASP) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <% ' This example requires the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Http") set http = Server.CreateObject("Chilkat.Http") ' First get the public key we'll be needing.. jwkStr = http.QuickGetStr("https://www.googleapis.com/oauth2/v3/certs") If (http.LastMethodSuccess = 0) Then Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>" Response.End End If ' We have the following: ' { ' "keys": [ ' { ' "kid": "e8732db06287515556213b80acbcfd08cfb302a9", ' "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", ' "kty": "RSA", ' "e": "AQAB", ' "alg": "RS256", ' "use": "sig" ' }, ' { ' "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", ' "e": "AQAB", ' "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", ' "alg": "RS256", ' "use": "sig", ' "kty": "RSA" ' } ' ] ' } ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject") set json = Server.CreateObject("Chilkat.JsonObject") success = json.Load(jwkStr) ' ------------------------------------------------- ' Load the following.. ' { ' "access_token": "ya29.a0...0f", ' "expires_in": 3599, ' "scope": "openid https://www.googleapis.com/auth/userinfo.email", ' "token_type": "Bearer", ' "id_token": "eyJhb...o5nQ" ' } ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject") set jsonToken = Server.CreateObject("Chilkat.JsonObject") success = jsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( "Failed to load the JSON file...") & "</pre>" Response.End End If ' Get the id_token; ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder") set sbIdToken = Server.CreateObject("Chilkat.StringBuilder") success = sbIdToken.Append(jsonToken.StringOf("id_token")) ' Get the signature in base64url format. ' The header + payload remains in sbIdToken. sig_b64Url = sbIdToken.GetAfterFinal(".",1) headerPlusPayload = sbIdToken.GetAsString() Response.Write "<pre>" & Server.HTMLEncode( sig_b64Url) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( headerPlusPayload) & "</pre>" ' --------------------------------------------- ' Try validating with each cert's public key. ' Hopefully one will be the key that verifies. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Rsa") set rsa = Server.CreateObject("Chilkat.Rsa") rsa.EncodingMode = "base64url" numKeys = json.SizeOfArray("keys") i = 0 Do While i < numKeys json.I = i ' jsonKey is a Chilkat.JsonObject Set jsonKey = json.ObjectOf("keys[i]") ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PublicKey") set pubKey = Server.CreateObject("Chilkat.PublicKey") success = pubKey.LoadFromString(jsonKey.Emit()) If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( pubKey.LastErrorText) & "</pre>" Response.End End If Response.Write "<pre>" & Server.HTMLEncode( i) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( pubKey.GetPem(1)) & "</pre>" success = rsa.ImportPublicKeyObj(pubKey) bVerified = rsa.VerifyStringENC(headerPlusPayload,"sha256",sig_b64Url) Response.Write "<pre>" & Server.HTMLEncode( "bVerified = " & bVerified) & "</pre>" i = i + 1 Loop ' The output is: ' 0 ' -----BEGIN RSA PUBLIC KEY----- ' MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw ' cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz ' 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y ' LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm ' LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ ' 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB ' -----END RSA PUBLIC KEY----- ' ' bVerified = True ' 1 ' -----BEGIN RSA PUBLIC KEY----- ' MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn ' IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB ' Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 ' E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI ' TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg ' 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB ' -----END RSA PUBLIC KEY----- ' ' bVerified = False %> </body> </html> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.