![]() |
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Classic ASP) Validate JWS Using HMAC SHA-256Validates a JSON Web Signature (JWS) using HMAC SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <% ' This requires the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. ' Note: This example requires Chilkat v9.5.0.66 or greater. ' This example takes a JSON signature in compact serialization format, ' and uses a MAC key to validate and recover the protected header and payload. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Jws") set jws = Server.CreateObject("Chilkat.Jws") ' Set the HMAC key: hmacKey = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow" signatureIndex = 0 success = jws.SetMacKey(signatureIndex,hmacKey,"base64url") ' Load the JWS. jwsCompact = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" success = jws.LoadJws(jwsCompact) ' Validate the 1st (and only) signature at index 0.. v = jws.Validate(signatureIndex) If (v < 0) Then ' Perhaps Chilkat was not unlocked or the trial expired.. Response.Write "<pre>" & Server.HTMLEncode( "Method call failed for some other reason.") & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( jws.LastErrorText) & "</pre>" Response.End End If If (v = 0) Then Response.Write "<pre>" & Server.HTMLEncode( "Invalid signature. The MAC key was incorrect, the JWS was invalid, or both.") & "</pre>" Response.End End If ' If we get here, the signature was validated.. Response.Write "<pre>" & Server.HTMLEncode( "Signature validated.") & "</pre>" ' Recover the original content: Response.Write "<pre>" & Server.HTMLEncode( "Recovered content:") & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( jws.GetPayload("utf-8")) & "</pre>" ' Examine the protected header: ' joseHeader is a Chilkat.JsonObject Set joseHeader = jws.GetProtectedHeader(signatureIndex) If (jws.LastMethodSuccess <> 1) Then Response.Write "<pre>" & Server.HTMLEncode( "No protected header found at the given index.") & "</pre>" Response.End End If joseHeader.EmitCompact = 0 Response.Write "<pre>" & Server.HTMLEncode( "Protected (JOSE) header:") & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( joseHeader.Emit()) & "</pre>" ' Output: ' Signature validated. ' Recovered content: ' {"iss":"joe", ' "exp":1300819380, ' "http://example.com/is_root":true} ' Protected (JOSE) header: ' { ' "typ": "JWT", ' "alg": "HS256" ' } %> </body> </html> |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.