Sample code for 30+ languages & platforms
Classic ASP

PRODA Get OAuth2 Access Token using JWT

See more PRODA Examples

Demonstrates how to get an OAuth2 access token for the PRODA Australian Government Online Services using a JWT.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' First create a JWT to be sent in the POST to https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token

set privKey = Server.CreateObject("Chilkat.PrivateKey")

' Load an RSA private key from a PEM file.
' Chilkat provides alternative methods to load from other formats, or to load from a string or binary data.
success = privKey.LoadEncryptedPemFile("qa_data/pem/rsa_passwd.pem","passwd")
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( privKey.LastErrorText) & "</pre>"
    Response.End
End If

set jwt = Server.CreateObject("Chilkat.Jwt")

' Build the JOSE header
set jose = Server.CreateObject("Chilkat.JsonObject")
' Use RS256.  Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
success = jose.AppendString("alg","RS256")
success = jose.AppendString("typ","JWT")
success = jose.AppendString("kid","test-device")

' Now build the JWT claims (also known as the payload)
set claims = Server.CreateObject("Chilkat.JsonObject")
success = claims.AppendString("iss","9646844092")
success = claims.AppendString("sub","test-device")
success = claims.AppendString("aud","https://proda.humanservices.gov.au")

' Set the timestamp of when the JWT was created to now.
curDateTime = jwt.GenNumericDate(0)
success = claims.AddIntAt(-1,"iat",curDateTime)

' Set the timestamp defining an expiration time (end time) for the token
' to be now + 1 hour (3600 seconds)
success = claims.AddIntAt(-1,"exp",curDateTime + 3600)

' Produce the smallest possible JWT:
jwt.AutoCompact = 1

' Create the JWT token.  This is where the RSA signature is created.
jwtToken = jwt.CreateJwtPk(jose.Emit(),claims.Emit(),privKey)

' ---------------------------------------------------------------------
' Build and send the POST, which should look something like this:

' POST https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token HTTP/1.1
' Content-Type: application/x-www-form-urlencoded
' Content-Length: 666
' Host: vnd.proda.humanservices.gov.au
' 
' grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=<jwt>&client_id=VendorClient03

set http = Server.CreateObject("Chilkat.Http")

set req = Server.CreateObject("Chilkat.HttpRequest")
req.HttpVerb = "POST"
req.ContentType = "application/x-www-form-urlencoded"

' Add the request params.
req.AddParam "grant_type","urn:ietf:params:oauth:grant-type:jwt-bearer"
req.AddParam "assertion",jwtToken
req.AddParam "client_id","VendorClient03"

set resp = Server.CreateObject("Chilkat.HttpResponse")
success = http.HttpReq("https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token",req,resp)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( "Response status code = " & resp.StatusCode) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "Response body:") & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( resp.BodyStr) & "</pre>"

%>
</body>
</html>