|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Chilkat2-Python) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
import sys import chilkat2 # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. http = chilkat2.Http() # First get the public key we'll be needing.. jwkStr = http.QuickGetStr("https://www.googleapis.com/oauth2/v3/certs") if (http.LastMethodSuccess == False): print(http.LastErrorText) sys.exit() # We have the following: # { # "keys": [ # { # "kid": "e8732db06287515556213b80acbcfd08cfb302a9", # "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", # "kty": "RSA", # "e": "AQAB", # "alg": "RS256", # "use": "sig" # }, # { # "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", # "e": "AQAB", # "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", # "alg": "RS256", # "use": "sig", # "kty": "RSA" # } # ] # } json = chilkat2.JsonObject() success = json.Load(jwkStr) # ------------------------------------------------- # Load the following.. # { # "access_token": "ya29.a0...0f", # "expires_in": 3599, # "scope": "openid https://www.googleapis.com/auth/userinfo.email", # "token_type": "Bearer", # "id_token": "eyJhb...o5nQ" # } jsonToken = chilkat2.JsonObject() success = jsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") if (success == False): print("Failed to load the JSON file...") sys.exit() # Get the id_token; sbIdToken = chilkat2.StringBuilder() success = sbIdToken.Append(jsonToken.StringOf("id_token")) # Get the signature in base64url format. # The header + payload remains in sbIdToken. sig_b64Url = sbIdToken.GetAfterFinal(".",True) headerPlusPayload = sbIdToken.GetAsString() print(sig_b64Url) print(headerPlusPayload) # --------------------------------------------- # Try validating with each cert's public key. # Hopefully one will be the key that verifies. rsa = chilkat2.Rsa() rsa.EncodingMode = "base64url" numKeys = json.SizeOfArray("keys") i = 0 while i < numKeys : json.I = i # jsonKey is a CkJsonObject jsonKey = json.ObjectOf("keys[i]") pubKey = chilkat2.PublicKey() success = pubKey.LoadFromString(jsonKey.Emit()) if (success == False): print(pubKey.LastErrorText) sys.exit() print(str(i)) print(pubKey.GetPem(True)) success = rsa.ImportPublicKeyObj(pubKey) bVerified = rsa.VerifyStringENC(headerPlusPayload,"sha256",sig_b64Url) print("bVerified = " + str(bVerified)) i = i + 1 # The output is: # 0 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw # cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz # 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y # LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm # LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ # 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = True # 1 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn # IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB # Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 # E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI # TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg # 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = False |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.