|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(DataFlex) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
Use ChilkatAx-win32.pkg Procedure Test Handle hoHttp String sJwkStr Handle hoJson Boolean iSuccess Handle hoJsonToken Handle hoSbIdToken String sSig_b64Url String sHeaderPlusPayload Handle hoRsa Integer iNumKeys Integer i Variant vJsonKey Handle hoJsonKey Variant vPubKey Handle hoPubKey Boolean iBVerified String sTemp1 Boolean bTemp1 // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. Get Create (RefClass(cComChilkatHttp)) To hoHttp If (Not(IsComObjectCreated(hoHttp))) Begin Send CreateComObject of hoHttp End // First get the public key we'll be needing.. Get ComQuickGetStr Of hoHttp "https://www.googleapis.com/oauth2/v3/certs" To sJwkStr Get ComLastMethodSuccess Of hoHttp To bTemp1 If (bTemp1 = False) Begin Get ComLastErrorText Of hoHttp To sTemp1 Showln sTemp1 Procedure_Return End // We have the following: // { // "keys": [ // { // "kid": "e8732db06287515556213b80acbcfd08cfb302a9", // "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", // "kty": "RSA", // "e": "AQAB", // "alg": "RS256", // "use": "sig" // }, // { // "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", // "e": "AQAB", // "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", // "alg": "RS256", // "use": "sig", // "kty": "RSA" // } // ] // } Get Create (RefClass(cComChilkatJsonObject)) To hoJson If (Not(IsComObjectCreated(hoJson))) Begin Send CreateComObject of hoJson End Get ComLoad Of hoJson sJwkStr To iSuccess // ------------------------------------------------- // Load the following.. // { // "access_token": "ya29.a0...0f", // "expires_in": 3599, // "scope": "openid https://www.googleapis.com/auth/userinfo.email", // "token_type": "Bearer", // "id_token": "eyJhb...o5nQ" // } Get Create (RefClass(cComChilkatJsonObject)) To hoJsonToken If (Not(IsComObjectCreated(hoJsonToken))) Begin Send CreateComObject of hoJsonToken End Get ComLoadFile Of hoJsonToken "qa_data/tokens/google_sample_id_token.json" To iSuccess If (iSuccess = False) Begin Showln "Failed to load the JSON file..." Procedure_Return End // Get the id_token; Get Create (RefClass(cComChilkatStringBuilder)) To hoSbIdToken If (Not(IsComObjectCreated(hoSbIdToken))) Begin Send CreateComObject of hoSbIdToken End Get ComStringOf Of hoJsonToken "id_token" To sTemp1 Get ComAppend Of hoSbIdToken sTemp1 To iSuccess // Get the signature in base64url format. // The header + payload remains in sbIdToken. Get ComGetAfterFinal Of hoSbIdToken "." True To sSig_b64Url Get ComGetAsString Of hoSbIdToken To sHeaderPlusPayload Showln sSig_b64Url Showln sHeaderPlusPayload // --------------------------------------------- // Try validating with each cert's public key. // Hopefully one will be the key that verifies. Get Create (RefClass(cComChilkatRsa)) To hoRsa If (Not(IsComObjectCreated(hoRsa))) Begin Send CreateComObject of hoRsa End Set ComEncodingMode Of hoRsa To "base64url" Get ComSizeOfArray Of hoJson "keys" To iNumKeys Move 0 To i While (i < iNumKeys) Set ComI Of hoJson To i Get ComObjectOf Of hoJson "keys[i]" To vJsonKey If (IsComObject(vJsonKey)) Begin Get Create (RefClass(cComChilkatJsonObject)) To hoJsonKey Set pvComObject Of hoJsonKey To vJsonKey End Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey If (Not(IsComObjectCreated(hoPubKey))) Begin Send CreateComObject of hoPubKey End Get ComEmit Of hoJsonKey To sTemp1 Get ComLoadFromString Of hoPubKey sTemp1 To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoPubKey To sTemp1 Showln sTemp1 Procedure_Return End Showln i Get ComGetPem Of hoPubKey True To sTemp1 Showln sTemp1 Send Destroy of hoJsonKey Get pvComObject of hoPubKey to vPubKey Get ComImportPublicKeyObj Of hoRsa vPubKey To iSuccess Get ComVerifyStringENC Of hoRsa sHeaderPlusPayload "sha256" sSig_b64Url To iBVerified Showln "bVerified = " iBVerified Move (i + 1) To i Loop // The output is: // 0 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw // cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz // 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y // LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm // LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ // 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = True // 1 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn // IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB // Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 // E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI // TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg // 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = False End_Procedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.