![]() |
Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(DataFlex) Validate JWS Using HMAC SHA-256Validates a JSON Web Signature (JWS) using HMAC SHA-256. Note: This example requires Chilkat v11.0.0 or greater.
Use ChilkatAx-win32.pkg Procedure Test Boolean iSuccess Handle hoJws String sHmacKey Integer iSignatureIndex String sJwsCompact Integer v Variant vJoseHeader Handle hoJoseHeader String sTemp1 Move False To iSuccess // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // This example takes a JSON signature in compact serialization format, // and uses a MAC key to validate and recover the protected header and payload. Get Create (RefClass(cComChilkatJws)) To hoJws If (Not(IsComObjectCreated(hoJws))) Begin Send CreateComObject of hoJws End // Set the HMAC key: Move "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow" To sHmacKey Move 0 To iSignatureIndex Get ComSetMacKey Of hoJws iSignatureIndex sHmacKey "base64url" To iSuccess // Load the JWS. Move "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" To sJwsCompact Get ComLoadJws Of hoJws sJwsCompact To iSuccess // Validate the 1st (and only) signature at index 0.. Get ComValidate Of hoJws iSignatureIndex To v If (v < 0) Begin // Perhaps Chilkat was not unlocked or the trial expired.. Showln "Method call failed for some other reason." Get ComLastErrorText Of hoJws To sTemp1 Showln sTemp1 Procedure_Return End If (v = 0) Begin Showln "Invalid signature. The MAC key was incorrect, the JWS was invalid, or both." Procedure_Return End // If we get here, the signature was validated.. Showln "Signature validated." // Recover the original content: Showln "Recovered content:" Get ComGetPayload Of hoJws "utf-8" To sTemp1 Showln sTemp1 // Examine the protected header: Get Create (RefClass(cComChilkatJsonObject)) To hoJoseHeader If (Not(IsComObjectCreated(hoJoseHeader))) Begin Send CreateComObject of hoJoseHeader End Get pvComObject of hoJoseHeader to vJoseHeader Get ComGetProtectedH Of hoJws iSignatureIndex vJoseHeader To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoJws To sTemp1 Showln sTemp1 Procedure_Return End Set ComEmitCompact Of hoJoseHeader To False Showln "Protected (JOSE) header:" Get ComEmit Of hoJoseHeader To sTemp1 Showln sTemp1 // Output: // Signature validated. // Recovered content: // {"iss":"joe", // "exp":1300819380, // "http://example.com/is_root":true} // Protected (JOSE) header: // { // "typ": "JWT", // "alg": "HS256" // } End_Procedure |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.