Delphi ActiveX
Delphi ActiveX
Decode Microsoft Graph ID Token
See more Microsoft Graph Examples
Demonstrates how to decode a Microsoft Graph ID token.Chilkat Delphi ActiveX Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
jsonToken: TChilkatJsonObject;
jwt: TChilkatJwt;
idToken: WideString;
jose: WideString;
jsonHeader: TChilkatJsonObject;
claims: WideString;
jsonClaims: TChilkatJsonObject;
ver: WideString;
iss: WideString;
s_sub: WideString;
aud: WideString;
exp: Integer;
iat: Integer;
nbf: Integer;
name: WideString;
preferred_username: WideString;
oid: WideString;
tid: WideString;
aio: WideString;
begin
success := 0;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// In a previous example, we obtained a Microsoft Graph OAuth2 access token.
// This example loads the JSON saved from the previous example and decodes the id_token.
// Our Microsoft Graph OAuth2 token looks like this:
// {
// "token_type": "Bearer",
// "scope": "openid profile User.ReadWrite Mail.ReadWrite Mail.Send Files.ReadWrite User.Read Calendars.ReadWrite Group.ReadWrite.All",
// "expires_in": 3600,
// "ext_expires_in": 3600,
// "access_token": "EwCQA8l6...0HhMKYwC",
// "refresh_token": "MCWulIvzi2yD0S...igEFn51mqcByhZtAJg",
// "id_token": "eyJ0eXAiOiJKV1...Q7lRDaR-7A",
// "expires_on": "1562862714"
// }
jsonToken := TChilkatJsonObject.Create(Self);
success := jsonToken.LoadFile('qa_data/tokens/microsoftGraph.json');
if (success = 0) then
begin
Memo1.Lines.Add('Failed to load the JSON file...');
Exit;
end;
// Use Chilkat's JWT API to examine the id_token..
jwt := TChilkatJwt.Create(Self);
idToken := jsonToken.StringOf('id_token');
// Extract the JOSE header..
jose := jwt.GetHeader(idToken);
jsonHeader := TChilkatJsonObject.Create(Self);
jsonHeader.Load(jose);
jsonHeader.EmitCompact := 0;
Memo1.Lines.Add(jsonHeader.Emit());
// The JOSE header looks like this:
// {
// "typ": "JWT",
// "alg": "RS256",
// "kid": "1LTMzakihiRla_8z2BEJVXeWMqo"
// }
claims := jwt.GetPayload(idToken);
jsonClaims := TChilkatJsonObject.Create(Self);
jsonClaims.Load(claims);
jsonClaims.EmitCompact := 0;
Memo1.Lines.Add(jsonClaims.Emit());
// The claims look like this:
// {
// "ver": "2.0",
// "iss": "https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0",
// "sub": "AAAAAAAAAAAAAAAAAAAAAHJFryd6Gydo-XtTd1nhUNQ",
// "aud": "18c456bd-db75-43fe-9724-9e5d821c68ff",
// "exp": 1562945513,
// "iat": 1562858813,
// "nbf": 1562858813,
// "name": "Matt Chilkat",
// "preferred_username": "matt@example.com",
// "oid": "00000000-0000-0000-3a33-fceb9b74cc15",
// "tid": "9188040d-6c67-4c5b-b112-36a304b66dad",
// "aio": "DfibJqKnWC1c0FS6G ... W6pvTrQuYzyq16ghY$"
// }
//
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// Get each of the claims..
ver := jsonClaims.StringOf('ver');
iss := jsonClaims.StringOf('iss');
s_sub := jsonClaims.StringOf('sub');
aud := jsonClaims.StringOf('aud');
exp := jsonClaims.IntOf('exp');
iat := jsonClaims.IntOf('iat');
nbf := jsonClaims.IntOf('nbf');
name := jsonClaims.StringOf('name');
preferred_username := jsonClaims.StringOf('preferred_username');
oid := jsonClaims.StringOf('oid');
tid := jsonClaims.StringOf('tid');
aio := jsonClaims.StringOf('aio');
end;