Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Delphi DLL) Add Custom Claims to JWT for Google Service Account OAuth2Demonstrates how add custom claims to the JWT when getting a Google API OAuth2 access token using a JSON service account private key.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, FileAccess, AuthGoogle, JsonObject, Socket; ... procedure TForm1.Button1Click(Sender: TObject); var fac: HCkFileAccess; jsonKey: PWideChar; gAuth: HCkAuthGoogle; moreClaims: HCkJsonObject; tlsSock: HCkSocket; success: Boolean; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // First load the JSON key into a string. fac := CkFileAccess_Create(); jsonKey := CkFileAccess__readEntireTextFile(fac,'qa_data/googleApi/ChilkatTest-ab2ecd52ef98.json','utf-8'); if (CkFileAccess_getLastMethodSuccess(fac) <> True) then begin Memo1.Lines.Add(CkFileAccess__lastErrorText(fac)); Exit; end; // A JSON private key should look like this: // { // "type": "service_account", // "project_id": "chilkattest-1350", // "private_key_id": "fa2e36ee26986eab628b59868af8bec1d1c64c38", // "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIjFa...28N64N2n1E4FYzBZjSdy\n-----END PRIVATE KEY-----\n", // "client_email": "598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a@developer.gserviceaccount.com", // "client_id": "598922945226-00rb0ppfg0snd9jo7bhvd4v17jtj2d3a.apps.googleusercontent.com", // "auth_uri": "https://accounts.google.com/o/oauth2/auth", // "token_uri": "https://accounts.google.com/o/oauth2/token", // "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", // "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a%40developer.gserviceaccount.com" // } gAuth := CkAuthGoogle_Create(); CkAuthGoogle_putJsonKey(gAuth,jsonKey); // Choose a scope. CkAuthGoogle_putScope(gAuth,'https://www.googleapis.com/auth/cloud-platform'); // Request an access token that is valid for this many seconds. CkAuthGoogle_putExpireNumSeconds(gAuth,3600); // If the application is requesting delegated access: // The email address of the user for which the application is requesting delegated access, // then set the email address here. (Otherwise leave it empty.) CkAuthGoogle_putSubEmailAddress(gAuth,''); // -------------------------------------------------------------------------------------- // To add custom claims, create JSON containing the claims to be added and call AddClaims. moreClaims := CkJsonObject_Create(); CkJsonObject_UpdateString(moreClaims,'claimAbc','valueAbc'); CkJsonObject_UpdateString(moreClaims,'claimXyz','valueXyz'); // ... CkAuthGoogle_AddClaims(gAuth,moreClaims); // -------------------------------------------------------------------------------------- // Connect to www.googleapis.com using TLS (TLS 1.2 is the default.) // The Chilkat socket object is used so that the connection can be established // through proxies or an SSH tunnel if desired. tlsSock := CkSocket_Create(); success := CkSocket_Connect(tlsSock,'www.googleapis.com',443,True,5000); if (success <> True) then begin Memo1.Lines.Add(CkSocket__lastErrorText(tlsSock)); Exit; end; // Send the request to obtain the access token. success := CkAuthGoogle_ObtainAccessToken(gAuth,tlsSock); if (success <> True) then begin Memo1.Lines.Add(CkAuthGoogle__lastErrorText(gAuth)); Exit; end; // Examine the access token: Memo1.Lines.Add('Access Token: ' + CkAuthGoogle__accessToken(gAuth)); CkFileAccess_Dispose(fac); CkAuthGoogle_Dispose(gAuth); CkJsonObject_Dispose(moreClaims); CkSocket_Dispose(tlsSock); end; |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.