|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Visual FoxPro) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
LOCAL loHttp LOCAL lcJwkStr LOCAL loJson LOCAL lnSuccess LOCAL loJsonToken LOCAL loSbIdToken LOCAL lcSig_b64Url LOCAL lcHeaderPlusPayload LOCAL loRsa LOCAL lnNumKeys LOCAL i LOCAL loJsonKey LOCAL loPubKey LOCAL lnBVerified * This example requires the Chilkat API to have been previously unlocked. * See Global Unlock Sample for sample code. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http') loHttp = CreateObject('Chilkat.Http') * First get the public key we'll be needing.. lcJwkStr = loHttp.QuickGetStr("https://www.googleapis.com/oauth2/v3/certs") IF (loHttp.LastMethodSuccess = 0) THEN ? loHttp.LastErrorText RELEASE loHttp CANCEL ENDIF * We have the following: * { * "keys": [ * { * "kid": "e8732db06287515556213b80acbcfd08cfb302a9", * "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", * "kty": "RSA", * "e": "AQAB", * "alg": "RS256", * "use": "sig" * }, * { * "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", * "e": "AQAB", * "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", * "alg": "RS256", * "use": "sig", * "kty": "RSA" * } * ] * } * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject') loJson = CreateObject('Chilkat.JsonObject') lnSuccess = loJson.Load(lcJwkStr) * ------------------------------------------------- * Load the following.. * { * "access_token": "ya29.a0...0f", * "expires_in": 3599, * "scope": "openid https://www.googleapis.com/auth/userinfo.email", * "token_type": "Bearer", * "id_token": "eyJhb...o5nQ" * } * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject') loJsonToken = CreateObject('Chilkat.JsonObject') lnSuccess = loJsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") IF (lnSuccess = 0) THEN ? "Failed to load the JSON file..." RELEASE loHttp RELEASE loJson RELEASE loJsonToken CANCEL ENDIF * Get the id_token; * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder') loSbIdToken = CreateObject('Chilkat.StringBuilder') lnSuccess = loSbIdToken.Append(loJsonToken.StringOf("id_token")) * Get the signature in base64url format. * The header + payload remains in sbIdToken. lcSig_b64Url = loSbIdToken.GetAfterFinal(".",1) lcHeaderPlusPayload = loSbIdToken.GetAsString() ? lcSig_b64Url ? lcHeaderPlusPayload * --------------------------------------------- * Try validating with each cert's public key. * Hopefully one will be the key that verifies. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Rsa') loRsa = CreateObject('Chilkat.Rsa') loRsa.EncodingMode = "base64url" lnNumKeys = loJson.SizeOfArray("keys") i = 0 DO WHILE i < lnNumKeys loJson.I = i loJsonKey = loJson.ObjectOf("keys[i]") * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.PublicKey') loPubKey = CreateObject('Chilkat.PublicKey') lnSuccess = loPubKey.LoadFromString(loJsonKey.Emit()) IF (lnSuccess = 0) THEN ? loPubKey.LastErrorText RELEASE loHttp RELEASE loJson RELEASE loJsonToken RELEASE loSbIdToken RELEASE loRsa RELEASE loPubKey CANCEL ENDIF ? STR(i) ? loPubKey.GetPem(1) RELEASE loJsonKey lnSuccess = loRsa.ImportPublicKeyObj(loPubKey) lnBVerified = loRsa.VerifyStringENC(lcHeaderPlusPayload,"sha256",lcSig_b64Url) ? "bVerified = " + STR(lnBVerified) i = i + 1 ENDDO * The output is: * 0 * -----BEGIN RSA PUBLIC KEY----- * MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw * cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz * 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y * LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm * LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ * 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB * -----END RSA PUBLIC KEY----- * * bVerified = True * 1 * -----BEGIN RSA PUBLIC KEY----- * MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn * IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB * Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 * E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI * TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg * 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB * -----END RSA PUBLIC KEY----- * * bVerified = False RELEASE loHttp RELEASE loJson RELEASE loJsonToken RELEASE loSbIdToken RELEASE loRsa RELEASE loPubKey |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.