Sample code for 30+ languages & platforms
Visual FoxPro

Verify JWT Using an ECC Public Key (ES256, ES384, ES512)

See more JSON Web Token (JWT) Examples

Demonstrates how to verify a JWT that was signed using an ECC private key.

This example verifies the ECC signature. It also does the following:

  • Checks to see if the time constraints ("nbf" and "exp") are valid.
  • Recovers the original JOSE header.
  • Recovers the original claims JSON.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loPubKey
LOCAL loJwt
LOCAL lcToken
LOCAL lnSigVerified
LOCAL lnLeeway
LOCAL lnBTimeValid
LOCAL lcPayload
LOCAL loJson
LOCAL lcJoseHeader

lnSuccess = 0

* Demonstrates how to verify an JWT using an ECC public key.

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

loPubKey = CreateObject('Chilkat.PublicKey')
lnSuccess = loPubKey.LoadFromFile("qa_data/pem/ecc_public.pem")

loJwt = CreateObject('Chilkat.Jwt')

lcToken = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5vcmciLCJzdWIiOiJKb2huIiwiYXVkIjoiaHR0cDovL2V4YW1wbGUuY29tIiwiaWF0IjoxNDg1NzA4NzkyLCJuYmYiOjE0ODU3MDg3OTIsImV4cCI6MTQ4NTcxMjM5Mn0.wqsuyJpxJ073ox-lOiLFqG1lQocXe4hGf2XGZJRrO3qn0UusxI_bu3Gzky8gBsH4sA4u9TWZn5M-1wYMMIJk6Q"

* First verify the signature.
lnSigVerified = loJwt.VerifyJwtPk(lcToken,loPubKey)
? "verified: " + STR(lnSigVerified)

* Let's see if the time constraints, if any, are valid.
* The above JWT was created on the afternoon of 16-May-2016, with an expiration of 1 hour.
* If the current system time is before the "nbf" time, or after the "exp" time,
* then IsTimeValid will return false/0.
* Also, we'll allow a leeway of 60 seconds to account for any clock skew.
* Note: If the token has no "nbf" or "exp" claim fields, then IsTimeValid is always true.
lnLeeway = 60
lnBTimeValid = loJwt.IsTimeValid(lcToken,lnLeeway)
? "time constraints valid: " + STR(lnBTimeValid)

* Now let's recover the original claims JSON (the payload).
lcPayload = loJwt.GetPayload(lcToken)
* The payload will likely be in compact form:
? lcPayload

* We can format for human viewing by loading it into Chilkat's JSON object
* and emit.
loJson = CreateObject('Chilkat.JsonObject')
lnSuccess = loJson.Load(lcPayload)
loJson.EmitCompact = 0
? loJson.Emit()

* We can recover the original JOSE header in the same way:
lcJoseHeader = loJwt.GetHeader(lcToken)
* The payload will likely be in compact form:
? lcJoseHeader

* We can format for human viewing by loading it into Chilkat's JSON object
* and emit.
lnSuccess = loJson.Load(lcJoseHeader)
loJson.EmitCompact = 0
? loJson.Emit()

RELEASE loPubKey
RELEASE loJwt
RELEASE loJson