|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Node.js) Verify a Google JWT Using Google's Public KeySee more Google APIs ExamplesDemonstrates how to verify a JWT that was signed using Google's RSA private key. This example verifies the RSA signature. It also does the following:
var os = require('os'); if (os.platform() == 'win32') { if (os.arch() == 'ia32') { var chilkat = require('@chilkat/ck-node21-win-ia32'); } else { var chilkat = require('@chilkat/ck-node21-win64'); } } else if (os.platform() == 'linux') { if (os.arch() == 'arm') { var chilkat = require('@chilkat/ck-node21-arm'); } else if (os.arch() == 'x86') { var chilkat = require('@chilkat/ck-node21-linux32'); } else { var chilkat = require('@chilkat/ck-node21-linux64'); } } else if (os.platform() == 'darwin') { if (os.arch() == 'arm64') { var chilkat = require('@chilkat/ck-node21-mac-m1'); } else { var chilkat = require('@chilkat/ck-node21-macosx'); } } function chilkatExample() { // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. var http = new chilkat.Http(); var sbPubKeys = new chilkat.StringBuilder(); var success = http.QuickGetSb("https://www.googleapis.com/oauth2/v3/certs",sbPubKeys); if (success == false) { console.log(http.LastErrorText); return; } console.log(sbPubKeys.GetAsString()); // Here are the keys: // { // "keys": [ // { // "e": "AQAB", // "n": "4bAT6C6EeX8Dspje3FrAXw-nnhNk04e1RmNa4kjc0CHf6Pk7ryARlwA-6YilyPABqQfYHx60s8oSnxvUVprFfQ2-Q8aAZO7bPKSxnoGlcKERL2oLNA4Msvc89N9Y5ycThZUplf_QC19e6jyYXN6Nz-UnJSCLrtQY8tVhhVRs61j4A2N_p-enAi-r704Qi1-v-DKV4eVRkClKViploo8NyjUaT9L4vbBssPCjyimJzsWnEe1fED5c4LnHeArYzA_FEn3JJotqDIz9t2VnvZNTMhizHEX4VnORlEWMEfR8n4CEHQx7PcQUOmfqyw08gWeXQl1-uTjtIGaE-sRIv9u_vQ", // "kty": "RSA", // "use": "sig", // "alg": "RS256", // "kid": "2af90e87be140c20038898a6efa11283dab6031d" // }, // { // "n": "nzGsrziOYrMVYMpvUZOwkKNiPWcOPTYRYlDSdRW4UpAHdWPbPlyqaaphYhoMB5DXrVxI3bdvm7DOlo-sHNnulmAFQa-7TsQMxrZCvVdAbyXGID9DZYEqf8mkCV1Ohv7WY5lDUqlybIk1OSHdK7-1et0QS8nn-5LojGg8FK4ssLf3mV1APpujl27D1bDhyRb1MGumXYElwlUms7F9p9OcSp5pTevXCLmXs9MJJk4o9E1zzPpQ9Ko0lH9l_UqFpA7vwQhnw0nbh73rXOX2TUDCUqL4ThKU5Z9Pd-eZCEOatKe0mJTpQ00XGACBME_6ojCdfNIJr84Y_IpGKvkAEksn9w", // "use": "sig", // "kid": "87bbe0815b064e6d449cac999f0e50e72a3e4374", // "e": "AQAB", // "alg": "RS256", // "kty": "RSA" // } // ] // } // ------------------------------------------------------------------------------------------- // Replace this with your actual token. // This sample token contains a kid that does not match any of the above Google public keys. // ------------------------------------------------------------------------------------------- var token = "eyJhbGciOiJSUzI1NiIsImtpZCI6IjQyZmY5MGQ3ZDM0OGM5NzM4MWE3YzExOWVmMWY1MzI0ZWEzZjViZWIifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJzdWIiOiIxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExIiwiaWF0IjoxNjExMTE1MTQzLCJleHAiOjE2MTEyMDE1NDMsImF1ZCI6IjQyOTc1NzExNTE0ODg0OSJ9.pLem5i0bx3M7lJYj7jKv2Nq7c07X5YpZz-x1uM5RniW-v4LsX-lKIVvOq2x3-WoPqkzLXJfP0kG0dx1uD2q1NfFQK60YwKH4FnFtB6INnUP1dRVpP9_pTTKyAE28I3s5Tay4PbPdrCl7ZLCIJzCfpCW1TiWeVoPjp5HgZKTBHdP_sEkN_yO5dQerQXAkFJkV3kNgF9jI3ayT-KPqOIH6GVoWXjHFDyA2EYgJPEFRo5WSe6XycJ85p5duwT-OoBcb_kJZG9PxYd91eHlPCzp8vGxzIb2dVROCBxyM8e8W0cd9v15hfmpg9R-eG9vCM5y63ZLChZLFeHFx0Pd7hvAqfKg"; var jwt = new chilkat.Jwt(); var header = jwt.GetHeader(token); console.log(header); // Sample header: // {"alg":"RS256","kid":"87bbe0815b064e6d449cac999f0e50e72a3e4374"} // Load the public key matching the "kid" into a Chilkat public key object, then verify.. var json = new chilkat.JsonObject(); json.Load(header); var kid = json.StringOf("kid"); console.log("kid = " + kid); var jsonPubKeys = new chilkat.JsonObject(); jsonPubKeys.LoadSb(sbPubKeys); // jsonKey: JsonObject var jsonKey = jsonPubKeys.FindRecord("keys","kid",kid,true); if (jsonPubKeys.LastMethodSuccess == false) { console.log("Did not find a matching public key based on the kid."); return; } console.log(jsonKey.Emit()); // Load the matching public key into a Chilkat public key object. var pubKey = new chilkat.PublicKey(); success = pubKey.LoadFromString(jsonKey.Emit()); if (success == false) { console.log(pubKey.LastErrorText); return; } // ---------------------------------------------------------------------------------------- // Now we can validate the JWT using Google's public key as shown in this example: // (Except we use the public key obtained as shown above instead of a public key loaded from a PEM file. // // See Verify JWT Using an RSA Public Key } chilkatExample(); |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.