Objective-C
Objective-C
PRODA Get OAuth2 Access Token using JWT
See more PRODA Examples
Demonstrates how to get an OAuth2 access token for the PRODA Australian Government Online Services using a JWT.Chilkat Objective-C Downloads
#import <CkoPrivateKey.h>
#import <CkoJwt.h>
#import <CkoJsonObject.h>
#import <NSString.h>
#import <CkoHttp.h>
#import <CkoHttpRequest.h>
#import <CkoHttpResponse.h>
BOOL success = NO;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First create a JWT to be sent in the POST to https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token
CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
// Load an RSA private key from a PEM file.
// Chilkat provides alternative methods to load from other formats, or to load from a string or binary data.
success = [privKey LoadEncryptedPemFile: @"qa_data/pem/rsa_passwd.pem" password: @"passwd"];
if (success == NO) {
NSLog(@"%@",privKey.LastErrorText);
return;
}
CkoJwt *jwt = [[CkoJwt alloc] init];
// Build the JOSE header
CkoJsonObject *jose = [[CkoJsonObject alloc] init];
// Use RS256. Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
success = [jose AppendString: @"alg" value: @"RS256"];
success = [jose AppendString: @"typ" value: @"JWT"];
success = [jose AppendString: @"kid" value: @"test-device"];
// Now build the JWT claims (also known as the payload)
CkoJsonObject *claims = [[CkoJsonObject alloc] init];
success = [claims AppendString: @"iss" value: @"9646844092"];
success = [claims AppendString: @"sub" value: @"test-device"];
success = [claims AppendString: @"aud" value: @"https://proda.humanservices.gov.au"];
// Set the timestamp of when the JWT was created to now.
int curDateTime = [[jwt GenNumericDate: [NSNumber numberWithInt: 0]] intValue];
success = [claims AddIntAt: [NSNumber numberWithInt: -1] name: @"iat" value: [NSNumber numberWithInt: curDateTime]];
// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
success = [claims AddIntAt: [NSNumber numberWithInt: -1] name: @"exp" value: [NSNumber numberWithInt: (curDateTime + 3600)]];
// Produce the smallest possible JWT:
jwt.AutoCompact = YES;
// Create the JWT token. This is where the RSA signature is created.
NSString *jwtToken = [jwt CreateJwtPk: [jose Emit] payload: [claims Emit] key: privKey];
// ---------------------------------------------------------------------
// Build and send the POST, which should look something like this:
// POST https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token HTTP/1.1
// Content-Type: application/x-www-form-urlencoded
// Content-Length: 666
// Host: vnd.proda.humanservices.gov.au
//
// grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=<jwt>&client_id=VendorClient03
CkoHttp *http = [[CkoHttp alloc] init];
CkoHttpRequest *req = [[CkoHttpRequest alloc] init];
req.HttpVerb = @"POST";
req.ContentType = @"application/x-www-form-urlencoded";
// Add the request params.
[req AddParam: @"grant_type" value: @"urn:ietf:params:oauth:grant-type:jwt-bearer"];
[req AddParam: @"assertion" value: jwtToken];
[req AddParam: @"client_id" value: @"VendorClient03"];
CkoHttpResponse *resp = [[CkoHttpResponse alloc] init];
success = [http HttpReq: @"https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token" request: req response: resp];
if (success == NO) {
NSLog(@"%@",http.LastErrorText);
return;
}
NSLog(@"%@%d",@"Response status code = ",[resp.StatusCode intValue]);
NSLog(@"%@",@"Response body:");
NSLog(@"%@",resp.BodyStr);