|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Perl) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
use chilkat(); # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. $http = chilkat::CkHttp->new(); # First get the public key we'll be needing.. $jwkStr = $http->quickGetStr("https://www.googleapis.com/oauth2/v3/certs"); if ($http->get_LastMethodSuccess() == 0) { print $http->lastErrorText() . "\r\n"; exit; } # We have the following: # { # "keys": [ # { # "kid": "e8732db06287515556213b80acbcfd08cfb302a9", # "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", # "kty": "RSA", # "e": "AQAB", # "alg": "RS256", # "use": "sig" # }, # { # "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", # "e": "AQAB", # "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", # "alg": "RS256", # "use": "sig", # "kty": "RSA" # } # ] # } $json = chilkat::CkJsonObject->new(); $success = $json->Load($jwkStr); # ------------------------------------------------- # Load the following.. # { # "access_token": "ya29.a0...0f", # "expires_in": 3599, # "scope": "openid https://www.googleapis.com/auth/userinfo.email", # "token_type": "Bearer", # "id_token": "eyJhb...o5nQ" # } $jsonToken = chilkat::CkJsonObject->new(); $success = $jsonToken->LoadFile("qa_data/tokens/google_sample_id_token.json"); if ($success == 0) { print "Failed to load the JSON file..." . "\r\n"; exit; } # Get the id_token; $sbIdToken = chilkat::CkStringBuilder->new(); $success = $sbIdToken->Append($jsonToken->stringOf("id_token")); # Get the signature in base64url format. # The header + payload remains in sbIdToken. $sig_b64Url = $sbIdToken->getAfterFinal(".",1); $headerPlusPayload = $sbIdToken->getAsString(); print $sig_b64Url . "\r\n"; print $headerPlusPayload . "\r\n"; # --------------------------------------------- # Try validating with each cert's public key. # Hopefully one will be the key that verifies. $rsa = chilkat::CkRsa->new(); $rsa->put_EncodingMode("base64url"); $numKeys = $json->SizeOfArray("keys"); $i = 0; while ($i < $numKeys) { $json->put_I($i); # jsonKey is a JsonObject $jsonKey = $json->ObjectOf("keys[i]"); $pubKey = chilkat::CkPublicKey->new(); $success = $pubKey->LoadFromString($jsonKey->emit()); if ($success == 0) { print $pubKey->lastErrorText() . "\r\n"; exit; } print $i . "\r\n"; print $pubKey->getPem(1) . "\r\n"; $success = $rsa->ImportPublicKeyObj($pubKey); $bVerified = $rsa->VerifyStringENC($headerPlusPayload,"sha256",$sig_b64Url); print "bVerified = " . $bVerified . "\r\n"; $i = $i + 1; } # The output is: # 0 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw # cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz # 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y # LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm # LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ # 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = True # 1 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn # IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB # Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 # E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI # TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg # 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = False |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.