|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PowerBuilder) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
integer li_rc oleobject loo_Http string ls_JwkStr oleobject loo_Json integer li_Success oleobject loo_JsonToken oleobject loo_SbIdToken string ls_Sig_b64Url string ls_HeaderPlusPayload oleobject loo_Rsa integer li_NumKeys integer i oleobject loo_JsonKey oleobject loo_PubKey integer li_BVerified // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. loo_Http = create oleobject // Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 li_rc = loo_Http.ConnectToNewObject("Chilkat.Http") if li_rc < 0 then destroy loo_Http MessageBox("Error","Connecting to COM object failed") return end if // First get the public key we'll be needing.. ls_JwkStr = loo_Http.QuickGetStr("https://www.googleapis.com/oauth2/v3/certs") if loo_Http.LastMethodSuccess = 0 then Write-Debug loo_Http.LastErrorText destroy loo_Http return end if // We have the following: // { // "keys": [ // { // "kid": "e8732db06287515556213b80acbcfd08cfb302a9", // "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", // "kty": "RSA", // "e": "AQAB", // "alg": "RS256", // "use": "sig" // }, // { // "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", // "e": "AQAB", // "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", // "alg": "RS256", // "use": "sig", // "kty": "RSA" // } // ] // } loo_Json = create oleobject // Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 li_rc = loo_Json.ConnectToNewObject("Chilkat.JsonObject") li_Success = loo_Json.Load(ls_JwkStr) // ------------------------------------------------- // Load the following.. // { // "access_token": "ya29.a0...0f", // "expires_in": 3599, // "scope": "openid https://www.googleapis.com/auth/userinfo.email", // "token_type": "Bearer", // "id_token": "eyJhb...o5nQ" // } loo_JsonToken = create oleobject // Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 li_rc = loo_JsonToken.ConnectToNewObject("Chilkat.JsonObject") li_Success = loo_JsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") if li_Success = 0 then Write-Debug "Failed to load the JSON file..." destroy loo_Http destroy loo_Json destroy loo_JsonToken return end if // Get the id_token; loo_SbIdToken = create oleobject // Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 li_rc = loo_SbIdToken.ConnectToNewObject("Chilkat.StringBuilder") li_Success = loo_SbIdToken.Append(loo_JsonToken.StringOf("id_token")) // Get the signature in base64url format. // The header + payload remains in sbIdToken. ls_Sig_b64Url = loo_SbIdToken.GetAfterFinal(".",1) ls_HeaderPlusPayload = loo_SbIdToken.GetAsString() Write-Debug ls_Sig_b64Url Write-Debug ls_HeaderPlusPayload // --------------------------------------------- // Try validating with each cert's public key. // Hopefully one will be the key that verifies. loo_Rsa = create oleobject // Use "Chilkat_9_5_0.Rsa" for versions of Chilkat < 10.0.0 li_rc = loo_Rsa.ConnectToNewObject("Chilkat.Rsa") loo_Rsa.EncodingMode = "base64url" li_NumKeys = loo_Json.SizeOfArray("keys") i = 0 do while i < li_NumKeys loo_Json.I = i loo_JsonKey = loo_Json.ObjectOf("keys[i]") loo_PubKey = create oleobject // Use "Chilkat_9_5_0.PublicKey" for versions of Chilkat < 10.0.0 li_rc = loo_PubKey.ConnectToNewObject("Chilkat.PublicKey") li_Success = loo_PubKey.LoadFromString(loo_JsonKey.Emit()) if li_Success = 0 then Write-Debug loo_PubKey.LastErrorText destroy loo_Http destroy loo_Json destroy loo_JsonToken destroy loo_SbIdToken destroy loo_Rsa destroy loo_PubKey return end if Write-Debug string(i) Write-Debug loo_PubKey.GetPem(1) destroy loo_JsonKey li_Success = loo_Rsa.ImportPublicKeyObj(loo_PubKey) li_BVerified = loo_Rsa.VerifyStringENC(ls_HeaderPlusPayload,"sha256",ls_Sig_b64Url) Write-Debug "bVerified = " + string(li_BVerified) i = i + 1 loop // The output is: // 0 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw // cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz // 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y // LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm // LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ // 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = True // 1 // -----BEGIN RSA PUBLIC KEY----- // MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn // IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB // Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 // E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI // TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg // 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB // -----END RSA PUBLIC KEY----- // // bVerified = False destroy loo_Http destroy loo_Json destroy loo_JsonToken destroy loo_SbIdToken destroy loo_Rsa destroy loo_PubKey |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.