Sample code for 30+ languages & platforms
PureBasic

Create JWT using a Certificate's Private Key

See more JSON Web Token (JWT) Examples

Demonstrates how to create a JWT using a certificate's private key.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCert.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkJwt.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; Demonstrates how to create a JWT using an certificate's private key.

    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Load an ECC private key from a PEM file.
    success = CkCert::ckLoadPfxFile(cert,"c:/temp/myPfx.pfx","pfxPassword")
    If success <> 1
        Debug CkCert::ckLastErrorText(cert)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    jwt.i = CkJwt::ckCreate()
    If jwt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Build the JOSE header
    jose.i = CkJsonObject::ckCreate()
    If jose.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Note: The IsEcdsa function was added in Chilkat v10.1.0
    If CkCert::ckIsEcdsa(cert) = 1
        ; Use ES256.  Pass the string "ES384" or "ES512" to use ECC with SHA-384 or SHA-512.
        CkJsonObject::ckAppendString(jose,"alg","ES256")
    Else
        ; Probably RSA...
        ; Use RS256.  Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
        CkJsonObject::ckAppendString(jose,"alg","RS256")
    EndIf

    CkJsonObject::ckAppendString(jose,"typ","JWT")

    ; Now build the JWT claims (also known as the payload)
    claims.i = CkJsonObject::ckCreate()
    If claims.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckAppendString(claims,"iss","http://example.org")
    CkJsonObject::ckAppendString(claims,"sub","John")
    CkJsonObject::ckAppendString(claims,"aud","http://example.com")

    ; Set the timestamp of when the JWT was created to now.
    curDateTime.i = CkJwt::ckGenNumericDate(jwt,0)
    CkJsonObject::ckAddIntAt(claims,-1,"iat",curDateTime)

    ; Set the "not process before" timestamp to now.
    CkJsonObject::ckAddIntAt(claims,-1,"nbf",curDateTime)

    ; Set the timestamp defining an expiration time (end time) for the token
    ; to be now + 1 hour (3600 seconds)
    CkJsonObject::ckAddIntAt(claims,-1,"exp",curDateTime + 3600)

    ; Produce the smallest possible JWT:
    CkJwt::setCkAutoCompact(jwt, 1)

    ; Create the JWT token.
    token.s = CkJwt::ckCreateJwtCert(jwt,CkJsonObject::ckEmit(jose),CkJsonObject::ckEmit(claims),cert)

    Debug token

    ; Example output:
    ; eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5vcmciLCJzdWIiOiJKb2huIiwiYXVkIjoiaHR0cDovL2V4YW1wbGUuY29tIiwiaWF0IjoxNDg1NzA4NzkyLCJuYmYiOjE0ODU3MDg3OTIsImV4cCI6MTQ4NTcxMjM5Mn0.wqsuyJpxJ073ox-lOiLFqG1lQocXe4hGf2XGZJRrO3qn0UusxI_bu3Gzky8gBsH4sA4u9TWZn5M-1wYMMIJk6Q


    CkCert::ckDispose(cert)
    CkJwt::ckDispose(jwt)
    CkJsonObject::ckDispose(jose)
    CkJsonObject::ckDispose(claims)


    ProcedureReturn
EndProcedure