Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(CkPython) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
import sys import chilkat # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. http = chilkat.CkHttp() # First get the public key we'll be needing.. jwkStr = http.quickGetStr("https://www.googleapis.com/oauth2/v3/certs") if (http.get_LastMethodSuccess() == False): print(http.lastErrorText()) sys.exit() # We have the following: # { # "keys": [ # { # "kid": "e8732db06287515556213b80acbcfd08cfb302a9", # "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", # "kty": "RSA", # "e": "AQAB", # "alg": "RS256", # "use": "sig" # }, # { # "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", # "e": "AQAB", # "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", # "alg": "RS256", # "use": "sig", # "kty": "RSA" # } # ] # } json = chilkat.CkJsonObject() success = json.Load(jwkStr) # ------------------------------------------------- # Load the following.. # { # "access_token": "ya29.a0...0f", # "expires_in": 3599, # "scope": "openid https://www.googleapis.com/auth/userinfo.email", # "token_type": "Bearer", # "id_token": "eyJhb...o5nQ" # } jsonToken = chilkat.CkJsonObject() success = jsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") if (success == False): print("Failed to load the JSON file...") sys.exit() # Get the id_token; sbIdToken = chilkat.CkStringBuilder() success = sbIdToken.Append(jsonToken.stringOf("id_token")) # Get the signature in base64url format. # The header + payload remains in sbIdToken. sig_b64Url = sbIdToken.getAfterFinal(".",True) headerPlusPayload = sbIdToken.getAsString() print(sig_b64Url) print(headerPlusPayload) # --------------------------------------------- # Try validating with each cert's public key. # Hopefully one will be the key that verifies. rsa = chilkat.CkRsa() rsa.put_EncodingMode("base64url") numKeys = json.SizeOfArray("keys") i = 0 while i < numKeys : json.put_I(i) # jsonKey is a CkJsonObject jsonKey = json.ObjectOf("keys[i]") pubKey = chilkat.CkPublicKey() success = pubKey.LoadFromString(jsonKey.emit()) if (success == False): print(pubKey.lastErrorText()) sys.exit() print(str(i)) print(pubKey.getPem(True)) success = rsa.ImportPublicKeyObj(pubKey) bVerified = rsa.VerifyStringENC(headerPlusPayload,"sha256",sig_b64Url) print("bVerified = " + str(bVerified)) i = i + 1 # The output is: # 0 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw # cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz # 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y # LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm # LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ # 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = True # 1 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn # IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB # Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 # E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI # TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg # 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = False |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.