Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(CkPython) Validate JWS Using HMAC SHA-256Validates a JSON Web Signature (JWS) using HMAC SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
import sys import chilkat # This requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Note: This example requires Chilkat v9.5.0.66 or greater. # This example takes a JSON signature in compact serialization format, # and uses a MAC key to validate and recover the protected header and payload. jws = chilkat.CkJws() # Set the HMAC key: hmacKey = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow" signatureIndex = 0 jws.SetMacKey(signatureIndex,hmacKey,"base64url") # Load the JWS. jwsCompact = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" success = jws.LoadJws(jwsCompact) # Validate the 1st (and only) signature at index 0.. v = jws.Validate(signatureIndex) if (v < 0): # Perhaps Chilkat was not unlocked or the trial expired.. print("Method call failed for some other reason.") print(jws.lastErrorText()) sys.exit() if (v == 0): print("Invalid signature. The MAC key was incorrect, the JWS was invalid, or both.") sys.exit() # If we get here, the signature was validated.. print("Signature validated.") # Recover the original content: print("Recovered content:") print(jws.getPayload("utf-8")) # Examine the protected header: # joseHeader is a CkJsonObject joseHeader = jws.GetProtectedHeader(signatureIndex) if (jws.get_LastMethodSuccess() != True): print("No protected header found at the given index.") sys.exit() joseHeader.put_EmitCompact(False) print("Protected (JOSE) header:") print(joseHeader.emit()) # Output: # Signature validated. # Recovered content: # {"iss":"joe", # "exp":1300819380, # "http://example.com/is_root":true} # Protected (JOSE) header: # { # "typ": "JWT", # "alg": "HS256" # } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.