|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Ruby) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
require 'chilkat' # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. http = Chilkat::CkHttp.new() # First get the public key we'll be needing.. jwkStr = http.quickGetStr("https://www.googleapis.com/oauth2/v3/certs") if (http.get_LastMethodSuccess() == false) print http.lastErrorText() + "\n"; exit end # We have the following: # { # "keys": [ # { # "kid": "e8732db06287515556213b80acbcfd08cfb302a9", # "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", # "kty": "RSA", # "e": "AQAB", # "alg": "RS256", # "use": "sig" # }, # { # "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", # "e": "AQAB", # "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", # "alg": "RS256", # "use": "sig", # "kty": "RSA" # } # ] # } json = Chilkat::CkJsonObject.new() success = json.Load(jwkStr) # ------------------------------------------------- # Load the following.. # { # "access_token": "ya29.a0...0f", # "expires_in": 3599, # "scope": "openid https://www.googleapis.com/auth/userinfo.email", # "token_type": "Bearer", # "id_token": "eyJhb...o5nQ" # } jsonToken = Chilkat::CkJsonObject.new() success = jsonToken.LoadFile("qa_data/tokens/google_sample_id_token.json") if (success == false) print "Failed to load the JSON file..." + "\n"; exit end # Get the id_token; sbIdToken = Chilkat::CkStringBuilder.new() success = sbIdToken.Append(jsonToken.stringOf("id_token")) # Get the signature in base64url format. # The header + payload remains in sbIdToken. sig_b64Url = sbIdToken.getAfterFinal(".",true) headerPlusPayload = sbIdToken.getAsString() print sig_b64Url + "\n"; print headerPlusPayload + "\n"; # --------------------------------------------- # Try validating with each cert's public key. # Hopefully one will be the key that verifies. rsa = Chilkat::CkRsa.new() rsa.put_EncodingMode("base64url") numKeys = json.SizeOfArray("keys") i = 0 while i < numKeys json.put_I(i) # jsonKey is a CkJsonObject jsonKey = json.ObjectOf("keys[i]") pubKey = Chilkat::CkPublicKey.new() success = pubKey.LoadFromString(jsonKey.emit()) if (success == false) print pubKey.lastErrorText() + "\n"; exit end print i.to_s() + "\n"; print pubKey.getPem(true) + "\n"; success = rsa.ImportPublicKeyObj(pubKey) bVerified = rsa.VerifyStringENC(headerPlusPayload,"sha256",sig_b64Url) print "bVerified = " + bVerified.to_s() + "\n"; i = i + 1 end # The output is: # 0 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw # cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz # 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y # LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm # LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ # 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = True # 1 # -----BEGIN RSA PUBLIC KEY----- # MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn # IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB # Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 # E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI # TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg # 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB # -----END RSA PUBLIC KEY----- # # bVerified = False |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.