Sample code for 30+ languages & platforms
SQL Server

bitzlato.com whoami

See more JSON Web Token (JWT) Examples

Demonstrates sending a request to the bitzlato.com whoami endpoint using an ES256 JWT token for authentication.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @sTmp1 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    --  Use the following ECC key loaded from JWK format.
    DECLARE @jwk int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jwk OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @jwk, 'UpdateString', @success OUT, 'kty', 'EC'
    EXEC sp_OAMethod @jwk, 'UpdateString', @success OUT, 'crv', 'P-256'
    EXEC sp_OAMethod @jwk, 'UpdateString', @success OUT, 'x', '...'
    EXEC sp_OAMethod @jwk, 'UpdateString', @success OUT, 'y', '...'
    EXEC sp_OAMethod @jwk, 'UpdateString', @success OUT, 'd', '...'

    DECLARE @eccKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @eccKey OUT

    EXEC sp_OAMethod @jwk, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @eccKey, 'LoadJwk', @success OUT, @sTmp0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @eccKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jwk
        EXEC @hr = sp_OADestroy @eccKey
        RETURN
      END

    DECLARE @jwt int
    EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT

    -- Build the JOSE header
    DECLARE @jose int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jose OUT

    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'format', 'compact'
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'alg', 'ES256'

    -- Now build the JWT claims (also known as the payload)

    -- Our JWT claims will contain members as shown here:

    -- 	{
    -- 	  "email":"your_email@example.com",
    -- 	  "aud":"usr",
    -- 	  "iat":"1588286154",
    -- 	  "jti":"555D9123"
    -- 	}

    DECLARE @claims int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @claims OUT

    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'jti', '555D9123'
    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'email', 'your_email@example.com'

    -- Set the timestamp of when the JWT was created to now minus 60 seconds
    DECLARE @curDateTime int
    EXEC sp_OAMethod @jwt, 'GenNumericDate', @curDateTime OUT, -60
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'iat', @curDateTime

    -- Set the "not process before" timestamp to now minus 60 seconds
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'nbf', @curDateTime

    -- Set the timestamp defining an expiration time (end time) for the token
    -- to be now + 1 hour (3600 seconds)
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'exp', @curDateTime + 3600

    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'aud', 'usr'

    -- Produce the smallest possible JWT:
    EXEC sp_OASetProperty @jwt, 'AutoCompact', 1

    -- Create the JWT token.  This is where the RSA signature is created.
    DECLARE @jwt_token nvarchar(4000)
    EXEC sp_OAMethod @jose, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @claims, 'Emit', @sTmp1 OUT
    EXEC sp_OAMethod @jwt, 'CreateJwtPk', @jwt_token OUT, @sTmp0, @sTmp1, @eccKey


    PRINT @jwt_token

    -- Send the HTTPS GET with the jwt_token used for Authorization.
    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT

    EXEC sp_OASetProperty @http, 'AuthToken', @jwt_token
    DECLARE @responseStr nvarchar(4000)
    EXEC sp_OAMethod @http, 'QuickGetStr', @responseStr OUT, 'https://bitzlato.com/api/auth/whoami'
    EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jwk
        EXEC @hr = sp_OADestroy @eccKey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jose
        EXEC @hr = sp_OADestroy @claims
        EXEC @hr = sp_OADestroy @http
        RETURN
      END


    EXEC sp_OAGetProperty @http, 'LastStatus', @iTmp0 OUT
    PRINT 'status code = ' + @iTmp0

    PRINT @responseStr

    EXEC @hr = sp_OADestroy @jwk
    EXEC @hr = sp_OADestroy @eccKey
    EXEC @hr = sp_OADestroy @jwt
    EXEC @hr = sp_OADestroy @jose
    EXEC @hr = sp_OADestroy @claims
    EXEC @hr = sp_OADestroy @http


END
GO