|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) Validate a Google ID TokenDemonstrates how to verify the signature of a Google id token.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. DECLARE @http int -- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- First get the public key we'll be needing.. DECLARE @jwkStr nvarchar(4000) EXEC sp_OAMethod @http, 'QuickGetStr', @jwkStr OUT, 'https://www.googleapis.com/oauth2/v3/certs' EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT IF @iTmp0 = 0 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @http RETURN END -- We have the following: -- { -- "keys": [ -- { -- "kid": "e8732db06287515556213b80acbcfd08cfb302a9", -- "n": "4RIrO30287Wsq3gqXCMkUYMVAeI3H8...w2mbMNEBQ", -- "kty": "RSA", -- "e": "AQAB", -- "alg": "RS256", -- "use": "sig" -- }, -- { -- "kid": "8462a71da4f6d611fc0fecf0fc4ba9c37d65e6cd", -- "e": "AQAB", -- "n": "xT_ngLZNmT5GBtJZeTB...Ft4gK0eoFi0d3l8bcw", -- "alg": "RS256", -- "use": "sig", -- "kty": "RSA" -- } -- ] -- } DECLARE @json int -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT DECLARE @success int EXEC sp_OAMethod @json, 'Load', @success OUT, @jwkStr -- ------------------------------------------------- -- Load the following.. -- { -- "access_token": "ya29.a0...0f", -- "expires_in": 3599, -- "scope": "openid https://www.googleapis.com/auth/userinfo.email", -- "token_type": "Bearer", -- "id_token": "eyJhb...o5nQ" -- } DECLARE @jsonToken int -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonToken OUT EXEC sp_OAMethod @jsonToken, 'LoadFile', @success OUT, 'qa_data/tokens/google_sample_id_token.json' IF @success = 0 BEGIN PRINT 'Failed to load the JSON file...' EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @json EXEC @hr = sp_OADestroy @jsonToken RETURN END -- Get the id_token; DECLARE @sbIdToken int -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbIdToken OUT EXEC sp_OAMethod @jsonToken, 'StringOf', @sTmp0 OUT, 'id_token' EXEC sp_OAMethod @sbIdToken, 'Append', @success OUT, @sTmp0 -- Get the signature in base64url format. -- The header + payload remains in sbIdToken. DECLARE @sig_b64Url nvarchar(4000) EXEC sp_OAMethod @sbIdToken, 'GetAfterFinal', @sig_b64Url OUT, '.', 1 DECLARE @headerPlusPayload nvarchar(4000) EXEC sp_OAMethod @sbIdToken, 'GetAsString', @headerPlusPayload OUT PRINT @sig_b64Url PRINT @headerPlusPayload -- --------------------------------------------- -- Try validating with each cert's public key. -- Hopefully one will be the key that verifies. DECLARE @rsa int -- Use "Chilkat_9_5_0.Rsa" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64url' DECLARE @numKeys int EXEC sp_OAMethod @json, 'SizeOfArray', @numKeys OUT, 'keys' DECLARE @i int SELECT @i = 0 WHILE @i < @numKeys BEGIN EXEC sp_OASetProperty @json, 'I', @i DECLARE @jsonKey int EXEC sp_OAMethod @json, 'ObjectOf', @jsonKey OUT, 'keys[i]' DECLARE @pubKey int -- Use "Chilkat_9_5_0.PublicKey" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT EXEC sp_OAMethod @jsonKey, 'Emit', @sTmp0 OUT EXEC sp_OAMethod @pubKey, 'LoadFromString', @success OUT, @sTmp0 IF @success = 0 BEGIN EXEC sp_OAGetProperty @pubKey, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @json EXEC @hr = sp_OADestroy @jsonToken EXEC @hr = sp_OADestroy @sbIdToken EXEC @hr = sp_OADestroy @rsa EXEC @hr = sp_OADestroy @pubKey RETURN END PRINT @i EXEC sp_OAMethod @pubKey, 'GetPem', @sTmp0 OUT, 1 PRINT @sTmp0 EXEC @hr = sp_OADestroy @jsonKey EXEC sp_OAMethod @rsa, 'ImportPublicKeyObj', @success OUT, @pubKey DECLARE @bVerified int EXEC sp_OAMethod @rsa, 'VerifyStringENC', @bVerified OUT, @headerPlusPayload, 'sha256', @sig_b64Url PRINT 'bVerified = ' + @bVerified SELECT @i = @i + 1 END -- The output is: -- 0 -- -----BEGIN RSA PUBLIC KEY----- -- MIIBCgKCAQEA4RIrO30287Wsq3gqXCMkUYMVAeI3H8LVE6IXR1krdFeGnZLiGUPw -- cbkeVpXf3lmJdsStOg+jijces2DZCfPyIBiQuLYfxxmAZE6ErJ0QJFg1stwli2Pz -- 9ncYhFoqi8pXr7kEzEJBTzX4thuw56ydbGsshSEznPXoerCJOc7UI2+n0wFCWQ4Y -- LHbh/PrWt4vdadyUUUW/QpQHXQLdD8q/Qwqdj0O9zlJE7R6Elw2E9EqnHyIGu1hm -- LxhqrTru1M18SUhONYbVskV/BCEdVKs//X96849HorWQDCAgVMWfGsdMVq55FAdJ -- 680N5UmQDRynIZ4+PeNGN4S9iw2mbMNEBQIDAQAB -- -----END RSA PUBLIC KEY----- -- -- bVerified = True -- 1 -- -----BEGIN RSA PUBLIC KEY----- -- MIIBCgKCAQEAxT/ngLZNmT5GBdkLtJZjNeTB+8B5yWgrq/e5eMZ1hrZhcmLK+dSn -- IkpOPV8/OekV67EnQ7I4II2rcNJnHGrGKZziXO3XN2gtUHE+mBJC99oULSbX/QwB -- Kz7gC/IBPq9EuxTt6Oq6fPkVQ9DbRIgWJSEGBF/KRaNl3kyAlIZfpY7XgHyJTTv8 -- E7yAcYKPR+36gzdl+ps0sDLKzUuAtZNq8llK0u80z6AtAUIYwWdkEhM9upy6keKI -- TasIxcsO7M6kZPINUSbh6t5VAm8FuqRmxpgg+9c9/GQSGd89InVypoVzWLQ+wOGg -- 5G4H6JqIgtj0TRFt4gK0eoFi2U0d3l8bcwIDAQAB -- -----END RSA PUBLIC KEY----- -- -- bVerified = False EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @json EXEC @hr = sp_OADestroy @jsonToken EXEC @hr = sp_OADestroy @sbIdToken EXEC @hr = sp_OADestroy @rsa EXEC @hr = sp_OADestroy @pubKey END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.