Sample code for 30+ languages & platforms
SQL Server

Create JWT using a Brainpool EC Key

See more JSON Web Token (JWT) Examples

Demonstrates how to create a JWT using an EC private key. This is for JOSE headers having an "alg" member with any of the following values:
  • BP160R1
  • BP192R1
  • BP224R1
  • BP256R1
  • BP320R1
  • BP384R1
  • BP512R1

This example also demonstrates how to include time constraints:

  • nbf: Not Before Time
  • exp: Expiration Time
  • iat: Issue At Time

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @sTmp1 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- Demonstrates how to create a JWT using a brainpool EC private key.

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @privKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Load a brainpool EC key.
    EXEC sp_OAMethod @privKey, 'LoadPemFile', @success OUT, 'c:/qa_data/pem/ec_brainpool_privKey.pem'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @privKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    -- You can examine the curve name of the key you just loaded by getting the private in XML format:
    -- <ECCKeyValue curve="CURVE_NAME">...</ECCKeyValue>
    EXEC sp_OAMethod @privKey, 'GetXml', @sTmp0 OUT
    PRINT @sTmp0

    DECLARE @jwt int
    EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT

    -- Build the JOSE header
    DECLARE @jose int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jose OUT

    -- Use the brainpool curve name matching the private key you just loaded.
    -- Use "BP256R1", or "BP384R1", etc.   
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'alg', 'BP256R1'
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'typ', 'JWT'

    -- Now build the JWT claims (also known as the payload)
    DECLARE @claims int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @claims OUT

    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'iss', 'http://example.org'
    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'sub', 'John'
    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'aud', 'http://example.com'

    -- Set the timestamp of when the JWT was created to now.
    DECLARE @curDateTime int
    EXEC sp_OAMethod @jwt, 'GenNumericDate', @curDateTime OUT, 0
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'iat', @curDateTime

    -- Set the "not process before" timestamp to now.
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'nbf', @curDateTime

    -- Set the timestamp defining an expiration time (end time) for the token
    -- to be now + 1 hour (3600 seconds)
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'exp', @curDateTime + 3600

    -- Produce the smallest possible JWT:
    EXEC sp_OASetProperty @jwt, 'AutoCompact', 1

    -- Create the JWT token.  This is where the ECC signature is created.
    DECLARE @token nvarchar(4000)
    EXEC sp_OAMethod @jose, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @claims, 'Emit', @sTmp1 OUT
    EXEC sp_OAMethod @jwt, 'CreateJwtPk', @token OUT, @sTmp0, @sTmp1, @privKey


    PRINT @token

    EXEC @hr = sp_OADestroy @privKey
    EXEC @hr = sp_OADestroy @jwt
    EXEC @hr = sp_OADestroy @jose
    EXEC @hr = sp_OADestroy @claims


END
GO