SQL Server
SQL Server
Create JWT using a Brainpool EC Key
See more JSON Web Token (JWT) Examples
Demonstrates how to create a JWT using an EC private key. This is for JOSE headers having an "alg" member with any of the following values:- BP160R1
- BP192R1
- BP224R1
- BP256R1
- BP320R1
- BP384R1
- BP512R1
This example also demonstrates how to include time constraints:
- nbf: Not Before Time
- exp: Expiration Time
- iat: Issue At Time
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @sTmp1 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- Demonstrates how to create a JWT using a brainpool EC private key.
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @privKey int
EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- Load a brainpool EC key.
EXEC sp_OAMethod @privKey, 'LoadPemFile', @success OUT, 'c:/qa_data/pem/ec_brainpool_privKey.pem'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @privKey, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @privKey
RETURN
END
-- You can examine the curve name of the key you just loaded by getting the private in XML format:
-- <ECCKeyValue curve="CURVE_NAME">...</ECCKeyValue>
EXEC sp_OAMethod @privKey, 'GetXml', @sTmp0 OUT
PRINT @sTmp0
DECLARE @jwt int
EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT
-- Build the JOSE header
DECLARE @jose int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jose OUT
-- Use the brainpool curve name matching the private key you just loaded.
-- Use "BP256R1", or "BP384R1", etc.
EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'alg', 'BP256R1'
EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'typ', 'JWT'
-- Now build the JWT claims (also known as the payload)
DECLARE @claims int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @claims OUT
EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'iss', 'http://example.org'
EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'sub', 'John'
EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'aud', 'http://example.com'
-- Set the timestamp of when the JWT was created to now.
DECLARE @curDateTime int
EXEC sp_OAMethod @jwt, 'GenNumericDate', @curDateTime OUT, 0
EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'iat', @curDateTime
-- Set the "not process before" timestamp to now.
EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'nbf', @curDateTime
-- Set the timestamp defining an expiration time (end time) for the token
-- to be now + 1 hour (3600 seconds)
EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'exp', @curDateTime + 3600
-- Produce the smallest possible JWT:
EXEC sp_OASetProperty @jwt, 'AutoCompact', 1
-- Create the JWT token. This is where the ECC signature is created.
DECLARE @token nvarchar(4000)
EXEC sp_OAMethod @jose, 'Emit', @sTmp0 OUT
EXEC sp_OAMethod @claims, 'Emit', @sTmp1 OUT
EXEC sp_OAMethod @jwt, 'CreateJwtPk', @token OUT, @sTmp0, @sTmp1, @privKey
PRINT @token
EXEC @hr = sp_OADestroy @privKey
EXEC @hr = sp_OADestroy @jwt
EXEC @hr = sp_OADestroy @jose
EXEC @hr = sp_OADestroy @claims
END
GO