Sample code for 30+ languages & platforms
SQL Server

PRODA Get OAuth2 Access Token using JWT

See more PRODA Examples

Demonstrates how to get an OAuth2 access token for the PRODA Australian Government Online Services using a JWT.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @sTmp1 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- First create a JWT to be sent in the POST to https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token

    DECLARE @privKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Load an RSA private key from a PEM file.
    -- Chilkat provides alternative methods to load from other formats, or to load from a string or binary data.
    EXEC sp_OAMethod @privKey, 'LoadEncryptedPemFile', @success OUT, 'qa_data/pem/rsa_passwd.pem', 'passwd'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @privKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    DECLARE @jwt int
    EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT

    -- Build the JOSE header
    DECLARE @jose int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jose OUT

    -- Use RS256.  Pass the string "RS384" or "RS512" to use RSA with SHA-384 or SHA-512.
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'alg', 'RS256'
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'typ', 'JWT'
    EXEC sp_OAMethod @jose, 'AppendString', @success OUT, 'kid', 'test-device'

    -- Now build the JWT claims (also known as the payload)
    DECLARE @claims int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @claims OUT

    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'iss', '9646844092'
    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'sub', 'test-device'
    EXEC sp_OAMethod @claims, 'AppendString', @success OUT, 'aud', 'https://proda.humanservices.gov.au'

    -- Set the timestamp of when the JWT was created to now.
    DECLARE @curDateTime int
    EXEC sp_OAMethod @jwt, 'GenNumericDate', @curDateTime OUT, 0
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'iat', @curDateTime

    -- Set the timestamp defining an expiration time (end time) for the token
    -- to be now + 1 hour (3600 seconds)
    EXEC sp_OAMethod @claims, 'AddIntAt', @success OUT, -1, 'exp', @curDateTime + 3600

    -- Produce the smallest possible JWT:
    EXEC sp_OASetProperty @jwt, 'AutoCompact', 1

    -- Create the JWT token.  This is where the RSA signature is created.
    DECLARE @jwtToken nvarchar(4000)
    EXEC sp_OAMethod @jose, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @claims, 'Emit', @sTmp1 OUT
    EXEC sp_OAMethod @jwt, 'CreateJwtPk', @jwtToken OUT, @sTmp0, @sTmp1, @privKey

    -- ---------------------------------------------------------------------
    -- Build and send the POST, which should look something like this:

    -- POST https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token HTTP/1.1
    -- Content-Type: application/x-www-form-urlencoded
    -- Content-Length: 666
    -- Host: vnd.proda.humanservices.gov.au
    -- 
    -- grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=<jwt>&client_id=VendorClient03

    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT

    DECLARE @req int
    EXEC @hr = sp_OACreate 'Chilkat.HttpRequest', @req OUT

    EXEC sp_OASetProperty @req, 'HttpVerb', 'POST'
    EXEC sp_OASetProperty @req, 'ContentType', 'application/x-www-form-urlencoded'

    -- Add the request params.
    EXEC sp_OAMethod @req, 'AddParam', NULL, 'grant_type', 'urn:ietf:params:oauth:grant-type:jwt-bearer'
    EXEC sp_OAMethod @req, 'AddParam', NULL, 'assertion', @jwtToken
    EXEC sp_OAMethod @req, 'AddParam', NULL, 'client_id', 'VendorClient03'

    DECLARE @resp int
    EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @resp OUT

    EXEC sp_OAMethod @http, 'HttpReq', @success OUT, 'https://vnd.proda.humanservices.gov.au/mga/sps/oauth/oauth20/token', @req, @resp
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @privKey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jose
        EXEC @hr = sp_OADestroy @claims
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @req
        EXEC @hr = sp_OADestroy @resp
        RETURN
      END


    EXEC sp_OAGetProperty @resp, 'StatusCode', @iTmp0 OUT
    PRINT 'Response status code = ' + @iTmp0

    PRINT 'Response body:'
    EXEC sp_OAGetProperty @resp, 'BodyStr', @sTmp0 OUT
    PRINT @sTmp0

    EXEC @hr = sp_OADestroy @privKey
    EXEC @hr = sp_OADestroy @jwt
    EXEC @hr = sp_OADestroy @jose
    EXEC @hr = sp_OADestroy @claims
    EXEC @hr = sp_OADestroy @http
    EXEC @hr = sp_OADestroy @req
    EXEC @hr = sp_OADestroy @resp


END
GO