Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
Decode Microsoft Graph ID Token
See more Microsoft Graph Examples
Demonstrates how to decode a Microsoft Graph ID token.Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.JsonObject,
Chilkat.Jwt;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
jsonToken: TJsonObject;
jwt: TJwt;
idToken: string;
jose: string;
jsonHeader: TJsonObject;
claims: string;
jsonClaims: TJsonObject;
ver: string;
iss: string;
s_sub: string;
aud: string;
exp: Integer;
iat: Integer;
nbf: Integer;
name: string;
preferred_username: string;
oid: string;
tid: string;
aio: string;
begin
success := False;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// In a previous example, we obtained a Microsoft Graph OAuth2 access token.
// This example loads the JSON saved from the previous example and decodes the id_token.
// Our Microsoft Graph OAuth2 token looks like this:
// {
// "token_type": "Bearer",
// "scope": "openid profile User.ReadWrite Mail.ReadWrite Mail.Send Files.ReadWrite User.Read Calendars.ReadWrite Group.ReadWrite.All",
// "expires_in": 3600,
// "ext_expires_in": 3600,
// "access_token": "EwCQA8l6...0HhMKYwC",
// "refresh_token": "MCWulIvzi2yD0S...igEFn51mqcByhZtAJg",
// "id_token": "eyJ0eXAiOiJKV1...Q7lRDaR-7A",
// "expires_on": "1562862714"
// }
jsonToken := TJsonObject.Create;
success := jsonToken.LoadFile('qa_data/tokens/microsoftGraph.json');
if (success = False) then
begin
WriteLn('Failed to load the JSON file...');
Exit;
end;
// Use Chilkat's JWT API to examine the id_token..
jwt := TJwt.Create;
idToken := jsonToken.StringOf('id_token');
// Extract the JOSE header..
jose := jwt.GetHeader(idToken);
jsonHeader := TJsonObject.Create;
jsonHeader.Load(jose);
jsonHeader.EmitCompact := False;
WriteLn(jsonHeader.Emit());
// The JOSE header looks like this:
// {
// "typ": "JWT",
// "alg": "RS256",
// "kid": "1LTMzakihiRla_8z2BEJVXeWMqo"
// }
claims := jwt.GetPayload(idToken);
jsonClaims := TJsonObject.Create;
jsonClaims.Load(claims);
jsonClaims.EmitCompact := False;
WriteLn(jsonClaims.Emit());
// The claims look like this:
// {
// "ver": "2.0",
// "iss": "https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0",
// "sub": "AAAAAAAAAAAAAAAAAAAAAHJFryd6Gydo-XtTd1nhUNQ",
// "aud": "18c456bd-db75-43fe-9724-9e5d821c68ff",
// "exp": 1562945513,
// "iat": 1562858813,
// "nbf": 1562858813,
// "name": "Matt Chilkat",
// "preferred_username": "matt@example.com",
// "oid": "00000000-0000-0000-3a33-fceb9b74cc15",
// "tid": "9188040d-6c67-4c5b-b112-36a304b66dad",
// "aio": "DfibJqKnWC1c0FS6G ... W6pvTrQuYzyq16ghY$"
// }
//
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// Get each of the claims..
ver := jsonClaims.StringOf('ver');
iss := jsonClaims.StringOf('iss');
s_sub := jsonClaims.StringOf('sub');
aud := jsonClaims.StringOf('aud');
exp := jsonClaims.IntOf('exp');
iat := jsonClaims.IntOf('iat');
nbf := jsonClaims.IntOf('nbf');
name := jsonClaims.StringOf('name');
preferred_username := jsonClaims.StringOf('preferred_username');
oid := jsonClaims.StringOf('oid');
tid := jsonClaims.StringOf('tid');
aio := jsonClaims.StringOf('aio');
jsonToken.Free;
jwt.Free;
jsonHeader.Free;
jsonClaims.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.