Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Validate JWS Using HMAC SHA-256

See more JSON Web Signatures (JWS) Examples

Validates a JSON Web Signature (JWS) using HMAC SHA-256.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Jws,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  jws: TJws;
  hmacKey: string;
  signatureIndex: Integer;
  jwsCompact: string;
  v: Integer;
  joseHeader: TJsonObject;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  This example takes a JSON signature in compact serialization format,
  //  and uses a MAC key to validate and recover the protected header and payload.

  jws := TJws.Create;

  //  Set the HMAC key:
  hmacKey := 'AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow';
  signatureIndex := 0;
  jws.SetMacKey(signatureIndex,hmacKey,'base64url');

  //  Load the JWS.
  jwsCompact := 'eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk';
  success := jws.LoadJws(jwsCompact);

  //  Validate the 1st (and only) signature at index 0..
  v := jws.Validate(signatureIndex);
  if (v < 0) then
    begin
      //  Perhaps Chilkat was not unlocked or the trial expired..
      WriteLn('Method call failed for some other reason.');
      WriteLn(jws.LastErrorText);
      Exit;
    end;
  if (v = 0) then
    begin
      WriteLn('Invalid signature.  The MAC key was incorrect, the JWS was invalid, or both.');
      Exit;
    end;

  //  If we get here, the signature was validated..
  WriteLn('Signature validated.');

  //  Recover the original content:
  WriteLn('Recovered content:');
  WriteLn(jws.GetPayload('utf-8'));

  //  Examine the protected header:

  joseHeader := TJsonObject.Create;
  success := jws.GetProtectedH(signatureIndex,joseHeader);
  if (success = False) then
    begin
      WriteLn(jws.LastErrorText);
      Exit;
    end;

  joseHeader.EmitCompact := False;

  WriteLn('Protected (JOSE) header:');
  WriteLn(joseHeader.Emit());

  //  Output:

  //  	Signature validated.
  //  	Recovered content:
  //  	{"iss":"joe",
  //  	 "exp":1300819380,
  //  	 "http://example.com/is_root":true}
  //  	Protected (JOSE) header:
  //  	{ 
  //  	  "typ": "JWT",
  //  	  "alg": "HS256"
  //  	}


  jws.Free;
  joseHeader.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.