Home
>
WinDev Forum
>
Topic
jwt creation
Posted by spyryl
|
jwt creation June 19, 2019 07:09PM |
Registered: 4 years ago Posts: 5 |
Greetings Gang!!!
Does anyone know how to create a jwt token using WX?
I know that the following is what you use to create the jwt
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
password)
now the first 2 are simple as it just looks to be
Encode(header,encodeBASE64)
Encode(payload,encodeBASE64)
but that is where I run into trouble - in WX in order to use HMACSHA256 I need to first hash the password, but that isn't correct as it changes the return values
any assistance with this would be greatly appreciated.
Regards Christo!!!
Does anyone know how to create a jwt token using WX?
I know that the following is what you use to create the jwt
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
password)
now the first 2 are simple as it just looks to be
Encode(header,encodeBASE64)
Encode(payload,encodeBASE64)
but that is where I run into trouble - in WX in order to use HMACSHA256 I need to first hash the password, but that isn't correct as it changes the return values
any assistance with this would be greatly appreciated.
Regards Christo!!!
|
Re: jwt creation June 19, 2019 07:46PM |
Registered: 5 years ago Posts: 296 |
|
Re: jwt creation June 20, 2019 01:35AM |
Registered: 4 years ago Posts: 5 |
|
Re: jwt creation June 21, 2019 11:45AM |
Registered: 5 years ago Posts: 296 |
If I use the bellow code and paste the result (ew0KImFsZyI6ICJIUzI1NiIsDQoidHlwIjogIkpXVCINCn0=.ew0KImZpZWxkMSI6ICJteSB0ZXN0IiwNCiJmaWVsZDIiOiAidGVzdCB3aW5kZXYgMjIiLA0KImZpZWxkMyI6IDEyMzQNCn0=.wipr69xJnjaYHn9GACE1K8kRd5QZMStQMKTx-XixBEw=) in [jwt.io] I get Signature Verified .
header is string
payload is string
header=[
{
"alg": "HS256",
"typ": "JWT"
}
]
payload=[
{
"field1": "my test",
"field2": "test windev 22",
"field3": 1234
}
]
token is string= Encode(header,encodeBASE64URL) + "." + Encode(payload,encodeBASE64URL) + "." +Encode(HashString(HA_HMAC_SHA_256 , Encode(header,encodeBASE64URL) +"."+ Encode(payload,encodeBASE64URL) , "your-256-bit-secret"),encodeBASE64URL)
ToClipboard(token)
Regards
Paulo Oliveira
Edited 1 time(s). Last edit at 06/21/2019 11:46AM by pao.
header is string
payload is string
header=[
{
"alg": "HS256",
"typ": "JWT"
}
]
payload=[
{
"field1": "my test",
"field2": "test windev 22",
"field3": 1234
}
]
token is string= Encode(header,encodeBASE64URL) + "." + Encode(payload,encodeBASE64URL) + "." +Encode(HashString(HA_HMAC_SHA_256 , Encode(header,encodeBASE64URL) +"."+ Encode(payload,encodeBASE64URL) , "your-256-bit-secret"),encodeBASE64URL)
ToClipboard(token)
Regards
Paulo Oliveira
Edited 1 time(s). Last edit at 06/21/2019 11:46AM by pao.
|
Re: jwt creation June 21, 2019 12:01PM |
Registered: 4 years ago Posts: 5 |
Greetings Pao,
I can only get what you've got to work providing I don't have "secret base64 encoded" checked when I paste it in. if it is checked before I paste then it still returns an invalid signature.
the header and payload parts are perfect... it's that damn last bit that is killing it
C!!!
I can only get what you've got to work providing I don't have "secret base64 encoded" checked when I paste it in. if it is checked before I paste then it still returns an invalid signature.
the header and payload parts are perfect... it's that damn last bit that is killing it
C!!!
|
Re: jwt creation June 21, 2019 12:33PM |
Registered: 5 years ago Posts: 296 |
|
Re: jwt creation June 21, 2019 12:48PM |
Registered: 4 years ago Posts: 5 |
|
Re: jwt creation June 21, 2019 03:11PM |
Registered: 5 years ago Posts: 296 |
In [jwt.io] if you use the option secret base64 encoded you have to put the secret key in base 64 format.
just use my sample code and in the jwt.oi page paste the JWT generared and put eW91ci0yNTYtYml0LXNlY3JldA== instead of your-256-bit-secret and the signature is valid.
In this case the problem isn't with WX is with the usage of jwt.io
Regards
Paulo Oliveira
Edited 2 time(s). Last edit at 06/21/2019 03:54PM by pao.
just use my sample code and in the jwt.oi page paste the JWT generared and put eW91ci0yNTYtYml0LXNlY3JldA== instead of your-256-bit-secret and the signature is valid.
In this case the problem isn't with WX is with the usage of jwt.io
Regards
Paulo Oliveira
Edited 2 time(s). Last edit at 06/21/2019 03:54PM by pao.
|
Re: jwt creation June 21, 2019 03:54PM |
Registered: 4 years ago Posts: 5 |
I need it so I can generate jwt on the fly. regrettably copy'n'paste isn't an actual option.
Fb was a pain in the arse to get working for it's chat bot, but once I figured out the WX version of what they wanted I was able to get that up and running.... this is basically the same scenario, I just need to figure out how WX does the equivalent encryption as what is in the above example
C!!!
Fb was a pain in the arse to get working for it's chat bot, but once I figured out the WX version of what they wanted I was able to get that up and running.... this is basically the same scenario, I just need to figure out how WX does the equivalent encryption as what is in the above example
C!!!