-
Welcome to B4X forum!
B4X is a set of simple and powerful cross platform RAD tools:
- B4A (free) - Android development
- B4J (free) - Desktop and Server development
- B4i - iOS development
- B4R (free) - Arduino, ESP8266 and ESP32 development
iOS Question B4I JWT [Solved]
- Thread starter fbritop
- Start date
- Similar Threads Similar Threads
Have a look:
[B4X] Get JWT Payload (JavaWebToken)
This function reads the payload of a jwt token and returns a map Input token...
www.b4x.com
Upvote
0
Thanks I did found it before but....Have a look:
[B4X] Get JWT Payload (JavaWebToken)
This function reads the payload of a jwt token and returns a map Input token...www.b4x.com
I was looking for a way to generate it (sign it with the secret) and to validate the signature (providing the secret key)
Upvote
0
JWT is not encrypted.
I think the token should be generated and validated on server, not from client app.
Upvote
0
*Edited*
Thanks @aeric, @Alexander Stolte
I did manage to get it right on B4A,not tested yet in B4I. will try it next week to port it to B4I
Now working on B4A and B4I (Thanks to this post: https://www.b4x.com/android/forum/t...ces-v4-signature-calculator.81036/post-513785)
Here is the code to produce and sign the JWT.
I have correctly validate the JWT on jwt.io and also in my endpoint in VB.NET over IIS. If someone is interested in the VB code, I can also post it.
Function
Function Call:
Outputs a JWT:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOnsiaWRDb250cm9sIjoxMzk0LCJpZEFjY2VzbyI6MTIzNH0sImV4cCI6MTc0NDM5MjczMH0.9TxYfqFKdV49jaWsa26QybnojOC_iZGh64Wwr5iBE8w
Validation of the JWT with the "Secret"
Thanks @aeric, @Alexander Stolte
I did manage to get it right on B4A,
Now working on B4A and B4I (Thanks to this post: https://www.b4x.com/android/forum/t...ces-v4-signature-calculator.81036/post-513785)
Here is the code to produce and sign the JWT.
I have correctly validate the JWT on jwt.io and also in my endpoint in VB.NET over IIS. If someone is interested in the VB code, I can also post it.
Function
B4X:
Public Sub generateJWT(data As Map, secret As String, expires As Int) As String
Dim header As Map = CreateMap("alg": "HS256", "typ": "JWT")
Main.kvs.Put("TimeZoneOffset",DateTime.TimeZoneOffset)
Dim exp As Long = DateUtils.TicksToUnixTime(DateTime.Now) + expires
Dim payload As Map = CreateMap("sub": data, "exp": exp)
Dim JSON As JSONGenerator
JSON.Initialize(header)
Dim su As StringUtils
Dim tHeader As String = JSON.ToString
tHeader = su.EncodeBase64(tHeader.GetBytes("utf8"))
tHeader = tHeader.Replace("+", "-")
tHeader = tHeader.Replace("/", "_")
If tHeader.SubString(tHeader.Length-1) = "=" Then tHeader = tHeader.SubString2(0, tHeader.Length-1)
If tHeader.SubString(tHeader.Length-1) = "=" Then tHeader = tHeader.SubString2(0, tHeader.Length-1)
' For payload
JSON.Initialize(payload)
Dim tPayload As String = JSON.ToString
tPayload = su.EncodeBase64(tPayload.GetBytes("utf8"))
tPayload = tPayload.Replace("+", "-")
tPayload = tPayload.Replace("/", "_")
If tPayload.SubString(tPayload.Length-1) = "=" Then tPayload = tPayload.SubString2(0, tPayload.Length-1)
If tPayload.SubString(tPayload.Length-1) = "=" Then tPayload = tPayload.SubString2(0, tPayload.Length-1)
' Concatenate header and payload
' HMACSHA256 signature generation
Dim message As String = tHeader & "." & tPayload
Dim objResult() As Byte
#if b4a
Dim joMac As JavaObject
joMac = joMac.InitializeStatic("javax.crypto.Mac").RunMethod("getInstance", Array("HmacSHA256"))
Dim keySpec As JavaObject
keySpec.InitializeNewInstance("javax.crypto.spec.SecretKeySpec", Array(secret.GetBytes("UTF8"), "HmacSHA256"))
joMac.RunMethod("init", Array(keySpec))
Dim objResult() As Byte = joMac.RunMethod("doFinal", Array(message.GetBytes("UTF8")))
#End If
#If B4I
Dim no As NativeObject = Me
Dim res As Object = no.RunMethod("hmacForKeyAndData::", Array(no.ArrayToNSData(secret.GetBytes("UTF8")), no.ArrayToNSData(message.GetBytes("utf8"))))
objResult = no.NSDataToArray(res)
#End If
Dim tSignature As String = su.EncodeBase64(objResult)
tSignature = tSignature.Replace("+", "-")
tSignature = tSignature.Replace("/", "_")
If tSignature.SubString(tSignature.Length-1) = "=" Then tSignature = tSignature.SubString2(0, tSignature.Length-1)
If tSignature.SubString(tSignature.Length-1) = "=" Then tSignature = tSignature.SubString2(0, tSignature.Length-1)
Return (message & "." & tSignature)
End Sub
#if OBJC
#import <CommonCrypto/CommonHMAC.h>
- (NSData*) hmacForKeyAndData:(NSData*)cKey :(NSData*) cData
{
unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA256, [cKey bytes], [cKey length], [cData bytes], [cData length], cHMAC);
return [[NSData alloc] initWithBytes:cHMAC length:sizeof(cHMAC)];
}
#End If
End SubFunction Call:
B4X:
Dim subload As Map = CreateMap("idControl": 1394, "idAcceso": 1234)
Log(xc.generateJWT(subload, "TestTest", 300))Outputs a JWT:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOnsiaWRDb250cm9sIjoxMzk0LCJpZEFjY2VzbyI6MTIzNH0sImV4cCI6MTc0NDM5MjczMH0.9TxYfqFKdV49jaWsa26QybnojOC_iZGh64Wwr5iBE8w
Validation of the JWT with the "Secret"
Last edited:
Upvote
0
