Last active
January 19, 2018 19:30
-
-
Save truth3/569d7372ec53a5e3c1972a8dd1a1d4d7 to your computer and use it in GitHub Desktop.
(.NET) Access Token Generation (JWT)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Imports System.Net | |
Imports System.Web | |
Imports System.IO | |
Imports Newtonsoft.Json | |
Imports Newtonsoft.Json.Linq | |
Imports System.Security.Cryptography | |
PublicClassiFormAPIMethods | |
'iFormBuilder API info | |
Private API_ClientKey AsString = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXX" | |
Private API_ClientSecret AsString = "XXXXXXXXXXXXXXXXXXXXXXXXXXX" | |
Private BaseURL AsString = "CompanyName.iformbuilder.com" | |
Private FullURL AsString = "https://" & BaseURL & "/exzact/api/oauth/token" | |
'Quotation Mark Character for substitution | |
Private q As Char = Chr(34) | |
'JWT Claim Set Parameters | |
Property iss As String = API_ClientKey | |
Property aud As String = FullURL | |
Property AccessToken As String | |
PublicSubNew() | |
EndSub | |
Public Sub GetAccessToken() | |
'Build web request | |
Dim uriAddress As New Uri(FullURL) | |
Dim wRequest As HttpWebRequest = DirectCast(HttpWebRequest.Create(uriAddress), HttpWebRequest) | |
Dim strPostData As String = "" | |
Dim bytPostData As Byte() | |
Dim stJWT As String | |
'Get JWT | |
stJWT = CreateJWT() | |
'Post Data --- | |
strPostData = "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer" & _ | |
"&assertion=" & stJWT | |
'Post Data --- to byte() | |
bytPostData = System.Text.Encoding.UTF8.GetBytes(strPostData) | |
'Set Web Request Properties | |
With wRequest | |
.Method = "POST" | |
.ContentType = "application/x-www-form-urlencoded" | |
.ContentLength = bytPostData.Length | |
End With | |
'Post Request and Get Response | |
Using postStream As Stream = wRequest.GetRequestStream() | |
postStream.Write(bytPostData, 0, bytPostData.Length) | |
Dim rawResponseFromServer = "" | |
Try | |
Using response As HttpWebResponse = wRequest.GetResponse() | |
Dim reader As New StreamReader(response.GetResponseStream()) | |
rawResponseFromServer = reader.ReadToEnd() | |
Dim o As JObject = JObject.Parse(rawResponseFromServer) | |
Me.AccessToken = o.Item("access_token").Value(Of String)() | |
End Using | |
Catch wex As WebException | |
If Not wex.Response Is Nothing Then | |
MsgBox(wex.Message) | |
Debug.WriteLine("Resulting Error --- " & wex.Message & vbNewLine & wex.StackTrace) | |
End If | |
End Try | |
End Using | |
EndSub | |
#Region"HelperFunctions" | |
PrivateFunction CreateJWT() AsString | |
Dim JWT As String | |
Dim EncodedJWT As Byte() | |
'Build Header and Claim Set String | |
Dim strHeader As String = Strings.Replace("{'alg':'HS256','typ':'JWT'}", "'", q) | |
Dim strClaimSet As String = Strings.Replace("{'iss':'" & iss & "', 'aud':'" & aud & "', 'exp':" & exp(600) & ", 'iat':" & iat() & "}", "'", q) | |
'Build JWT String | |
JWT = ToBase64URL(strHeader) & "." & ToBase64URL(strClaimSet) | |
'Convert Client Secret to UTF8 Byte() | |
Dim bytKey As Byte() = System.Text.Encoding.UTF8.GetBytes(API_ClientSecret) | |
'Encode JWT String | |
Dim hmac_encode As HMACSHA256 = New HMACSHA256(bytKey) | |
EncodedJWT = hmac_encode.ComputeHash(System.Text.Encoding.UTF8.GetBytes(JWT)) | |
'Sign and return JWT | |
Dim signature As String = ToBase64URL(EncodedJWT) | |
Return JWT & "." & signature | |
EndFunction | |
PrivateFunction ToBase64URL(text AsString) AsString | |
Dim b As Byte() = System.Text.Encoding.UTF8.GetBytes(text) | |
Return ToBase64URL(b) | |
EndFunction | |
PrivateFunction ToBase64URL(byt AsByte()) AsString | |
Dim result As String | |
'Convert to base 64 string | |
result = Convert.ToBase64String(byt) | |
'Make URL Friendly | |
result = result.Replace("+", "-").Replace("/", "_") | |
Do While result.Chars(result.Length - 1) = "=" | |
result = Strings.Left(result, result.Length - 1) | |
Loop | |
Return result | |
EndFunction | |
ReadOnly Property exp(ExpirationSeconds As Integer) As Long | |
Get | |
Return iat() + ExpirationSeconds | |
End Get | |
EndProperty | |
ReadOnlyProperty iat() AsLong | |
Get | |
Dim StartDate As Date = CDate("1/1/1970") | |
Dim EndDate As Date = Now.ToUniversalTime | |
Dim val As Long = DateDiff(DateInterval.Second, StartDate, EndDate) | |
Return val | |
End Get | |
EndProperty | |
#EndRegion | |
EndClass |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Perhaps I'm missing something, but this file has a .cs extension yet appears to contain VB. Also, there are random spaces missing all over... e.g PublicClassiFormAPIMethods, EndProperty, #EndRegion, EndClass etc. It might be worth re-uploading