I have created a test application based on the example https://www.emailarchite...-service-account-example

I have created both a json type private key and a p12 private key. The example uses the p12 key. When using this I can succesfully authenticate. However when I use the private key from the json file I can not. The reason is that the signature remains empty when calculating this using jwt.SignRs256WithPrivateKey(privateKey, header + '.' + playload)

To use the json private key I have modified the GenerateRequestData method (see the above mentioned example page ) in the following way:

<code snippet>

// load service account certificate to sign request data
// pfxPath := 'C:\test\myservice.p12';
// cert.LoadFromFile(pfxPath, 'notasecret', CRYPT_USER_KEYSET);
// signature := jwt.SignRs256(cert.DefaultInterface, header + '.' + playload);

JSONText := TFile.ReadAllText('C:\test\myservice.json');
JSONValue := TJSONObject.ParseJSONValue(JSONText);

if JSONValue is TJSONObject then
begin
JSONObject := TJSONObject(JSONValue);

if JSONObject.TryGetValue<WideString>('private_key', privateKey) then
memoLog.Lines.Add('private_key found')
else
memoLog.Lines.Add('private_key property not found in the JSON.');
end
else
begin
memoLog.Lines.Add('Invalid JSON format.');
end;


signature := jwt.SignRs256WithPrivateKey(privateKey, header + '.' + playload);

</code snippet>

both de myservice.p12 and de myservice.json are created as descibed in section 'Enable “Domain-wide delegation” and create service key' of the above mentioned example page.

p.s I added the following vars to the var section of the GenerateRequestData method:

JSONText: string;
JSONObject: TJSONObject;
JSONValue: TJSONValue;

I also added the following uses to the uses section:

System.JSON, IOUtils

What am I doing wrong i.e. why is de signature not correctly calculated?

Edited by user Thursday, August 10, 2023 4:46:22 AM(UTC)  | Reason: Added var and uses modifications