6

I'm building an iOS app that requires to authenticate with Google using the OAuth 2.0 / JWT workflow outlined in the link below.

Google OAuth 2.0 JWT example

I have the private key file and client_id. I'm using the Google API Objective-C Client library to try and authenticate. But, I have no idea how to proceed.

Is it possible to do this authentication workflow using the iOS client library?

4

1 回答 1

0

我刚刚完成了与您的问题类似的事情。我需要使用 JWT 将数据发布到 GCP IoT。这是我使用 RSAWithSHA256 所做的:

使用库MIHCrypto(在 Podfile pod "MIHCrypto", "~> 0.4.1" 中

#import "MIHAESKeyFactory.h"
#import "MIHRSAPrivateKey.h"



  (void) createJWT {
  NSMutableDictionary *headerDict = [NSMutableDictionary new];
  headerDict[@"alg"] = @"RS256";
  headerDict[@"typ"] = @"JWT";

  NSMutableDictionary *payloadDict = [NSMutableDictionary new];
  payloadDict[@"aud"] = @"my project";
  NSDate *now = [NSDate new];
  payloadDict[@"iat"] = [NSNumber numberWithInt:[now timeIntervalSince1970]];
  payloadDict[@"exp"] = [NSNumber numberWithInt:[now timeIntervalSince1970] + 20 * 60];

  NSError *error;
  NSData *headerData = [NSJSONSerialization dataWithJSONObject:headerDict
                                                       options:NSJSONWritingPrettyPrinted
                                                         error:&error];


  NSData *payloadData = [NSJSONSerialization dataWithJSONObject:payloadDict
                                                        options:NSJSONWritingPrettyPrinted
                                                          error:&error];


  NSString *base64UrlMessage = [NSString stringWithFormat:@"%@.%@", [self base64UrlforData:headerData ], [self base64UrlforData:payloadData]];

  NSData *privateKeyData = [[self pemKeyStringFromFileWithName:@"myPrivateKey" extension:@"pem"] dataUsingEncoding:NSUTF8StringEncoding];
  MIHRSAPrivateKey *privateKey = [[MIHRSAPrivateKey alloc] initWithData:privateKeyData];

  NSError *signingError = nil;
  NSData *signedData = [privateKey signWithSHA256:[base64UrlMessage dataUsingEncoding:NSUTF8StringEncoding] error:&signingError];

  NSString *signedBase64UrlMessage = [self base64UrlforData: signedData];


  NSString *jwt = [NSString stringWithFormat:@"%@.%@", base64UrlMessage, signedBase64UrlMessage];

  NSLog(@"jwt = %@", jwt);
}


 (NSString*)base64UrlforData:(NSData*)data {
  // base64 to base64URL
  // 1 - remove all '='
  // 2 - replace all '+' by '-'
  // 3 - replace all '/' by '_'
  NSString *base64 = [data base64EncodedStringWithOptions:0];
  NSString *base64_1 = [base64 stringByReplacingOccurrencesOfString:@"=" withString:@""];
  NSString *base64_2 = [base64_1 stringByReplacingOccurrencesOfString:@"+" withString:@"-"];
  NSString *base64_3 = [base64_2 stringByReplacingOccurrencesOfString:@"/" withString:@"_"];
  return base64_3;
}

  (NSString *)pemKeyStringFromFileWithName:(NSString *)name extension: (NSString*) extension {
  NSBundle *bundle = [NSBundle mainBundle];
  NSURL *fileURL = [bundle URLForResource:name withExtension:extension];
  NSError *error = nil;
  NSString *fileContent = [NSString stringWithContentsOfURL:fileURL encoding:NSUTF8StringEncoding error:&error];
  if (error) {
    NSLog(@"%@ error: %@", self.debugDescription, error);
    return nil;
  }
  return fileContent;
}
于 2018-04-13T14:16:42.137 回答