public async Task <JwsPayload> UnSign(string jws) { if (string.IsNullOrWhiteSpace(jws)) { throw new ArgumentNullException(nameof(jws)); } var protectedHeader = _jwsParser.GetHeader(jws); if (protectedHeader == null) { return(null); } var jsonWebKeySet = await _identityServerClientFactory.CreateJwksClient() .ResolveAsync(_parametersProvider.GetOpenIdConfigurationUrl()) .ConfigureAwait(false); var jsonWebKeys = _jsonWebKeyConverter.ExtractSerializedKeys(jsonWebKeySet); if (jsonWebKeys == null || !jsonWebKeys.Any(j => j.Kid == protectedHeader.Kid)) { return(null); } var jsonWebKey = jsonWebKeys.First(j => j.Kid == protectedHeader.Kid); if (protectedHeader.Alg == Jwt.Constants.JwsAlgNames.NONE) { return(_jwsParser.GetPayload(jws)); } return(_jwsParser.ValidateSignature(jws, jsonWebKey)); }
public async Task <JwsPayload> UnSign(string jws, string openidProvider) { if (string.IsNullOrWhiteSpace(jws)) { throw new ArgumentNullException(nameof(jws)); } if (string.IsNullOrWhiteSpace(openidProvider)) { throw new ArgumentNullException(nameof(openidProvider)); } var protectedHeader = _jwsParser.GetHeader(jws); if (protectedHeader == null) { return(null); } if (protectedHeader.Alg == SimpleIdServer.Core.Jwt.Constants.JwsAlgNames.NONE) { return(_jwsParser.GetPayload(jws)); } var jsonWebKeySet = await _identityServerClientFactory.CreateJwksClient().ResolveAsync(openidProvider).ConfigureAwait(false); return(_jwsParser.ValidateSignature(jws, jsonWebKeySet)); }
public Task <JwsPayload> UnSign(string jws, PolicyRule policyRule) { if (string.IsNullOrWhiteSpace(jws)) { throw new ArgumentNullException(nameof(jws)); } if (policyRule == null) { throw new ArgumentNullException(nameof(policyRule)); } var protectedHeader = _jwsParser.GetHeader(jws); if (protectedHeader == null) { return(null); } if (protectedHeader.Alg == SimpleIdentityServer.Core.Jwt.Constants.JwsAlgNames.NONE) { return(Task.FromResult(_jwsParser.GetPayload(jws))); } var jsonWebKey = new JsonWebKey { Kty = KeyType.RSA, Kid = protectedHeader.Kid, SerializedKey = policyRule.SerializedCertificate }; return(Task.FromResult(_jwsParser.ValidateSignature(jws, jsonWebKey))); }
private JwsPayload UnSignWithJsonWebKey(JsonWebKey jsonWebKey, JwsProtectedHeader jwsProtectedHeader, string jws) { if (jsonWebKey == null && jwsProtectedHeader.Alg != Jwt.Constants.JwsAlgNames.NONE) { return null; } if (jwsProtectedHeader.Alg == Jwt.Constants.JwsAlgNames.NONE) { return _jwsParser.GetPayload(jws); } return _jwsParser.ValidateSignature(jws, jsonWebKey); }
public async Task <JwsPayload> UnSign( string jws, string jwks) { if (string.IsNullOrWhiteSpace(jws)) { throw new ArgumentNullException(nameof(jws)); } if (string.IsNullOrWhiteSpace(jwks)) { throw new ArgumentNullException(nameof(jwks)); } var protectedHeader = _jwsParser.GetHeader(jws); if (protectedHeader == null) { return(null); } var jsonWebKey = await GetJsonWebKey(jwks, protectedHeader.Kid); if (jsonWebKey == null && protectedHeader.Alg != Core.Jwt.Constants.JwsAlgNames.NONE) { return(null); } if (protectedHeader.Alg == Core.Jwt.Constants.JwsAlgNames.NONE) { return(_jwsParser.GetPayload(jws)); } return(_jwsParser.ValidateSignature(jws, jsonWebKey)); }
public async Task <JwsInformationResult> Execute(GetJwsParameter getJwsParameter) { if (getJwsParameter == null || string.IsNullOrWhiteSpace(getJwsParameter.Jws)) { throw new ArgumentNullException(nameof(getJwsParameter)); } Uri uri = null; if (!string.IsNullOrWhiteSpace(getJwsParameter.Url)) { if (!Uri.TryCreate(getJwsParameter.Url, UriKind.Absolute, out uri)) { throw new IdentityServerManagerException( ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheUrlIsNotWellFormed, getJwsParameter.Url)); } } var jws = getJwsParameter.Jws; var jwsHeader = _jwsParser.GetHeader(jws); if (jwsHeader == null) { throw new IdentityServerManagerException( ErrorCodes.InvalidRequestCode, ErrorDescriptions.TheTokenIsNotAValidJws); } if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase) && uri == null) { throw new IdentityServerManagerException( ErrorCodes.InvalidRequestCode, ErrorDescriptions.TheSignatureCannotBeChecked); } var result = new JwsInformationResult { Header = jwsHeader }; JwsPayload payload = null; if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase)) { var jsonWebKey = await _jsonWebKeyHelper.GetJsonWebKey(jwsHeader.Kid, uri).ConfigureAwait(false); if (jsonWebKey == null) { throw new IdentityServerManagerException( ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheJsonWebKeyCannotBeFound, jwsHeader.Kid, uri.AbsoluteUri)); } payload = _jwsParser.ValidateSignature(jws, jsonWebKey); if (payload == null) { throw new IdentityServerManagerException( ErrorCodes.InvalidRequestCode, ErrorDescriptions.TheSignatureIsNotCorrect); } var jsonWebKeyDic = _jsonWebKeyEnricher.GetJsonWebKeyInformation(jsonWebKey); jsonWebKeyDic.AddRange(_jsonWebKeyEnricher.GetPublicKeyInformation(jsonWebKey)); result.JsonWebKey = jsonWebKeyDic; } else { payload = _jwsParser.GetPayload(jws); } result.Payload = payload; return(result); }