private bool verifyPrivateClaims(JwtSecurityToken jwtToken, PrivateClaims privateClaims, JWTOptions options)
        {
            RegisteredClaims registeredClaims = options.getAllRegisteredClaims();
            PublicClaims     publicClaims     = options.getAllPublicClaims();

            if (privateClaims == null || privateClaims.isEmpty())
            {
                return(true);
            }
            string jsonPayload = jwtToken.Payload.SerializeToJson();
            Dictionary <string, object> map = null;

            try
            {
                map = JsonConvert.DeserializeObject <Dictionary <string, object> >(jsonPayload);
            }
            catch (Exception)
            {
                this.error.setError("JW009", "Cannot parse JWT payload");
                return(false);
            }
            this.counter = 0;
            bool validation   = verifyNestedClaims(privateClaims.getNestedMap(), map, registeredClaims, publicClaims);
            int  pClaimsCount = countingPrivateClaims(privateClaims.getNestedMap(), 0);

            if (validation && !(this.counter == pClaimsCount))
            {
                return(false);
            }
            return(validation);
        }
Beispiel #2
0
 public JWTOptions() : base()
 {
     this.publicClaims     = new PublicClaims();
     this.registeredClaims = new RegisteredClaims();
     this.revocationList   = new RevocationList();
     this.parameters       = new HeaderParameters();
 }
        private bool isPublic(string claimKey, PublicClaims publicClaims)
        {
            List <Claim> publicClaimsList = publicClaims.getAllClaims();

            foreach (Claim s in publicClaimsList)
            {
                if (SecurityUtils.compareStrings(s.getKey().Trim(), claimKey.Trim()))
                {
                    return(true);
                }
            }
            return(false);
        }
        private bool verifyNestedClaims(Dictionary <string, object> pclaimMap, Dictionary <string, object> map,
                                        RegisteredClaims registeredClaims, PublicClaims publicClaims)
        {
            List <string> mapClaimKeyList = new List <string>(map.Keys);
            List <string> pClaimKeyList   = new List <string>(pclaimMap.Keys);

            if (pClaimKeyList.Count > pClaimKeyList.Count)
            {
                return(false);
            }
            foreach (String mapKey in mapClaimKeyList)
            {
                if (!isRegistered(mapKey, registeredClaims) && !isPublic(mapKey, publicClaims))
                {
                    this.counter++;
                    if (!pclaimMap.ContainsKey(mapKey))
                    {
                        return(false);
                    }

                    object op    = pclaimMap[mapKey];
                    object ot    = map[mapKey];
                    Type   opt   = op.GetType();
                    Type   ott   = ot.GetType();
                    Type   int16 = Type.GetType("System.Int16", false, true);
                    Type   int32 = Type.GetType("System.Int32", false, true);
                    Type   int64 = Type.GetType("System.Int64", false, true);
                    if ((opt == typeof(string)) && (ott == typeof(string)))
                    {
                        if (!SecurityUtils.compareStrings(((string)op).Trim(), ((string)ot).Trim()))
                        {
                            return(false);
                        }
                    }

                    else if (((opt == int16) || (opt == int32) || (opt == int64)) && ((ott == int16) || (ott == int32) || (ott == int64)))
                    {
                        if (Convert.ToInt32(op) != Convert.ToInt32(ot))
                        {
                            return(false);
                        }
                    }
                    else if (opt == typeof(bool))
                    {
                        if (Convert.ToBoolean(op) != Convert.ToBoolean(ot))
                        {
                            return(false);
                        }
                    }
                    else if ((op.GetType() == typeof(Dictionary <string, object>)) && (ot.GetType() == typeof(JObject)))
                    {
                        bool flag = verifyNestedClaims((Dictionary <string, object>)op, ((JObject)ot).ToObject <Dictionary <string, object> >(),
                                                       registeredClaims, publicClaims);
                        if (!flag)
                        {
                            return(false);
                        }
                    }
                    else
                    {
                        return(false);
                    }
                }
            }
            return(true);
        }
        private JwtPayload doBuildPayload(PrivateClaims privateClaims, JWTOptions options)
        {
            JwtPayload payload = new JwtPayload();
            // ****START BUILD PAYLOAD****//
            // Adding private claims
            List <Claim> privateC = privateClaims.getAllClaims();

            foreach (Claim privateClaim in privateC)
            {
                if (privateClaim.getNestedClaims() != null)
                {
                    payload.Add(privateClaim.getKey(), privateClaim.getNestedClaims().getNestedMap());
                }
                else
                {
                    System.Security.Claims.Claim netPrivateClaim = null;
                    object obj = privateClaim.getValue();
                    if (obj.GetType() == typeof(string))
                    {
                        netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), (string)privateClaim.getValue());
                    }
                    else if (obj.GetType() == typeof(int))
                    {
                        int value = (int)obj;
                        netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Integer32);
                    }
                    else if (obj.GetType() == typeof(long))
                    {
                        long value = (long)obj;
                        netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Integer64);
                    }
                    else if (obj.GetType() == typeof(double))
                    {
                        double value = (double)obj;
                        netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Double);
                    }
                    else if (obj.GetType() == typeof(bool))
                    {
                        bool value = (bool)obj;
                        netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Boolean);
                    }
                    else
                    {
                        this.error.setError("JW012", "Unrecognized data type");
                    }

                    //System.Security.Claims.Claim netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), privateClaim.getValue());

                    payload.AddClaim(netPrivateClaim);
                }
            }
            // Adding public claims
            if (options.hasPublicClaims())
            {
                PublicClaims publicClaims = options.getAllPublicClaims();
                List <Claim> publicC      = publicClaims.getAllClaims();
                foreach (Claim publicClaim in publicC)
                {
                    System.Security.Claims.Claim netPublicClaim = new System.Security.Claims.Claim(publicClaim.getKey(), (string)publicClaim.getValue());
                    payload.AddClaim(netPublicClaim);
                }
            }
            // Adding registered claims
            if (options.hasRegisteredClaims())
            {
                RegisteredClaims registeredClaims = options.getAllRegisteredClaims();
                List <Claim>     registeredC      = registeredClaims.getAllClaims();
                foreach (Claim registeredClaim in registeredC)
                {
                    System.Security.Claims.Claim netRegisteredClaim;

                    if (RegisteredClaimUtils.isTimeValidatingClaim(registeredClaim.getKey()))
                    {
                        netRegisteredClaim = new System.Security.Claims.Claim(registeredClaim.getKey(), (string)registeredClaim.getValue(), System.Security.Claims.ClaimValueTypes.Integer32);
                    }
                    else
                    {
                        netRegisteredClaim = new System.Security.Claims.Claim(registeredClaim.getKey(), (string)registeredClaim.getValue());
                    }

                    payload.AddClaim(netRegisteredClaim);
                }
            }
            // ****END BUILD PAYLOAD****//
            return(payload);
        }