private dynamic DecodeHeader(dynamic parts) { var header = parts[0]; var headerJson = Encoding.UTF8.GetString(JsonWebToken.Base64UrlDecode(header)); dynamic headerObj = JsonConvert.DeserializeObject(headerJson); return headerObj; }
private OwrJsonWebTokenPayload DecodePayload(string token) { if (String.IsNullOrWhiteSpace(token)) throw new ArgumentNullException(Parameters.Token); var parts = token.Split(Delimiters.Dot); if (parts.Length != 3) { throw new FormatException("Token must consist from 3 delimited by dot parts"); } var payLoad = parts[1]; var payLoadJson = Encoding.UTF8.GetString(JsonWebToken.Base64UrlDecode(payLoad)); OwrJsonWebTokenPayload payload = JsonConvert.DeserializeObject<OwrJsonWebTokenPayload>(payLoadJson); return payload; }
public override void ValidateSignature(JsonWebTokenRequest jsonWebTokenRequest) { try { //guard clause if (jsonWebTokenRequest == null) { throw new ArgumentNullException(Constants.Parameters.JsonWebTokenRequest); } if (jsonWebTokenRequest.Token == null) { throw new ArgumentNullException(Constants.Parameters.JsonWebTokenRequestToken); } var tokenParts = jsonWebTokenRequest.Token.Split(Constants.Delimiters.Dot); //get the decoded signature from the request var crypto = JsonWebToken.Base64UrlDecode(tokenParts[2]); var decodedCrypto = Convert.ToBase64String(crypto); //Recreating the signature from the JWT request header and payload var header = tokenParts[0]; var payload = tokenParts[1]; var bytesToSign = Encoding.UTF8.GetBytes(string.Concat(header, Constants.Delimiters.Dot, payload)); byte[] signatureData; var key = ConfigurationService.GetSecretKey(); using (var sha = new HMACSHA256(Encoding.UTF8.GetBytes(key))) { signatureData = sha.ComputeHash(bytesToSign); } var decodedSignature = Convert.ToBase64String(signatureData); //compare signatures if (decodedCrypto == decodedSignature) { jsonWebTokenRequest.SignatureValid = true; } else { jsonWebTokenRequest.SignatureValid = false; } } catch (Exception ex) { jsonWebTokenRequest.Errors.Add(new JsonWebTokenRequestError(ex.Message, ex.StackTrace)); jsonWebTokenRequest.Errors.Add(new JsonWebTokenRequestError(Constants.Messages.SignatureValidationUnhandledError)); } }
public virtual void ValidateSignatureFor(JsonWebTokenRequest jsonWebTokenRequest, string fileName) { try { //guard clause if (jsonWebTokenRequest == null) { throw new ArgumentNullException(Constants.Parameters.JsonWebTokenRequest); } if (jsonWebTokenRequest.Token == null) { throw new ArgumentNullException(Constants.Parameters.JsonWebTokenRequestToken); } if (string.IsNullOrWhiteSpace(fileName)) { throw new ArgumentNullException("Public key file name is not provided."); } var tokenParts = jsonWebTokenRequest.Token.Split(Constants.Delimiters.Dot); using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) { var publicKeyXml = ConfigurationService.GetPublicKey(fileName); rsa.FromXmlString(publicKeyXml); using (SHA256 sha256 = SHA256.Create()) { byte[] hash = sha256.ComputeHash(Encoding.UTF8.GetBytes(tokenParts[0] + '.' + tokenParts[1])); RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa); rsaDeformatter.SetHashAlgorithm("SHA256"); if (!rsaDeformatter.VerifySignature(hash, JsonWebToken.Base64UrlDecode(tokenParts[2]))) { Trace.TraceWarning("public key:{0}, token signature:{1}", publicKeyXml, tokenParts[2]); jsonWebTokenRequest.SignatureValid = false; } else { jsonWebTokenRequest.SignatureValid = true; } } } } catch (Exception ex) { jsonWebTokenRequest.Errors.Add(new JsonWebTokenRequestError(ex.Message, ex.StackTrace)); jsonWebTokenRequest.Errors.Add(new JsonWebTokenRequestError(Constants.Messages.SignatureValidationUnhandledError)); } }
/// <summary> /// decode the payload of the JWT Token /// </summary> /// <typeparam name="T"></typeparam> /// <param name="token"></param> /// <returns></returns> public T DecodePayloadToObject <T>(string token) { //guard clause if (string.IsNullOrWhiteSpace(token)) { throw new ArgumentNullException(Constants.Parameters.Token); } var parts = token.Split(Constants.Delimiters.Dot); if (parts.Length != 3) { throw new FormatException(Constants.Messages.TokenFormatError); } var payLoad = parts[1]; var payLoadJson = Encoding.UTF8.GetString(JsonWebToken.Base64UrlDecode(payLoad)); return(JsonConvert.DeserializeObject <T>(payLoadJson)); }
/// <summary> /// decode the header of the JWT Token /// </summary> /// <typeparam name="T"></typeparam> /// <param name="token"></param> /// <returns></returns> public T DecodeHeaderToObject <T>(string token) { //guard clause if (string.IsNullOrWhiteSpace(token)) { throw new ArgumentNullException(Constants.Parameters.Token); } var parts = token.Split(Constants.Delimiters.Dot); if (parts.Length != 3) { throw new FormatException(Constants.Messages.TokenFormatError); } var header = parts[0]; Trace.TraceInformation($"header:{header}"); var headerJson = Encoding.UTF8.GetString(JsonWebToken.Base64UrlDecode(header)); return(JsonConvert.DeserializeObject <T>(headerJson)); }