/// <summary>
/// Parses a JWT string encoded.
/// </summary>
/// <param name="jwt">The string encoded.</param>
/// <param name="algorithm">The signature algorithm.</param>
/// <param name="verify">true if verify the signature; otherwise, false.</param>
/// <returns>A JSON web token object.</returns>
/// <exception cref="ArgumentNullException">jwt was null or empty. -or- algorithm was null and verify is true.</exception>
/// <exception cref="ArgumentException">jwt did not contain any information.</exception>
/// <exception cref="FormatException">jwt was in incorrect format.</exception>
/// <exception cref="InvalidOperationException">Verify failure.</exception>
public static JsonWebToken <T> Parse(string jwt, ISignatureProvider algorithm, bool verify = true)
{
if (string.IsNullOrWhiteSpace(jwt))
{
throw new ArgumentNullException(nameof(jwt), "jwt should not be null or empty.");
}
var prefix = $"{TokenInfo.BearerTokenType} ";
if (jwt.IndexOf(prefix) == 0)
{
if (jwt.Length == prefix.Length)
{
throw new ArgumentException("jwt should not contain a scheme only.", nameof(jwt));
}
jwt = jwt.Substring(prefix.Length);
}
var arr = jwt.Split('.');
if (arr.Length < 3)
{
throw new FormatException("jwt is not in the correct format.");
}
if (verify)
{
var bytes = Encoding.ASCII.GetBytes($"{arr[0]}.{arr[1]}");
var sign = WebFormat.Base64UrlDecode(arr[2]);
if (algorithm != null)
{
if (!algorithm.Verify(bytes, sign))
{
throw new InvalidOperationException("jwt signature is incorrect.");
}
}
else
{
if (sign.Length > 0)
{
throw new ArgumentNullException(nameof(algorithm), "algorithm should not be null.");
}
}
}
var header = WebFormat.Base64UrlDecodeTo <JsonWebTokenHeader>(arr[0]);
if (header == null)
{
throw new ArgumentException("jwt should contain header in Base64Url.", nameof(jwt));
}
var payload = WebFormat.Base64UrlDecodeTo <T>(arr[1]);
if (payload == null)
{
throw new ArgumentException("jwt should contain payload in Base64Url.", nameof(jwt));
}
var obj = new JsonWebToken <T>(payload, algorithm)
{
headerBase64Url = arr[0],
signatureCache = arr[2]
};
obj.header.Type = header.Type;
obj.header.AlgorithmName = header.AlgorithmName;
return(obj);
}
protected override async Task OnProcessAsync(CancellationToken cancellationToken = default)
{
var codeTokenReq = new CodeTokenRequest(new CodeTokenRequestBody
{
Code = "hijklmn\r\nopq\trst"
}, "abcd", "efg")
{
ScopeString = "test plain"
};
await Task.Run(() => { }, cancellationToken);
var tokenUrl = codeTokenReq.ToJsonString();
codeTokenReq = CodeTokenRequest.Parse(tokenUrl);
tokenUrl = codeTokenReq.ToQueryData().ToString();
codeTokenReq = CodeTokenRequest.Parse(tokenUrl);
tokenUrl = codeTokenReq.ToJsonString();
codeTokenReq = CodeTokenRequest.Parse(tokenUrl);
Console.WriteLine(codeTokenReq.ToQueryData().ToString());
Console.WriteLine();
// JWT HS512
var hs = HashSignatureProvider.CreateHS512("a secret string");
var jwt = new JsonWebToken <Net.HttpClientVerb.NameAndDescription>(new Net.HttpClientVerb.NameAndDescription
{
Name = "abcd",
Description = "efg"
}, hs);
var header = jwt.ToAuthenticationHeaderValue();
jwt = JsonWebToken <Net.HttpClientVerb.NameAndDescription> .Parse(header.ToString(), hs);
var jwtStr = jwt.ToEncodedString();
Console.WriteLine(jwtStr != header.Parameter ? "Failed JWT HS512 testing." : jwtStr);
Console.WriteLine();
// RSA.
var rsa = RSA.Create();
var privateKey = rsa.ExportParameters(true).ToPrivatePEMString(true);
Console.WriteLine(privateKey);
var publicKey = rsa.ExportParameters(false).ToPublicPEMString();
Console.WriteLine(publicKey);
var privateKeyP = RSAParametersConvert.Parse(privateKey).Value;
var privateKeyS = privateKeyP.ToPrivatePEMString(true);
var publicKeyP = RSAParametersConvert.Parse(publicKey).Value;
var publicKeyS = publicKeyP.ToPublicPEMString();
Console.WriteLine("They are {0}.", (privateKey == privateKeyS) && (publicKey == publicKeyS) ? "same" : "different");
Console.WriteLine();
// JWT RS512
var rs = RSASignatureProvider.CreateRS512(rsa);
jwt = new JsonWebToken <Net.HttpClientVerb.NameAndDescription>(jwt.Payload, rs);
header = jwt.ToAuthenticationHeaderValue();
jwt = JsonWebToken <Net.HttpClientVerb.NameAndDescription> .Parse(header.ToString(), rs);
jwtStr = jwt.ToEncodedString();
Console.WriteLine(jwtStr != header.Parameter ? "Failed JWT RS512 testing." : header.Parameter);
Console.WriteLine();
}