//private Encode
private Task <string> Encrypt(string data, string kid)
{
var extraHeaders = new Dictionary <string, object>
{
{ "typ", "JOSE" },
{ "kid", kid },
{ "iat", DateTime.UtcNow }
};
using var key = KeyStore.GetServerKey();
return(Task.FromResult(Jose.JWT.Encode(data, key, JweAlgorithm.RSA_OAEP, JweEncryption.A256CBC_HS512, extraHeaders: extraHeaders)));
}
//private Decode
private Task <AuthResult> VerifySign(string jwsToken)
{
var result = new AuthResult
{
JwsHeader = Jose.JWT.Headers(jwsToken)
};
if (!result.JwsHeader.TryGetValue("alg", out var alg))
{
throw new Exception("Required Element Missing (JWS.alg)");
}
if (!result.JwsHeader.TryGetValue("kid", out var kid))
{
throw new Exception("Required Element Missing (JWS.kid)");
}
if (!result.JwsHeader.TryGetValue("typ", out var typ))
{
throw new Exception("Required Element Missing (JWS.typ)");
}
if (!result.JwsHeader.TryGetValue("cty", out var cty))
{
throw new Exception("Required Element Missing (JWS.cty)");
}
try
{
using var key = KeyStore.GetServerKey();
result.JweToken = Jose.JWT.Decode(jwsToken, key, JwsAlgorithm.RS256);
result.Kid = (string)kid;
}
catch (Exception)
{
throw new Exception("The JWS signature is not valid.");
}
return(Task.FromResult(result));
}