private bool verifyPrivateClaims(JwtSecurityToken jwtToken, PrivateClaims privateClaims, JWTOptions options) { RegisteredClaims registeredClaims = options.getAllRegisteredClaims(); PublicClaims publicClaims = options.getAllPublicClaims(); if (privateClaims == null || privateClaims.isEmpty()) { return(true); } string jsonPayload = jwtToken.Payload.SerializeToJson(); Dictionary <string, object> map = null; try { map = JsonConvert.DeserializeObject <Dictionary <string, object> >(jsonPayload); } catch (Exception) { this.error.setError("JW009", "Cannot parse JWT payload"); return(false); } this.counter = 0; bool validation = verifyNestedClaims(privateClaims.getNestedMap(), map, registeredClaims, publicClaims); int pClaimsCount = countingPrivateClaims(privateClaims.getNestedMap(), 0); if (validation && !(this.counter == pClaimsCount)) { return(false); } return(validation); }
public JWTOptions() : base() { this.publicClaims = new PublicClaims(); this.registeredClaims = new RegisteredClaims(); this.revocationList = new RevocationList(); this.parameters = new HeaderParameters(); }
private bool isRegistered(string claimKey, RegisteredClaims registeredClaims) { List <Claim> registeredClaimsList = registeredClaims.getAllClaims(); foreach (Claim s in registeredClaimsList) { if (SecurityUtils.compareStrings(s.getKey().Trim(), claimKey.Trim())) { return(true); } } return(false); }
private bool validateRegisteredClaims(JwtSecurityToken jwtToken, JWTOptions options) { // Adding registered claims if (options.hasRegisteredClaims()) { RegisteredClaims registeredClaims = options.getAllRegisteredClaims(); List <Claim> registeredC = registeredClaims.getAllClaims(); foreach (Claim registeredClaim in registeredC) { string registeredClaimKey = registeredClaim.getKey(); object registeredClaimValue = registeredClaim.getValue(); if (RegisteredClaimUtils.exists(registeredClaimKey)) { if (!RegisteredClaimUtils.isTimeValidatingClaim(registeredClaimKey)) { if (!RegisteredClaimUtils.validateClaim(registeredClaimKey, (string)registeredClaimValue, 0, jwtToken, this.error)) { return(false); } } else { long customValidationTime = registeredClaims.getClaimCustomValidationTime(registeredClaimKey); //int value = (int)registeredClaimValue; if (!RegisteredClaimUtils.validateClaim(registeredClaimKey, (string)registeredClaimValue, customValidationTime, jwtToken, this.error)) { return(false); } } if (this.HasError()) { return(false); } } else { error.setError("JW002", registeredClaimKey + " wrong registered claim key"); return(false); } } } return(true); }
/// <summary> /// Gets the string representation of a well-known claim name enum /// </summary> internal static string GetRegisteredClaimName(this RegisteredClaims value) => GetDescription(value);
/// <summary> /// Adds well-known claim to the Paseto. /// </summary> /// <param name="name">Well-known registered claim name</param> /// <param name="value">Claim value</param> /// <returns>Current builder instance</returns> public PasetoBuilder <TProtocol> AddClaim(RegisteredClaims name, string value) => AddClaim(name.GetRegisteredClaimName(), value);
private bool verifyNestedClaims(Dictionary <string, object> pclaimMap, Dictionary <string, object> map, RegisteredClaims registeredClaims, PublicClaims publicClaims) { List <string> mapClaimKeyList = new List <string>(map.Keys); List <string> pClaimKeyList = new List <string>(pclaimMap.Keys); if (pClaimKeyList.Count > pClaimKeyList.Count) { return(false); } foreach (String mapKey in mapClaimKeyList) { if (!isRegistered(mapKey, registeredClaims) && !isPublic(mapKey, publicClaims)) { this.counter++; if (!pclaimMap.ContainsKey(mapKey)) { return(false); } object op = pclaimMap[mapKey]; object ot = map[mapKey]; Type opt = op.GetType(); Type ott = ot.GetType(); Type int16 = Type.GetType("System.Int16", false, true); Type int32 = Type.GetType("System.Int32", false, true); Type int64 = Type.GetType("System.Int64", false, true); if ((opt == typeof(string)) && (ott == typeof(string))) { if (!SecurityUtils.compareStrings(((string)op).Trim(), ((string)ot).Trim())) { return(false); } } else if (((opt == int16) || (opt == int32) || (opt == int64)) && ((ott == int16) || (ott == int32) || (ott == int64))) { if (Convert.ToInt32(op) != Convert.ToInt32(ot)) { return(false); } } else if (opt == typeof(bool)) { if (Convert.ToBoolean(op) != Convert.ToBoolean(ot)) { return(false); } } else if ((op.GetType() == typeof(Dictionary <string, object>)) && (ot.GetType() == typeof(JObject))) { bool flag = verifyNestedClaims((Dictionary <string, object>)op, ((JObject)ot).ToObject <Dictionary <string, object> >(), registeredClaims, publicClaims); if (!flag) { return(false); } } else { return(false); } } } return(true); }
private JwtPayload doBuildPayload(PrivateClaims privateClaims, JWTOptions options) { JwtPayload payload = new JwtPayload(); // ****START BUILD PAYLOAD****// // Adding private claims List <Claim> privateC = privateClaims.getAllClaims(); foreach (Claim privateClaim in privateC) { if (privateClaim.getNestedClaims() != null) { payload.Add(privateClaim.getKey(), privateClaim.getNestedClaims().getNestedMap()); } else { System.Security.Claims.Claim netPrivateClaim = null; object obj = privateClaim.getValue(); if (obj.GetType() == typeof(string)) { netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), (string)privateClaim.getValue()); } else if (obj.GetType() == typeof(int)) { int value = (int)obj; netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Integer32); } else if (obj.GetType() == typeof(long)) { long value = (long)obj; netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Integer64); } else if (obj.GetType() == typeof(double)) { double value = (double)obj; netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Double); } else if (obj.GetType() == typeof(bool)) { bool value = (bool)obj; netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), value.ToString(), System.Security.Claims.ClaimValueTypes.Boolean); } else { this.error.setError("JW012", "Unrecognized data type"); } //System.Security.Claims.Claim netPrivateClaim = new System.Security.Claims.Claim(privateClaim.getKey(), privateClaim.getValue()); payload.AddClaim(netPrivateClaim); } } // Adding public claims if (options.hasPublicClaims()) { PublicClaims publicClaims = options.getAllPublicClaims(); List <Claim> publicC = publicClaims.getAllClaims(); foreach (Claim publicClaim in publicC) { System.Security.Claims.Claim netPublicClaim = new System.Security.Claims.Claim(publicClaim.getKey(), (string)publicClaim.getValue()); payload.AddClaim(netPublicClaim); } } // Adding registered claims if (options.hasRegisteredClaims()) { RegisteredClaims registeredClaims = options.getAllRegisteredClaims(); List <Claim> registeredC = registeredClaims.getAllClaims(); foreach (Claim registeredClaim in registeredC) { System.Security.Claims.Claim netRegisteredClaim; if (RegisteredClaimUtils.isTimeValidatingClaim(registeredClaim.getKey())) { netRegisteredClaim = new System.Security.Claims.Claim(registeredClaim.getKey(), (string)registeredClaim.getValue(), System.Security.Claims.ClaimValueTypes.Integer32); } else { netRegisteredClaim = new System.Security.Claims.Claim(registeredClaim.getKey(), (string)registeredClaim.getValue()); } payload.AddClaim(netRegisteredClaim); } } // ****END BUILD PAYLOAD****// return(payload); }