Example #1
0
        /// <summary>
        /// Creates the JWT header
        /// </summary>
        /// <param name="token">The token.</param>
        /// <param name="credential">The credentials.</param>
        /// <returns>The JWT header</returns>
        protected virtual Task<JwtHeader> CreateHeaderAsync(Token token, SecurityKey key)
        {
            JwtHeader header = null;
            header = new JwtHeader(new SigningCredentials(key, "RS256"));

            return Task.FromResult(header);
        }
Example #2
0
 public JwtTokenGenerator(SecurityKey key)
 {
     _key = key;
 }
 public static SigningCredentials CreateSigningCredential(SecurityKey securityKey)
 {
     return(new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha512Signature));
 }
Example #4
0
 public static SigningCredentials CreateSigningCredentials(SecurityKey securityKey)       //KULLANICAĞIMIZ ANAHTARI YOLLUYORUZ BURDA.
 {
     return(new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha512Signature)); //KULLANICAĞIMIZ ANAHTARI VE HANGİ ALGORİTMAYI KULLANCAĞIMIZI VERİYORUZ burda
 }
Example #5
0
 public bool IsSupportedAlgorithmPublic(SecurityKey key, string algorithm)
 {
     IsSupportedAlgorithmCalled = true;
     return(base.IsSupportedAlgorithm(key, algorithm));
 }
Example #6
0
 public byte[] GetKeyBytesPublic(SecurityKey key)
 {
     GetKeyBytesCalled = true;
     return(base.GetKeyBytes(key));
 }
Example #7
0
 protected override SymmetricAlgorithm GetSymmetricAlgorithm(SecurityKey key, string algorithm)
 {
     GetSymmetricAlgorithmCalled = true;
     return(base.GetSymmetricAlgorithm(key, algorithm));
 }
Example #8
0
 public override SignatureProvider CreateForVerifying(SecurityKey key, string algorithm)
 {
     return(SymmetricSignatureProviderForVerifying);
 }
 public override SignatureProvider CreateForSigning(SecurityKey key, string algorithm)
 {
     return(null);
 }
 protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
 {
     key = SecurityKey;
     return(true);
 }
 public SetReturnSecurityTokenResolver(SecurityToken token, SecurityKey key)
 {
     SecurityKey   = key;
     SecurityToken = token;
 }
 public static SigningCredentials CreateSigningCredentials(SecurityKey securityKey)       //Credential :bir sisteme girebilmek için elimizde olanlardır.(Kullanıcı Adı Parola)
 {
     return(new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha512Signature)); //Anahtar olarak securityKeyi kullan,Şifreleme olarak güvenlik algoritmalarından da HmacSha512Signature yi kullan
 }
Example #13
0
 internal TokenJWTBuilder AddSecurityKey(SecurityKey securityKey)
 {
     this.securityKey = securityKey;
     return(this);
 }
 public SignatureProviderTheoryData(string testId, string signingAlgorithm, string verifyAlgorithm, SecurityKey signingKey, SecurityKey verifyKey, EE expectedException = null)
 {
     SigningAlgorithm = signingAlgorithm;
     VerifyAlgorithm = verifyAlgorithm;
     SigningKey = signingKey;
     VerifyKey = verifyKey;
     ExpectedException = expectedException ?? EE.NoExceptionExpected;
     TestId = testId;
 }
 public CryptoProviderFactoryTheoryData(string testId, string algorithm, SecurityKey signingKey, SecurityKey verifyKey, EE expectedException = null)
 {
     SigningAlgorithm = algorithm;
     SigningKey = signingKey;
     VerifyKey = verifyKey;
     ExpectedException = expectedException ?? EE.NoExceptionExpected;
     TestId = testId;
 }
Example #16
0
        public void ValidateKeySizePublic(SecurityKey key, string algorithm)
        {
            ValidateKeySizeCalled = true;

            base.ValidateKeySize(key, algorithm);
        }
        internal void GetSignatureAlgorithmAndKey(SecurityToken token, out string signatureAlgorithm, out SecurityKey key, out XmlDictionaryString signatureAlgorithmDictionaryString)
        {
            ReadOnlyCollection <SecurityKey> keys = token.SecurityKeys;

            if (keys == null || keys.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.SigningTokenHasNoKeys, token)));
            }

            for (int i = 0; i < keys.Count; i++)
            {
                if (keys[i].IsSupportedAlgorithm(this.DefaultSymmetricSignatureAlgorithm))
                {
                    signatureAlgorithm = this.DefaultSymmetricSignatureAlgorithm;
                    signatureAlgorithmDictionaryString = this.DefaultSymmetricSignatureAlgorithmDictionaryString;
                    key = keys[i];
                    return;
                }
                else if (keys[i].IsSupportedAlgorithm(this.DefaultAsymmetricSignatureAlgorithm))
                {
                    signatureAlgorithm = this.DefaultAsymmetricSignatureAlgorithm;
                    signatureAlgorithmDictionaryString = this.DefaultAsymmetricSignatureAlgorithmDictionaryString;
                    key = keys[i];
                    return;
                }
            }

            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.SigningTokenHasNoKeysSupportingTheAlgorithmSuite, token, this)));
        }
Example #18
0
 public DerivedKeyWrapProvider(SecurityKey key, string algorithm)
     : base(key, algorithm)
 {
 }
        protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
        {
            key = null;
            SecurityToken token = null;

            if (base.TryResolveToken(keyIdentifierClause, out token) &&
                (token.SecurityKeys.Count > 0))
            {
                key = token.SecurityKeys[0];
                return(true);
            }

            return(false);
        }
Example #20
0
 protected override byte[] GetKeyBytes(SecurityKey key)
 {
     GetKeyBytesCalled = true;
     return(base.GetKeyBytes(key));
 }
Example #21
0
 private void InitializeHmac()
 {
     securityKey        = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.HmacSecretKey));
     signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
 }
Example #22
0
 protected override bool IsSupportedAlgorithm(SecurityKey key, string algorithm)
 {
     IsSupportedAlgorithmCalled = true;
     return(base.IsSupportedAlgorithm(key, algorithm));
 }
 public static SigningCredentials CreateSigningCredentials(SecurityKey securityKey)
 {
     //hashlerken ve doğrularken kullandığımız "HMACSHA512" Cryptography classını kullandığımızı belirtmek için böyle bir class yazdık
     return(new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha512Signature));
 }
 public static SigningCredentials CreateSigningCredentials(SecurityKey security) //Signing=imzalama
 {                                                                               //securitykey yi ve algoritmamızı belirleriz bu kısımda(Hangi şifreleme algoritması=HmacSha512Signature)
     return(new SigningCredentials(security, SecurityAlgorithms.HmacSha512Signature));
 }
        public static void AddTokenValidation(this IServiceCollection services, string issuer, string audience, SecurityKey signingKey)
        {
            services.Configure <JwtIssuerOptions>(options =>
            {
                options.Issuer             = issuer;
                options.Audience           = audience;
                options.SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
            });

            var tokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuer = true,
                ValidIssuer    = issuer,

                ValidateAudience = true,
                ValidAudience    = audience,

                ValidateIssuerSigningKey = true,
                IssuerSigningKey         = signingKey,

                RequireExpirationTime = false,
                ValidateLifetime      = true,
                ClockSkew             = TimeSpan.Zero
            };

            services.AddAuthentication(
                options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(
                options =>
            {
                options.ClaimsIssuer = issuer;
                options.TokenValidationParameters = tokenValidationParameters;
                options.SaveToken = true;
            });
        }
 internal WrappedKeySecurityToken(string id, byte[] keyToWrap, string wrappingAlgorithm, XmlDictionaryString wrappingAlgorithmDictionaryString, SecurityToken wrappingToken, SecurityKeyIdentifier wrappingTokenReference, byte[] wrappedKey, SecurityKey wrappingSecurityKey)
     : this(id, keyToWrap, wrappingAlgorithm, wrappingAlgorithmDictionaryString)
 {
     WrappingToken          = wrappingToken ?? throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(wrappingToken));
     WrappingTokenReference = wrappingTokenReference;
     if (wrappedKey == null)
     {
         _wrappedKey = SecurityUtils.EncryptKey(wrappingToken, wrappingAlgorithm, keyToWrap);
     }
     else
     {
         _wrappedKey = wrappedKey;
     }
     WrappingSecurityKey      = wrappingSecurityKey;
     _serializeCarriedKeyName = true;
 }
Example #27
0
 public JwtTokenService(SecurityKey signingKey)
 {
     SigningKey = signingKey;
 }
 public JwtTokenBuilder AddSecurityKey(SecurityKey securityKey)
 {
     this.securityKey = securityKey;
     return(this);
 }
        public RsaSignatureProvider(SecurityKey key, string algorithm, HashAlgorithmName hashAlgorithm, RSASignaturePadding signaturePadding, ILogger <RsaSignatureProvider> logger)
            : base(key, algorithm)
        {
            if (key is RsaSecurityKey rsa)
            {
                if (rsa.Rsa != null && rsa.PrivateKeyStatus == PrivateKeyStatus.Unknown)
                {
                    try
                    {
                        rsa.Rsa.SignData(Encoding.UTF8.GetBytes(nameof(RsaSignatureProvider)), hashAlgorithm, signaturePadding);
                        _rsaPrivateKey = rsa.Rsa;
                    }
                    catch
                    {
                        _rsaPublicKey = rsa.Rsa;
                    }
                }
                if (rsa.PrivateKeyStatus == PrivateKeyStatus.Exists)
                {
                    if (rsa.Rsa != null)
                    {
                        _rsaPrivateKey = rsa.Rsa;
                    }
                    else
                    {
                        _rsaPrivateKey = new RSACryptoServiceProvider();
                        _rsaPrivateKey.ImportParameters(rsa.Parameters);
                    }
                }
                if (rsa.PrivateKeyStatus == PrivateKeyStatus.DoesNotExist)
                {
                    if (rsa.Rsa != null)
                    {
                        _rsaPublicKey = rsa.Rsa;
                    }
                    else
                    {
                        _rsaPublicKey = new RSACryptoServiceProvider();
                        _rsaPublicKey.ImportParameters(rsa.Parameters);
                    }
                }
            }
            if (key is X509SecurityKey x509)
            {
                if (x509.Certificate.HasPrivateKey)
                {
                    _rsaPrivateKey = x509.Certificate.GetRSAPrivateKey();
                }
                _rsaPublicKey = x509.Certificate.GetRSAPublicKey();
            }

            if (_rsaPublicKey == null && _rsaPrivateKey == null)
            {
                throw new ArgumentException("Could not get RSA instance from SecurityKey", nameof(key));
            }

            _logger = logger;

            HashAlgorithm    = hashAlgorithm;
            SignaturePadding = signaturePadding;
        }
Example #30
0
        public virtual Task <TokenValidationResult> ValidateJwtAsync(string jwt, string audience, SecurityKey signingKey, bool validateLifetime = true)
        {
            var handler = new JwtSecurityTokenHandler
            {
                Configuration =
                    new SecurityTokenHandlerConfiguration
                {
                    CertificateValidationMode = X509CertificateValidationMode.None,
                    CertificateValidator      = X509CertificateValidator.None
                }
            };

            var parameters = new TokenValidationParameters
            {
                ValidIssuer      = _options.IssuerUri,
                IssuerSigningKey = signingKey,
                ValidateLifetime = validateLifetime,
                ValidAudience    = audience
            };

            try
            {
                SecurityToken jwtToken;
                var           id = handler.ValidateToken(jwt, parameters, out jwtToken);

                // if access token contains an ID, log it
                var jwtId = id.FindFirst(Constants.ClaimTypes.JwtId);
                if (jwtId != null)
                {
                    _log.JwtId = jwtId.Value;
                }

                return(Task.FromResult(new TokenValidationResult
                {
                    Claims = id.Claims,
                    Jwt = jwt
                }));
            }
            catch (Exception ex)
            {
                Logger.ErrorException("JWT token validation error", ex);
                return(Task.FromResult(Invalid(Constants.ProtectedResourceErrors.InvalidToken)));
            }
        }
Example #31
0
 protected override void ValidateKeySize(SecurityKey key, string algorithm)
 {
     ValidateKeySizeCalled = true;
     base.ValidateKeySize(key, algorithm);
 }