protected virtual string Sign(string unsignedToken, JwtHeader header)
{
var algorithm = ParseSigningCredentials(header.SigningCredentials);
if (header.SignatureAlgorithm != algorithm)
{
throw new InvalidOperationException("Mismatch between signature algorithm and signing key");
}
HMAC hmac;
switch (algorithm)
{
case JwtConstants.SignatureAlgorithms.HMACSHA256:
hmac = new HMACSHA256();
break;
case JwtConstants.SignatureAlgorithms.HMACSHA384:
hmac = new HMACSHA384();
break;
case JwtConstants.SignatureAlgorithms.HMACSHA512:
hmac = new HMACSHA512();
break;
default:
throw new InvalidOperationException("Unsupported signature algorithm");
}
hmac.Key = (header.SigningCredentials.SigningKey as InMemorySymmetricSecurityKey).GetSymmetricKey();
using (hmac)
{
var signature = hmac.ComputeHash(Encoding.UTF8.GetBytes(unsignedToken));
return(Base64Url.Encode(signature));
}
}
public JsonWebToken()
{
Header = new JwtHeader();
Claims = new Dictionary<string, string>();
//Claims = new List<Claim>();
}
protected virtual string Sign(string unsignedToken, JwtHeader header)
{
var algorithm = ParseSigningCredentials(header.SigningCredentials);
if (header.SignatureAlgorithm != algorithm)
{
throw new InvalidOperationException("Mismatch between signature algorithm and signing key");
}
HMAC hmac;
switch (algorithm)
{
case JwtConstants.SignatureAlgorithms.HMACSHA256:
hmac = new HMACSHA256();
break;
case JwtConstants.SignatureAlgorithms.HMACSHA384:
hmac = new HMACSHA384();
break;
case JwtConstants.SignatureAlgorithms.HMACSHA512:
hmac = new HMACSHA512();
break;
default:
throw new InvalidOperationException("Unsupported signature algorithm");
}
hmac.Key = (header.SigningCredentials.SigningKey as InMemorySymmetricSecurityKey).GetSymmetricKey();
using (hmac)
{
var signature = hmac.ComputeHash(Encoding.UTF8.GetBytes(unsignedToken));
return Base64Url.Encode(signature);
}
}