private void AddHeaderParameters(JwtHeader header, JWTOptions options)
{
HeaderParameters parameters = options.GetHeaderParameters();
List <string> list = parameters.GetAll();
Dictionary <string, object> map = parameters.GetMap();
foreach (string s in list)
{
header.Add(s.Trim(), ((string)map[s]).Trim());
}
}
private bool VerifyHeader(JwtSecurityToken jwtToken, JWTOptions options)
{
int claimsNumber = jwtToken.Header.Count;
HeaderParameters parameters = options.GetHeaderParameters();
if (parameters.IsEmpty() && claimsNumber == 2)
{
return(true);
}
if (parameters.IsEmpty() && claimsNumber > 2)
{
return(false);
}
List <String> allParms = parameters.GetAll();
if (claimsNumber != allParms.Count + 2)
{
return(false);
}
Dictionary <String, Object> map = parameters.GetMap();
foreach (string s in allParms)
{
if (!jwtToken.Header.ContainsKey(s.Trim()))
{
return(false);
}
string claimValue = null;
try
{
claimValue = (string)jwtToken.Header[s.Trim()];
}
catch (Exception)
{
return(false);
}
String optionsValue = ((string)map[s]).Trim();
if (!SecurityUtils.compareStrings(claimValue, optionsValue.Trim()))
{
return(false);
}
}
return(true);
}
public string DoCreate(string algorithm, PrivateClaims privateClaims, JWTOptions options)
{
this.error.cleanError();
if (options.HasError())
{
this.error = options.GetError();
return("");
}
JWTAlgorithm alg = JWTAlgorithmUtils.getJWTAlgorithm(algorithm, this.error);
if (this.HasError())
{
return("");
}
if (this.HasError())
{
return("");
}
/***Hack to support 1024 RSA key lengths - BEGIN***/
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS256"] = 1024;
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS512"] = 1024;
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS384"] = 1024;
/***Hack to support 1024 RSA key lengths - END***/
/***Hack to support 192 ECDSA key lengths - BEGIN***/
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES256"] = 112;
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES512"] = 112;
AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES384"] = 112;
/***Hack to support 192 ECDSA key lengths - END***/
JwtPayload payload = doBuildPayload(privateClaims, options);
SecurityKey genericKey = null;
if (JWTAlgorithmUtils.isPrivate(alg))
{
PrivateKeyManager key = options.GetPrivateKey();
if (key.HasError())
{
this.error = key.GetError();
return("");
}
if (SecurityUtils.compareStrings(key.getPrivateKeyAlgorithm(), "RSA"))
{
try
{
genericKey = new RsaSecurityKey((RSA)key.getPrivateKeyForJWT());
}catch (Exception)
{
this.error = key.GetError();
return("");
}
}
else if (SecurityUtils.compareStrings(key.getPrivateKeyAlgorithm(), "ECDSA"))
{
try {
genericKey = new ECDsaSecurityKey((ECDsa)key.getPrivateKeyForJWT());
}
catch (Exception)
{
this.error = key.GetError();
return("");
}
}
else
{
this.error.setError("JW012", "Not recognized key algorithm");
return("");
}
if (genericKey == null)
{
this.error = key.GetError();
return("");
}
}
else
{
SymmetricSecurityKey symKey = new SymmetricSecurityKey(options.getSecret());
genericKey = symKey;
}
SigningCredentials signingCredentials = JWTAlgorithmUtils.getSigningCredentials(alg, genericKey, this.error);
if (this.HasError())
{
return("");
}
string signedJwt = "";
try
{
JwtHeader header = new JwtHeader(signingCredentials);
if (!options.GetHeaderParameters().IsEmpty())
{
AddHeaderParameters(header, options);
}
JwtSecurityToken secToken = new JwtSecurityToken(header, payload);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
signedJwt = handler.WriteToken(secToken);
}
catch (Exception e)
{
this.error.setError("JW003", "key size: " + /*genericKey.KeySize.ToString()*/ e.Message + e.StackTrace);
return("");
}
return(signedJwt);
}
