C# (CSharp) JweAlgorithm.Create Exemples

Exemple #1

Fichier : JsonWebKeySetServiceTests.cs Projet : matheusrcruz/Security.Jwt

        public void ShouldValidateJwe(string algorithm, KeyType keyType, string encryption)
        {
            var options = new JwksOptions()
            {
                KeyPrefix = $"{nameof(JsonWebKeySetServiceTests)}_",
                Jwe       = JweAlgorithm.Create(algorithm, keyType).WithEncryption(encryption)
            };

            var encryptingCredentials = _jwksService.GenerateEncryptingCredentials(options);

            var handler = new JsonWebTokenHandler();
            var now     = DateTime.Now;
            var jwt     = new SecurityTokenDescriptor
            {
                Issuer                = "me",
                Audience              = "you",
                IssuedAt              = now,
                NotBefore             = now,
                Expires               = now.AddMinutes(5),
                Subject               = new ClaimsIdentity(GenerateClaim().Generate(5)),
                EncryptingCredentials = encryptingCredentials
            };

            var jwe    = handler.CreateToken(jwt);
            var result = handler.ValidateToken(jwe,
                                               new TokenValidationParameters
            {
                ValidIssuer         = "me",
                ValidAudience       = "you",
                RequireSignedTokens = false,
                TokenDecryptionKey  = encryptingCredentials.Key
            });

            result.IsValid.Should().BeTrue();
        }

Exemple #2

        public void ShouldRemovePrivateKeyFromJweAfterUpdateAExpiredJwk(string algorithm, KeyType keyType, string encryption)
        {
            var alg = JweAlgorithm.Create(algorithm, keyType).WithEncryption(encryption);

            var key = _keyService.GenerateSigningCredentials(new JwksOptions()
            {
                KeyPrefix = "ShouldGenerateManyRsa_", Jwe = alg
            });
            var privateKey = new SecurityKeyWithPrivate();

            privateKey.SetJweParameters(key.Key, alg);
            _jsonWebKeyStore.Save(privateKey);

            /*Remove private*/
            _jsonWebKeyStore.Revoke(privateKey);

            var jsonWebKey = _keyService.GetLastKeysCredentials(JsonWebKeyType.Jwe, 5).First(w => w.Kid == privateKey.KeyId);

            jsonWebKey.Kty.Should().NotBeNullOrEmpty();
            jsonWebKey.HasPrivateKey.Should().BeFalse();
            switch (jsonWebKey.Kty)
            {
            case JsonWebAlgorithmsKeyTypes.EllipticCurve:
                jsonWebKey.D.Should().BeNullOrEmpty();
                break;

            case JsonWebAlgorithmsKeyTypes.RSA:
                jsonWebKey.D.Should().BeNullOrEmpty();
                jsonWebKey.DP.Should().BeNullOrEmpty();
                jsonWebKey.DQ.Should().BeNullOrEmpty();
                jsonWebKey.P.Should().BeNullOrEmpty();
                jsonWebKey.Q.Should().BeNullOrEmpty();
                jsonWebKey.QI.Should().BeNullOrEmpty();
                break;

            case JsonWebAlgorithmsKeyTypes.Octet:
                jsonWebKey.K.Should().NotBeNullOrEmpty();
                break;
            }
        }

Exemple #3

        public void ShouldSaveJweRecoverAndEncrypt(string algorithm, KeyType keyType, string encryption)
        {
            this.WarmupData.Clear();
            var options = new JwksOptions()
            {
                Jwe = JweAlgorithm.Create(algorithm, keyType).WithEncryption(encryption)
            };

            var handler = new JsonWebTokenHandler();
            var now     = DateTime.Now;

            // Generate right now and in memory
            var newKey = _keyService.GetCurrentEncryptingCredentials(options);

            // recovered from database
            var currentKey = _keyService.GetCurrentEncryptingCredentials(options);

            newKey.Key.KeyId.Should().Be(currentKey.Key.KeyId);
            var claims     = new ClaimsIdentity(GenerateClaim().Generate(5));
            var descriptor = new SecurityTokenDescriptor
            {
                Issuer                = "me",
                Audience              = "you",
                IssuedAt              = now,
                NotBefore             = now,
                Expires               = now.AddMinutes(5),
                Subject               = claims,
                EncryptingCredentials = newKey
            };
            var descriptorFromDb = new SecurityTokenDescriptor
            {
                Issuer                = "me",
                Audience              = "you",
                IssuedAt              = now,
                NotBefore             = now,
                Expires               = now.AddMinutes(5),
                Subject               = claims,
                EncryptingCredentials = currentKey
            };

            var jwt1 = handler.CreateToken(descriptor);
            var jwt2 = handler.CreateToken(descriptorFromDb);

            var result = handler.ValidateToken(jwt1,
                                               new TokenValidationParameters
            {
                ValidIssuer         = "me",
                ValidAudience       = "you",
                RequireSignedTokens = false,
                TokenDecryptionKey  = currentKey.Key
            });

            result.IsValid.Should().BeTrue();

            result = handler.ValidateToken(jwt2,
                                           new TokenValidationParameters
            {
                ValidIssuer         = "me",
                ValidAudience       = "you",
                RequireSignedTokens = false,
                TokenDecryptionKey  = currentKey.Key
            });

            result.IsValid.Should().BeTrue();
        }