Exemple #1
0
        private static void SetToJwtHeader(IJwtHeader source, SystemJWT.JwtHeader target)
        {
            var headerJObj = JObject.FromObject(source);

            foreach (var key in headerJObj.Properties().Select(x => x.Name))
            {
                target[key] = headerJObj[key];
            }
        }
Exemple #2
0
        /// <summary>
        /// Initializes a new instance of the <see cref="JwtSecurityToken"/> class specifying optional parameters.
        /// </summary>
        /// <param name="issuer">If this value is not null, a { iss, 'issuer' } claim will be added, overwriting any 'iss' claim in 'claims' if present.</param>
        /// <param name="audience">If this value is not null, a { aud, 'audience' } claim will be added, appending to any 'aud' claims in 'claims' if present.</param>
        /// <param name="claims">If this value is not null then for each <see cref="Claim"/> a { 'Claim.Type', 'Claim.Value' } is added. If duplicate claims are found then a { 'Claim.Type', List&lt;object&gt; } will be created to contain the duplicate values.</param>
        /// <param name="expires">If expires.HasValue a { exp, 'value' } claim is added, overwriting any 'exp' claim in 'claims' if present.</param>
        /// <param name="notBefore">If notbefore.HasValue a { nbf, 'value' } claim is added, overwriting any 'nbf' claim in 'claims' if present.</param>
        /// <param name="signingCredentials">The <see cref="SigningCredentials"/> that will be used to sign the <see cref="JwtSecurityToken"/>. See <see cref="JwtHeader(SigningCredentials)"/> for details pertaining to the Header Parameter(s).</param>
        /// <exception cref="ArgumentException">If 'expires' &lt;= 'notbefore'.</exception>
        public JwtSecurityToken(string issuer = null, string audience = null, IEnumerable <Claim> claims = null, DateTime?notBefore = null, DateTime?expires = null, SigningCredentials signingCredentials = null)
        {
            if (expires.HasValue && notBefore.HasValue)
            {
                if (notBefore >= expires)
                {
                    throw LogHelper.LogExceptionMessage(new ArgumentException(LogHelper.FormatInvariant(LogMessages.IDX12401, LogHelper.MarkAsNonPII(expires.Value), LogHelper.MarkAsNonPII(notBefore.Value))));
                }
            }

            Payload      = new JwtPayload(issuer, audience, claims, notBefore, expires);
            Header       = new JwtHeader(signingCredentials);
            RawSignature = string.Empty;
        }
Exemple #3
0
        /// <summary>
        /// Initializes a new instance of the <see cref="JwtSecurityToken"/> class where the <see cref="JwtHeader"/> contains the crypto algorithms applied to the encoded <see cref="JwtHeader"/> and <see cref="JwtPayload"/>. The jwtEncodedString is the result of those operations.
        /// </summary>
        /// <param name="header">Contains JSON objects representing the cryptographic operations applied to the JWT and optionally any additional properties of the JWT</param>
        /// <param name="payload">Contains JSON objects representing the claims contained in the JWT. Each claim is a JSON object of the form { Name, Value }</param>
        /// <exception cref="ArgumentNullException">'header' is null.</exception>
        /// <exception cref="ArgumentNullException">'payload' is null.</exception>
        public JwtSecurityToken(JwtHeader header, JwtPayload payload)
        {
            if (header == null)
            {
                throw LogHelper.LogArgumentNullException("header");
            }

            if (payload == null)
            {
                throw LogHelper.LogArgumentNullException("payload");
            }

            Header       = header;
            Payload      = payload;
            RawSignature = string.Empty;
        }
Exemple #4
0
        /// <summary>
        /// Initializes an instance of <see cref="JwtSecurityToken"/> where the <see cref="JwtHeader"/> contains the crypto algorithms applied to the innerToken <see cref="JwtSecurityToken"/>.
        /// </summary>
        /// <param name="header">Defines cryptographic operations applied to the 'innerToken'.</param>
        /// <param name="innerToken"></param>
        /// <param name="rawEncryptedKey">base64urlencoded key</param>
        /// <param name="rawHeader">base64urlencoded JwtHeader</param>
        /// <param name="rawInitializationVector">base64urlencoded initialization vector.</param>
        /// <param name="rawCiphertext">base64urlencoded encrypted innerToken</param>
        /// <param name="rawAuthenticationTag">base64urlencoded authentication tag.</param>
        /// <exception cref="ArgumentNullException">'header' is null.</exception>
        /// <exception cref="ArgumentNullException">'innerToken' is null.</exception>
        /// <exception cref="ArgumentNullException">'rawHeader' is null.</exception>
        /// <exception cref="ArgumentNullException">'rawEncryptedKey' is null.</exception>
        /// <exception cref="ArgumentNullException">'rawInitialVector' is null or whitespace.</exception>
        /// <exception cref="ArgumentNullException">'rawCiphertext' is null or whitespace.</exception>
        /// <exception cref="ArgumentNullException">'rawAuthenticationTag' is null or whitespace.</exception>
        public JwtSecurityToken(JwtHeader header,
                                JwtSecurityToken innerToken,
                                string rawHeader,
                                string rawEncryptedKey,
                                string rawInitializationVector,
                                string rawCiphertext,
                                string rawAuthenticationTag)
        {
            if (header == null)
            {
                throw LogHelper.LogArgumentNullException(nameof(header));
            }

            if (innerToken == null)
            {
                throw LogHelper.LogArgumentNullException(nameof(innerToken));
            }

            if (rawEncryptedKey == null)
            {
                throw LogHelper.LogArgumentNullException(nameof(rawEncryptedKey));
            }

            if (string.IsNullOrEmpty(rawInitializationVector))
            {
                throw LogHelper.LogArgumentNullException(nameof(rawInitializationVector));
            }

            if (string.IsNullOrEmpty(rawCiphertext))
            {
                throw LogHelper.LogArgumentNullException(nameof(rawCiphertext));
            }

            if (string.IsNullOrEmpty(rawAuthenticationTag))
            {
                throw LogHelper.LogArgumentNullException(nameof(rawAuthenticationTag));
            }

            Header                  = header;
            InnerToken              = innerToken;
            RawData                 = string.Join(".", rawHeader, rawEncryptedKey, rawInitializationVector, rawCiphertext, rawAuthenticationTag);
            RawHeader               = rawHeader;
            RawEncryptedKey         = rawEncryptedKey;
            RawInitializationVector = rawInitializationVector;
            RawCiphertext           = rawCiphertext;
            RawAuthenticationTag    = rawAuthenticationTag;
        }
Exemple #5
0
        /// <summary>
        /// Decodes the string into the header, payload and signature.
        /// </summary>
        /// <param name="tokenParts">the tokenized string.</param>
        /// <param name="rawData">the original token.</param>
        internal void Decode(string[] tokenParts, string rawData)
        {
            IdentityModelEventSource.Logger.WriteInformation(LogMessages.IDX10716, rawData);
            try
            {
                Header = JwtHeader.Base64UrlDeserialize(tokenParts[0]);
            }
            catch (Exception ex)
            {
                throw LogHelper.LogExceptionMessage(new ArgumentException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10729, tokenParts[0], rawData), ex));
            }

            if (tokenParts.Length == JwtConstants.JweSegmentCount)
            {
                DecodeJwe(tokenParts);
            }
            else
            {
                DecodeJws(tokenParts);
            }

            RawData = rawData;
        }
Exemple #6
0
        /// <summary>
        /// Decodes the string into the header, payload and signature.
        /// </summary>
        /// <param name="tokenParts">the tokenized string.</param>
        /// <param name="rawData">the original token.</param>
        internal void Decode(string[] tokenParts, string rawData)
        {
            LogHelper.LogInformation(LogMessages.IDX12716, rawData);
            try
            {
                Header = JwtHeader.Base64UrlDeserialize(tokenParts[0]);
            }
            catch (Exception ex)
            {
                throw LogHelper.LogExceptionMessage(new ArgumentException(LogHelper.FormatInvariant(LogMessages.IDX12729, tokenParts[0], rawData), ex));
            }

            if (tokenParts.Length == JwtConstants.JweSegmentCount)
            {
                DecodeJwe(tokenParts);
            }
            else
            {
                DecodeJws(tokenParts);
            }

            RawData = rawData;
        }
        private string GenerarToken(Usuario usuario, Guid idLogin, List <Rol> roles, DateTime vigencia)
        {
            var header = new System.IdentityModel.Tokens.Jwt.JwtHeader(
                new SigningCredentials(
                    new SymmetricSecurityKey(
                        Encoding.UTF8.GetBytes("7Yi90?r$ft%.op1=yui")
                        ),
                    SecurityAlgorithms.HmacSha256)
                );

            var claims = new List <Claim>();

            if (roles != null)
            {
                foreach (var rol in roles)
                {
                    claims.Add(new Claim(ClaimTypes.Role, rol.Nombre));
                }
            }

            claims.Add(new Claim(JwtRegisteredClaimNames.Jti, idLogin.ToString()));
            claims.Add(new Claim(JwtRegisteredClaimNames.NameId, usuario.Id.ToString()));
            claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, string.Concat(usuario.Nombre, " ", usuario.ApellidoPaterno, " ", usuario.ApellidoMaterno)));
            claims.Add(new Claim(JwtRegisteredClaimNames.Email, usuario.Correo));

            var payload = new JwtPayload(
                issuer: "yunntech",
                audience: "yunntech",
                claims: claims,
                notBefore: DateTime.Now,
                expires: vigencia
                );

            var token = new JwtSecurityToken(header, payload);

            return(new JwtSecurityTokenHandler().WriteToken(token));
        }
Exemple #8
0
        private static string GenerateToken(string seckey, string apikey)
        {
            var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(seckey));

            /*
             * // Create JWT credentials
             * var encryptingCredentials = new EncryptingCredentials(securityKey,
             *  Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256
             *  );
             */
            var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256);



            // Create JWT header

            IDictionary <string, string> D = new Dictionary <string, string>

            {
                ["Typ"] = "JWT",
                ["Alg"] = "HS256",
                ["Kid"] = apikey
            };


            var header = new System.IdentityModel.Tokens.Jwt.JwtHeader(credentials, D);



            /////////////////////////////////////////////////

            var payload = new JwtPayload(


                claims: new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, "Filbert"),
                new Claim(JwtRegisteredClaimNames.Jti, System.Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Sid, System.Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Iss, "tinkoff_mobile_bank_api"),
                new Claim(JwtRegisteredClaimNames.Nbf, DateTime.UtcNow.ToString()),
                new Claim(JwtRegisteredClaimNames.Aud, "tinkoff.cloud.stt"),
                new Claim(JwtRegisteredClaimNames.Exp, DateTime.UtcNow.AddDays(1).ToString()),
                new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString())
            }
                );



            var secToken = new JwtSecurityToken(
                header, payload);

            //signingCredentials: credentials,


            secToken.Header.Add("kid", "bnZ6cWRvcWJncWNud2dqcGxtZ21ndXVvZXdjaWpueHk=m.rogencovfilbert");



            var handler = new JwtSecurityTokenHandler();

            return(handler.WriteToken(secToken));
        }