Exemple #1
0
        /// <summary>
        /// Creates security token.
        /// </summary>
        /// <param name="tokenDescriptor">The token descriptor.</param>
        /// <returns>Security token.</returns>
        public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
        {
            if (tokenDescriptor == null)
            {
                throw new ArgumentNullException("tokenDescriptor");
            }

            // See details in Json Web Token specification.
            var seconds = (tokenDescriptor.Lifetime.Expires - tokenDescriptor.Lifetime.Created) ?? new TimeSpan(0, 0, 3600);
            var header  = new JwtHeaderSegment();
            var claims  = new JwtClaimsSegment(
                tokenDescriptor.TokenIssuerName,
                tokenDescriptor.AppliesToAddress,
                DateTime.UtcNow,
                DateTime.UtcNow + seconds,
                tokenDescriptor.Subject.Claims
                );

            // See details in Json Web Signature specification.
            var key             = (InMemorySymmetricSecurityKey)tokenDescriptor.SigningCredentials.SigningKey;
            var mac             = new HMACSHA256(key.GetSymmetricKey());
            var hash            = mac.ComputeHash(Encoding.UTF8.GetBytes(JsonWebToken.GetSigningInput(header, claims)));
            var jwsCryptoOutput = JwtTokenUtility.Base64UrlEncode(hash);

            return(new JsonWebToken(header, claims, jwsCryptoOutput));
        }
Exemple #2
0
        /// <summary>
        /// Retrieves token signing input.
        /// </summary>
        /// <param name="header">JWT header section.</param>
        /// <param name="payload">JWT payload section.</param>
        /// <returns>Signing input.</returns>
        /// <remarks>For details refer to Json Web Signature specification.</remarks>
        internal static string GetSigningInput(JwtHeaderSegment header, JwtClaimsSegment payload)
        {
            var decodedJwsHeaderInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header));
            var jwsHeaderInput        = JwtTokenUtility.Base64UrlEncode(decodedJwsHeaderInput);

            var decodedJwsPayloadInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload));
            var jwsPaloadInput         = JwtTokenUtility.Base64UrlEncode(decodedJwsPayloadInput);

            return(string.Format("{0}.{1}", jwsHeaderInput, jwsPaloadInput));
        }
Exemple #3
0
        /// <summary>
        /// Initializes a new instance of the <see cref="JsonWebToken"/> class.
        /// </summary>
        /// <param name="header">The JWT header section.</param>
        /// <param name="claims">The JWT payload section.</param>
        /// <param name="signature">The JWT signature.</param>
        public JsonWebToken(
            JwtHeaderSegment header, 
            JwtClaimsSegment claims,
            string signature)
        {
            if (header == null)
                throw new ArgumentNullException("header");
            if (claims == null)
                throw new ArgumentNullException("claims");

            HeaderSection = header;
            ClaimsSection = claims;
            Signature = signature;
        }
Exemple #4
0
        /// <summary>
        /// Initializes a new instance of the <see cref="JsonWebToken"/> class.
        /// </summary>
        /// <param name="header">The JWT header section.</param>
        /// <param name="claims">The JWT payload section.</param>
        /// <param name="signature">The JWT signature.</param>
        public JsonWebToken(
            JwtHeaderSegment header,
            JwtClaimsSegment claims,
            string signature)
        {
            if (header == null)
            {
                throw new ArgumentNullException("header");
            }
            if (claims == null)
            {
                throw new ArgumentNullException("claims");
            }

            HeaderSection = header;
            ClaimsSection = claims;
            Signature     = signature;
        }
Exemple #5
0
        /// <summary>
        /// Retrieves token signing input.
        /// </summary>
        /// <param name="header">JWT header section.</param>
        /// <param name="payload">JWT payload section.</param>
        /// <returns>Signing input.</returns>
        /// <remarks>For details refer to Json Web Signature specification.</remarks>
        internal static string GetSigningInput(JwtHeaderSegment header, JwtClaimsSegment payload)
        {
            var decodedJwsHeaderInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header));
            var jwsHeaderInput = JwtTokenUtility.Base64UrlEncode(decodedJwsHeaderInput);

            var decodedJwsPayloadInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload));
            var jwsPaloadInput = JwtTokenUtility.Base64UrlEncode(decodedJwsPayloadInput);

            return string.Format("{0}.{1}", jwsHeaderInput, jwsPaloadInput);
        }
        /// <summary>
        /// Creates security token.
        /// </summary>
        /// <param name="tokenDescriptor">The token descriptor.</param>
        /// <returns>Security token.</returns>
        public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
        {
            if (tokenDescriptor == null)
                throw new ArgumentNullException("tokenDescriptor");

            // See details in Json Web Token specification.
            var seconds = (tokenDescriptor.Lifetime.Expires - tokenDescriptor.Lifetime.Created) ?? new TimeSpan(0, 0, 3600);
            var header = new JwtHeaderSegment();
            var claims = new JwtClaimsSegment(
                tokenDescriptor.TokenIssuerName,
                tokenDescriptor.AppliesToAddress,
                DateTime.UtcNow,
                DateTime.UtcNow + seconds,
                tokenDescriptor.Subject.Claims
                );

            // See details in Json Web Signature specification.
            var key = (InMemorySymmetricSecurityKey)tokenDescriptor.SigningCredentials.SigningKey;
            var mac = new HMACSHA256(key.GetSymmetricKey());
            var hash = mac.ComputeHash(Encoding.UTF8.GetBytes(JsonWebToken.GetSigningInput(header, claims)));
            var jwsCryptoOutput = JwtTokenUtility.Base64UrlEncode(hash);

            return new JsonWebToken(header, claims, jwsCryptoOutput);
        }