public static string Sign(string key, Dictionary <string, object> payload)
{
var header = new Dictionary <string, object>
{
{ "alg", "EK256K" },
{ "typ", "JWT" }
};
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
EK256KAlgorithm algorithm = new EK256KAlgorithm();
var headerBase = urlEncoder.Encode(Encoding.ASCII.GetBytes(serializer.Serialize(header)));
var payloadBase = urlEncoder.Encode(Encoding.ASCII.GetBytes(serializer.Serialize(payload)));
var signature = algorithm.Sign(key, Encoding.ASCII.GetBytes(headerBase + "." + payloadBase));
return(headerBase + "." + payloadBase + "." + urlEncoder.Encode(signature));
}
public string CreateToken(string userName, string targetAppName)
{
//第一部分我们称它为头部(header)
//第二部分我们称其为载荷(payload)
//第三部分是签证(signature)
// javascript
//var encodedString = base64UrlEncode(header) + '.' + base64UrlEncode(payload);
//var signature = HMACSHA256(encodedString, 'secret');
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
//头部
Dictionary <string, string> headDic = new Dictionary <string, string>();
headDic.Add("typ", "JWT");
headDic.Add("alg", "HS256");
byte[] headBytes = Encoding.UTF8.GetBytes(serializer.Serialize(headDic));
string head = urlEncoder.Encode(headBytes);
//载荷
Playload playload = new Playload(userName, targetAppName);
byte[] pyloadBytes = Encoding.UTF8.GetBytes(serializer.Serialize(playload));
string pyload = urlEncoder.Encode(pyloadBytes);
List <string> list = new List <string>(3);
list.Add(head);
list.Add(pyload);
//签名
byte[] mergeBytes = Encoding.UTF8.GetBytes(string.Join(".", list.ToArray()));
string sign = urlEncoder.Encode(algorithm.Sign(Encoding.UTF8.GetBytes(SecretKey), mergeBytes));
list.Add(sign);
return(string.Join(".", list.ToArray()));
}
static void Main(string[] args)
{
//Console.WriteLine("Hello World Updated!");
var accountRequestId = "533e8b81-5818-4a1b-bfb9-e893de48bb17";
var openBankingClaim = new OpenBankingClaim
{
IdToken = new OpenBankingTokenInfo
{
OpenbankingIntentId = new OpenBankingIntentInfo
{
Value = accountRequestId,
Essential = true
}
}
};
//Header added by AddHeader are ignored and basic implementation adds 2 headers manually this way:
// header.Add("typ", "JWT");
// header.Add("alg", _algorithm.Name);
//Therefore the final result is different than we expect.
/*
* var builder = new JwtBuilder().WithAlgorithm(new HMACSHA256Algorithm()).WithSecret("secret");
* builder.AddHeader(HeaderName.Algorithm, "none");
* builder.AddHeader(HeaderName.Type, "JWT");
* builder.AddClaim(ClaimName.Audience, @"https://modelobank.o3bank.co.uk:4501");
* builder.AddClaim(ClaimName.Issuer, "e6238e22-dc0f-4a51-8311-ea5350591063");
* builder.AddClaim("scope", "openid accounts");
* builder.AddClaim("claims", openBankingClaim);
* var str = builder.Build();
* Console.WriteLine(str);
*/
#region JWT token
var jsonSerializer = new JsonNetSerializer();
var urlEncoder = new JwtBase64UrlEncoder();
var algorithm = new HMACSHA256Algorithm();
var segments = new List <string>(3);
var header = new Dictionary <string, object>();
header.Add("alg", "none");
header.Add("typ", "JWT");
var headerBytes = GetBytes(jsonSerializer.Serialize(header));
segments.Add(urlEncoder.Encode(headerBytes));
var payload = new Dictionary <string, object>()
{
{ "aud", "https://modelobank.o3bank.co.uk:4501" },
{ "iss", "e6238e22-dc0f-4a51-8311-ea5350591063" },
{ "scope", "openid accounts" },
{ "claims", openBankingClaim }
};
var payloadBytes = GetBytes(jsonSerializer.Serialize(payload));
segments.Add(urlEncoder.Encode(payloadBytes));
var stringToSign = String.Join(".", segments.ToArray());
var bytesToSign = GetBytes(stringToSign);
var key = GetBytes("secret");
var signature = algorithm.Sign(key, bytesToSign);
segments.Add(urlEncoder.Encode(signature));
var result = String.Join(".", segments.ToArray());
Console.WriteLine(result);
Console.WriteLine("\n");
#endregion JWT token
#region Get Intelliflo clients
//var response = SendGetRequest("clients");
//Console.WriteLine(response);
//Console.WriteLine("\n");
#endregion Get Intelliflo clients
#region Post OB account request
var bodyData = new Dictionary <string, object>()
{
{ "Permissions", new string[] { "ReadAccountsBasic", "ReadAccountsDetail", "ReadBalances", "ReadTransactionsBasic", "ReadTransactionsCredits", "ReadTransactionsDebits", "ReadTransactionsDetail" } },
{ "TransactionFromDateTime", new DateTime(2015, 9, 28) },
{ "TransactionToDateTime", new DateTime(2015, 9, 29) }
};
var body = new Dictionary <string, object>()
{
{ "Data", bodyData },
{ "Risk", new object() }
};
//var data = JsonConvert.SerializeObject(body);
//var response2 = SendPostRequest("account-requests", data);
//Console.WriteLine(response2);
var data = "grant_type=client_credentials&scope=accounts payments openid";
var response2 = SendPostRequest("token", data);
Console.WriteLine(response2);
var response3 = SendPostRequest2("token", data);
Console.WriteLine("\n");
Console.WriteLine(response3);
#endregion Post OB account request
}
private string GetJwtToken(Scope scope, long deviceId)
{
var activationSecret = String.Empty;
var privateKey = String.Empty;
var deviceEndpointId = String.Empty;
var activationId = String.Empty;
var deviceRSAXml = String.Empty;
using (var db = new IoTContext())
{
var device = db.Devices.Where(d => d.Id == 1).Include(d => d.Registration).First();
activationSecret = device.Registration.SharedSecret;
deviceEndpointId = device.Registration.DeviceEnpointId;
activationId = device.Registration.HardwareId;
deviceRSAXml = device.RSAKeyXML;
}
IDateTimeProvider provider = new UtcDateTimeProvider();
var expiresOn = provider.GetNow().AddMinutes(20);
//var secret = appSettingsReader.GetValue(scope == Scope.Activation ? "activationSecret" : "privateKey", typeof(string)).ToString();
var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch
var secondsSinceEpoch = Math.Round((provider.GetNow() - unixEpoch).TotalSeconds);
var payload = new Dictionary <string, object>
{
{ "iss", scope == Scope.Activation ? activationId : deviceEndpointId },
{ "exp", Convert.ToInt32(secondsSinceEpoch) },
{ "aud", appSettingsReader.GetValue("jwtAudience", typeof(string)).ToString() }
};
if (scope == Scope.Activation)
{
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
var jwtToken = encoder.Encode(payload, activationSecret);
return(jwtToken);
}
else
{
RSACryptoServiceProvider deviceRSA = new RSACryptoServiceProvider();
deviceRSA.FromXmlString(deviceRSAXml);
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
var segments = new List <string>(3);
var header = new Dictionary <string, object>();
header.Add("typ", "JWT");
header.Add("alg", "RS256");
var headerBytes = Encoding.UTF8.GetBytes(serializer.Serialize(header));
var payloadBytes = Encoding.UTF8.GetBytes(serializer.Serialize(payload));
segments.Add(urlEncoder.Encode(headerBytes));
segments.Add(urlEncoder.Encode(payloadBytes));
var stringToSign = String.Join(".", segments.ToArray());
var bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
var signature = deviceRSA.SignData(bytesToSign, new SHA256Managed());
segments.Add(urlEncoder.Encode(signature));
return(String.Join(".", segments.ToArray()));
}
}
