Esempio n. 1
0
        public void When_verifying(IDictionary <string, object> ignored, string signingKey, string jwt)
        {
            IJwtParser parser = new DefaultJwtParser(Serializers.Create().JsonNetSerializer().Build());

            var signingKeyBytes = Encoding.UTF8.GetBytes(signingKey);
            var decoded         = parser
                                  .SetSigningKey(signingKeyBytes)
                                  .Parse(jwt);

            var validator = new JwtSignatureValidator(signingKeyBytes);

            validator.IsValid(decoded).ShouldBeTrue();
        }
Esempio n. 2
0
        public async Task <object> PremiumInfo()
        {
            string accessTokenOnAggregator = premiumInfoValidationService.CheckAndGetAccessTokenOnAggregator(Request);
            string atHash = HelperHash.AtHashString(accessTokenOnAggregator);

            var authorizationState = await authorizationStateService.GetAuthStateByTokenAsync(atHash);

            var servingOperator = idgwConnectorManager.GetServingOperatorByString(authorizationState !.PremiumInfoToken.ServingOperator !);
            var idgwConnector   = idgwConnectorManager[servingOperator];

            var idgwResponse = await idgwConnector !.PremiumInfoAsync(authorizationState !.PremiumInfoToken.AccessTokenOnIdgw !);
            var idgwJwks     = await idgwConnector.GetJwksAsync();

            var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();

            if (jwtSecurityTokenHandler.CanReadToken(idgwResponse))
            {
                if (!JwtSignatureValidator.Validate(idgwResponse, idgwJwks, out var idClaims))
                {
                    throw new UnifiedException(OAuth2Error.UnauthorizedClient);
                }
                var jwtPayload = jwtSecurityTokenHandler.ReadJwtToken(idgwResponse).Payload;

                if (authorizationState !.IsPremiumInfoSigned)
                {
                    return(SignedJwtCreator.Create(jwtPayload, settings.PrivateKey !));
                }
                return(jwtPayload);
            }

            if (authorizationState !.IsPremiumInfoSigned)
            {
                var newPayload = JwtPayload.Deserialize(idgwResponse);

                return(SignedJwtCreator.Create(newPayload, settings.PrivateKey !));
            }
            var idgwResponseJson = JsonDocument.Parse(idgwResponse);

            if (idgwResponseJson != null)
            {
                return(idgwResponseJson);
            }
            return(idgwResponse);
        }
Esempio n. 3
0
        public JwtAccessToken(string source, string?issuerJwks = null)
        {
            if (new JsonWebTokenHandler().CanReadToken(source))
            {
                JsonWebToken jsonWebToken = new(source);

                Aud = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Aud, out string aud) ? aud : null;
                Azp = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Azp, out string azp) ? azp : null;
                Exp = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Exp, out long exp) ? exp : null;
                Iat = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Iat, out long iat) ? iat : null;
                Iss = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Iss, out string iss) ? iss : null;
                Jti = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Jti, out Guid jti) ? jti : null;
                Sub = jsonWebToken.TryGetPayloadValue(JwtRegisteredClaimNames.Sub, out string sub) ? sub : null;

                if (issuerJwks != null)
                {
                    SourceSignatureIsValid = JwtSignatureValidator.Validate(source, issuerJwks, out _);
                }
                IsJwt = true;
            }
        }