Esempio n. 1
0
 /// <summary>
 /// Initializes a new instance of the <see cref="T:System.IdentityModel.Tokens.JwtSecurityToken" /> class where the <see cref="T:System.IdentityModel.Tokens.JwtHeader" /> contains the crypto algorithms applied to the encoded <see cref="T:System.IdentityModel.Tokens.JwtHeader" /> and <see cref="T:System.IdentityModel.Tokens.JwtPayload" />. The jwtEncodedString is the result of those operations.
 /// </summary>
 /// <param name="header">Contains JSON objects representing the cryptographic operations applied to the JWT and optionally any additional properties of the JWT</param>
 /// <param name="payload">Contains JSON objects representing the claims contained in the JWT. Each claim is a JSON object of the form { Name, Value }</param>
 /// <exception cref="T:System.ArgumentNullException">'header' is null.</exception>
 /// <exception cref="T:System.ArgumentNullException">'payload' is null.</exception>
 public JwtSecurityToken(JwtHeader header, JwtPayload payload)
 {
     if (header == null)
     {
         throw new ArgumentNullException(nameof(header));
     }
     if (payload == null)
     {
         throw new ArgumentNullException(nameof(payload));
     }
     this.header  = header;
     this.payload = payload;
 }
Esempio n. 2
0
 /// <summary>
 /// Decodes the string into the header, payload and signature
 /// </summary>
 /// <param name="jwtEncodedString">Base64Url encoded string.</param>
 internal void Decode(string jwtEncodedString)
 {
     string[] strArray = jwtEncodedString.Split(new char[1]
     {
         '.'
     }, 4);
     if (strArray.Length != 3)
     {
         throw new ArgumentException(string.Format((IFormatProvider)CultureInfo.InvariantCulture, "IDX10709: '{0}' is not well formed: '{1}'. The string needs to be in compact JSON format, which is of the form: '<Base64UrlEncodedHeader>.<Base64UrlEndcodedPayload>.<OPTIONAL, Base64UrlEncodedSignature>'.", (object)nameof(jwtEncodedString), (object)jwtEncodedString));
     }
     try
     {
         this.header = JwtHeader.Base64UrlDeserialize(strArray[0]);
         string typ = this.header.Typ;
         if (typ != null)
         {
             if (!StringComparer.Ordinal.Equals(typ, "JWT"))
             {
                 if (!StringComparer.Ordinal.Equals(typ, "http://openid.net/specs/jwt/1.0"))
                 {
                     throw new Exception(string.Format((IFormatProvider)CultureInfo.InvariantCulture, "IDX10702: Jwt header type specified, must be '{0}' or '{1}'.  Type received: '{2}'.", (object)"JWT", (object)"http://openid.net/specs/jwt/1.0", (object)typ));
                 }
             }
         }
     }
     catch (Exception ex)
     {
         throw new ArgumentException(string.Format((IFormatProvider)CultureInfo.InvariantCulture, "IDX10703: Unable to decode the '{0}': '{1}' as Base64url encoded string. jwtEncodedString: '{2}'.", (object)"header", (object)strArray[0], (object)jwtEncodedString), ex);
     }
     try
     {
         this.payload = JwtPayload.Base64UrlDeserialize(strArray[1]);
     }
     catch (Exception ex)
     {
         throw new ArgumentException(string.Format((IFormatProvider)CultureInfo.InvariantCulture, "IDX10703: Unable to decode the '{0}': '{1}' as Base64url encoded string. jwtEncodedString: '{2}'.", (object)"payload", (object)strArray[1], (object)jwtEncodedString), ex);
     }
     this.rawData      = jwtEncodedString;
     this.rawHeader    = strArray[0];
     this.rawPayload   = strArray[1];
     this.rawSignature = strArray[2];
 }
Esempio n. 3
0
 /// <summary>
 /// Initializes a new instance of the <see cref="T:System.IdentityModel.Tokens.JwtSecurityToken" /> class specifying optional parameters.
 /// </summary>
 /// <param name="issuer">if this value is not null, a { iss, 'issuer' } claim will be added.</param>
 /// <param name="audience">if this value is not null, a { aud, 'audience' } claim will be added</param>
 /// <param name="claims">if this value is not null then for each <see cref="T:System.Security.Claims.Claim" /> a { 'Claim.Type', 'Claim.Value' } is added. If duplicate claims are found then a { 'Claim.Type', List&lt;object&gt; } will be created to contain the duplicate values.</param>
 /// <param name="expires">if expires.HasValue a { exp, 'value' } claim is added.</param>
 /// <param name="notBefore">if notbefore.HasValue a { nbf, 'value' } claim is added.</param>
 /// <param name="signingCredentials">The <see cref="P:System.IdentityModel.Tokens.JwtSecurityToken.SigningCredentials" /> that will be used to sign the <see cref="T:System.IdentityModel.Tokens.JwtSecurityToken" />. See <see cref="M:System.IdentityModel.Tokens.JwtHeader.#ctor(System.IdentityModel.Tokens.SigningCredentials)" /> for details pertaining to the Header Parameter(s).</param>
 /// <exception cref="T:System.ArgumentException">if 'expires' &lt;= 'notbefore'.</exception>
 public JwtSecurityToken(
     string issuer                         = null,
     string audience                       = null,
     IEnumerable <Claim> claims            = null,
     DateTime?notBefore                    = null,
     DateTime?expires                      = null,
     SigningCredentials signingCredentials = null)
 {
     if (expires.HasValue && notBefore.HasValue)
     {
         DateTime?nullable1 = notBefore;
         DateTime?nullable2 = expires;
         if ((nullable1.HasValue & nullable2.HasValue ? (nullable1.GetValueOrDefault() >= nullable2.GetValueOrDefault() ? 1 : 0) : 0) != 0)
         {
             throw new ArgumentException(string.Format((IFormatProvider)CultureInfo.InvariantCulture, "IDX10401: Expires: '{0}' must be after NotBefore: '{1}'.", (object)expires.Value, (object)notBefore.Value));
         }
     }
     this.payload = new JwtPayload(issuer, audience, claims, notBefore, expires);
     this.header  = new JwtHeader(signingCredentials);
 }