private static Exception CreateJwtDescriptorException_ClaimMustBeOfType(ReadOnlySpan <byte> utf8Name, JwtTokenType[] types)
{
var claimTypes = string.Join(", ", types.Select(t => t.ToString()));
var value = Utf8.GetString(utf8Name);
return(new JwtDescriptorException($"The claim '{value}' must be of type [{claimTypes}]."));
}
internal TokenValidationPolicy(
IValidator[] validators,
Dictionary <string, ICriticalHeaderHandler> criticalHandlers,
int maximumTokenSizeInBytes,
bool ignoreCriticalHeader,
bool ignoreNestedToken,
bool headerCacheDisabled,
SignatureValidationPolicy?signaturePolicy,
IKeyProvider[]?encryptionKeyProviders,
byte[][] issuers,
byte[][] audiences,
int clockSkew,
byte control)
{
_validators = validators ?? throw new ArgumentNullException(nameof(validators));
_criticalHandlers = criticalHandlers ?? throw new ArgumentNullException(nameof(criticalHandlers));
SignatureValidationPolicy = signaturePolicy ?? throw new ArgumentNullException(nameof(signaturePolicy));
DecryptionKeyProviders = encryptionKeyProviders ?? Array.Empty <IKeyProvider>();
_ignoreCriticalHeader = ignoreCriticalHeader;
IgnoreNestedToken = ignoreNestedToken;
MaximumTokenSizeInBytes = maximumTokenSizeInBytes;
ClockSkew = clockSkew;
_control = control;
RequiredAudiencesBinary = audiences;
RequiredAudiences = audiences.Select(a => Utf8.GetString(a)).ToArray();
RequiredIssuersBinary = issuers;
RequiredIssuers = issuers.Select(i => Utf8.GetString(i)).ToArray();
HeaderCache = headerCacheDisabled ? _disabledJwtHeaderCache : new LruJwtHeaderDocumentCache();
}
public static TokenValidationResult MissingHeader(ReadOnlySpan <byte> header)
{
return(new TokenValidationResult
{
Status = TokenValidationStatus.MissingHeader,
ErrorHeader = Utf8.GetString(header)
});
}
public static TokenValidationResult MissingClaim(Jwt jwt, ReadOnlySpan <byte> claim)
{
return(new TokenValidationResult
{
Token = jwt,
Status = TokenValidationStatus.MissingClaim,
ErrorClaim = Utf8.GetString(claim)
});
}
private string DebuggerDisplay()
{
using var bufferWriter = new PooledByteBufferWriter();
using (Utf8JsonWriter writer = new Utf8JsonWriter(bufferWriter, new JsonWriterOptions {
Indented = true
}))
{
WriteTo(writer);
}
var input = bufferWriter.WrittenSpan;
return(Utf8.GetString(input));
}
/// <inheritsdoc />
public override string ToString()
{
using var bufferWriter = new PooledByteBufferWriter();
using (Utf8JsonWriter writer = new Utf8JsonWriter(bufferWriter, new JsonWriterOptions {
Indented = true
}))
{
WriteTo(writer);
}
var input = bufferWriter.WrittenSpan;
return(Utf8.GetString(input));
}
public static string TranscodeHelper(ReadOnlySpan <byte> utf8Unescaped)
{
try
{
return(Utf8.GetString(utf8Unescaped));
}
catch (DecoderFallbackException ex)
{
// We want to be consistent with the exception being thrown
// so the user only has to catch a single exception.
// Since we already throw InvalidOperationException for mismatch token type,
// and while unescaping, using that exception for failure to decode invalid UTF-8 bytes as well.
// Therefore, wrapping the DecoderFallbackException around an InvalidOperationException.
// throw ThrowHelper.GetInvalidOperationException_ReadInvalidUTF8(ex);
throw new InvalidOperationException("Invalid UTF8", ex);
}
}
private static Exception CreateNotSupportedException_Jwk(ReadOnlySpan <byte> name) => new NotSupportedException($"JWK type '{Utf8.GetString(name)}' is not supported.");
/// <inheritdoc/> public override string ToString() => Utf8.GetString(_utf8Json.Span);
private static Exception CreateJwtDescriptorException_ClaimMustBeOfType(ReadOnlySpan <byte> utf8Name, JwtTokenType type)
{
var value = Utf8.GetString(utf8Name);
return(new JwtDescriptorException($"The claim '{value}' must be of type {type}."));
}
private static Exception CreateJwtDescriptorException_ClaimIsRequired(ReadOnlySpan <byte> claim)
{
var value = Utf8.GetString(claim);
return(new JwtDescriptorException($"The claim '{value}' is required."));
}
private static Exception CreateJwtDescriptorException_HeaderIsRequired(ReadOnlySpan <byte> header)
{
var value = Utf8.GetString(header);
return(new JwtDescriptorException($"The header parameter '{value}' is required."));
}
/// <summary>
/// Writes a JWT in its compact serialization format and returns it a string.
/// </summary>
/// <param name="descriptor">The descriptor of the JWT.</param>
/// <returns>The <see cref="string"/> retpresention of the JWT.</returns>
public string WriteTokenString(JwtDescriptor descriptor)
{
using var bufferWriter = new PooledByteBufferWriter();
WriteToken(descriptor, bufferWriter);
return(Utf8.GetString(bufferWriter.WrittenSpan));
}
/// <summary>Requires the specified claim.</summary> public TokenValidationPolicyBuilder RequireClaim(ReadOnlySpan <byte> requiredClaim) => RequireClaim(Utf8.GetString(requiredClaim));
public override string ToString()
{
return(Utf8.GetString(Serialize()));
}
