/// <summary>
/// This method signs the token and returns it using JWS Compact Serialization notation.
/// </summary>
/// <param name="key">The key.</param>
/// <returns>Returns a compact serialization key.</returns>
public string ToString(byte[] key)
{
JwtHashAlgorithm algo = Header.SupportedAlgorithm;
string b64joseHeader = JwtHelper.SafeBase64UrlEncode(Encoding.UTF8.GetBytes(Header.ToString()));
string b64jwtClaimsSet = JwtHelper.SafeBase64UrlEncode(Encoding.UTF8.GetBytes(Claims.ToString()));
string signature = JwtRoot.CalculateAuthSignature(algo, key, b64joseHeader, b64jwtClaimsSet);
return($"{b64joseHeader}.{b64jwtClaimsSet}.{signature}");
}
private bool JwtValidateIncoming(JwtRoot incoming, JwtHashAlgorithm algo, byte[] key)
{
if (incoming == null)
{
throw new ArgumentOutOfRangeException("Incoming token not set.");
}
if (key == null)
{
throw new ArgumentNullException("key", $"{nameof(JwtValidateIncoming)} - key cannot be null");
}
string b64joseHeader = JwtHelper.SafeBase64UrlEncode(incoming.Raw[0]);
string b64jwtClaimsSet = JwtHelper.SafeBase64UrlEncode(incoming.Raw[1]);
var signed = JwtRoot.CalculateAuthSignature(algo, key, b64joseHeader, b64jwtClaimsSet);
var original = JwtHelper.SafeBase64UrlEncode(incoming.Raw[2]);
return(original == signed);
}
