private void AddHeaderParameters(JwtHeader header, JWTOptions options) { HeaderParameters parameters = options.GetHeaderParameters(); List <string> list = parameters.GetAll(); Dictionary <string, object> map = parameters.GetMap(); foreach (string s in list) { header.Add(s.Trim(), ((string)map[s]).Trim()); } }
private bool VerifyHeader(JwtSecurityToken jwtToken, JWTOptions options) { int claimsNumber = jwtToken.Header.Count; HeaderParameters parameters = options.GetHeaderParameters(); if (parameters.IsEmpty() && claimsNumber == 2) { return(true); } if (parameters.IsEmpty() && claimsNumber > 2) { return(false); } List <String> allParms = parameters.GetAll(); if (claimsNumber != allParms.Count + 2) { return(false); } Dictionary <String, Object> map = parameters.GetMap(); foreach (string s in allParms) { if (!jwtToken.Header.ContainsKey(s.Trim())) { return(false); } string claimValue = null; try { claimValue = (string)jwtToken.Header[s.Trim()]; } catch (Exception) { return(false); } String optionsValue = ((string)map[s]).Trim(); if (!SecurityUtils.compareStrings(claimValue, optionsValue.Trim())) { return(false); } } return(true); }
public string DoCreate(string algorithm, PrivateClaims privateClaims, JWTOptions options) { this.error.cleanError(); if (options.HasError()) { this.error = options.GetError(); return(""); } JWTAlgorithm alg = JWTAlgorithmUtils.getJWTAlgorithm(algorithm, this.error); if (this.HasError()) { return(""); } if (this.HasError()) { return(""); } /***Hack to support 1024 RSA key lengths - BEGIN***/ AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS256"] = 1024; AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS512"] = 1024; AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["RS384"] = 1024; /***Hack to support 1024 RSA key lengths - END***/ /***Hack to support 192 ECDSA key lengths - BEGIN***/ AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES256"] = 112; AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES512"] = 112; AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES384"] = 112; /***Hack to support 192 ECDSA key lengths - END***/ JwtPayload payload = doBuildPayload(privateClaims, options); SecurityKey genericKey = null; if (JWTAlgorithmUtils.isPrivate(alg)) { PrivateKeyManager key = options.GetPrivateKey(); if (key.HasError()) { this.error = key.GetError(); return(""); } if (SecurityUtils.compareStrings(key.getPrivateKeyAlgorithm(), "RSA")) { try { genericKey = new RsaSecurityKey((RSA)key.getPrivateKeyForJWT()); }catch (Exception) { this.error = key.GetError(); return(""); } } else if (SecurityUtils.compareStrings(key.getPrivateKeyAlgorithm(), "ECDSA")) { try { genericKey = new ECDsaSecurityKey((ECDsa)key.getPrivateKeyForJWT()); } catch (Exception) { this.error = key.GetError(); return(""); } } else { this.error.setError("JW012", "Not recognized key algorithm"); return(""); } if (genericKey == null) { this.error = key.GetError(); return(""); } } else { SymmetricSecurityKey symKey = new SymmetricSecurityKey(options.getSecret()); genericKey = symKey; } SigningCredentials signingCredentials = JWTAlgorithmUtils.getSigningCredentials(alg, genericKey, this.error); if (this.HasError()) { return(""); } string signedJwt = ""; try { JwtHeader header = new JwtHeader(signingCredentials); if (!options.GetHeaderParameters().IsEmpty()) { AddHeaderParameters(header, options); } JwtSecurityToken secToken = new JwtSecurityToken(header, payload); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); signedJwt = handler.WriteToken(secToken); } catch (Exception e) { this.error.setError("JW003", "key size: " + /*genericKey.KeySize.ToString()*/ e.Message + e.StackTrace); return(""); } return(signedJwt); }