private static JweDescriptorWrapper CreateDescriptor(KeyManagementAlgorithm algorithm, EncryptionAlgorithm encryptionAlgorithm)
{
var jwk = algorithm.Category switch
{
Cryptography.AlgorithmCategory.None => Jwk.None,
Cryptography.AlgorithmCategory.EllipticCurve => ECJwk.GeneratePrivateKey(EllipticalCurve.P256, algorithm),
Cryptography.AlgorithmCategory.Rsa => RsaJwk.GeneratePrivateKey(4096, algorithm),
Cryptography.AlgorithmCategory.Aes => SymmetricJwk.GenerateKey(algorithm),
Cryptography.AlgorithmCategory.AesGcm => SymmetricJwk.GenerateKey(algorithm),
Cryptography.AlgorithmCategory.Hmac => SymmetricJwk.GenerateKey(algorithm),
Cryptography.AlgorithmCategory.Direct => SymmetricJwk.GenerateKey(encryptionAlgorithm),
Cryptography.AlgorithmCategory.Direct | Cryptography.AlgorithmCategory.EllipticCurve => ECJwk.GeneratePrivateKey(EllipticalCurve.P256),
_ => throw new InvalidOperationException(algorithm.Category.ToString())
};
var descriptor = new JweDescriptor(jwk, algorithm, encryptionAlgorithm)
{
Payload = new JwsDescriptor(Jwk.None, SignatureAlgorithm.None)
{
Payload = new JwtPayload
{
{ JwtClaimNames.Iat, EpochTime.UtcNow },
{ JwtClaimNames.Exp, EpochTime.UtcNow + EpochTime.OneHour },
{ JwtClaimNames.Iss, "https://idp.example.com/" },
{ JwtClaimNames.Aud, "636C69656E745F6964" }
}
}
};
return(new JweDescriptorWrapper(descriptor));
}
public void Encode_Decode(EncryptionAlgorithm enc, KeyManagementAlgorithm alg)
{
var writer = new JwtWriter();
var encryptionKey = SelectKey(enc.Name, alg.Name);
var descriptor = new JweDescriptor
{
EncryptionKey = encryptionKey,
EncryptionAlgorithm = enc,
Algorithm = alg,
Payload = new JwsDescriptor
{
SigningKey = _signingKey,
Algorithm = SignatureAlgorithm.HmacSha256,
Subject = "Alice"
}
};
var token = writer.WriteToken(descriptor);
var reader = new JwtReader(encryptionKey);
var policy = new TokenValidationPolicyBuilder()
.RequireSignature(_signingKey)
.Build();
var result = reader.TryReadToken(token, policy);
Assert.Equal(TokenValidationStatus.Success, result.Status);
Assert.Equal("Alice", result.Token.Subject);
}
public void JweDescriptor_Ctor()
{
SymmetricJwk encryptionKey = SymmetricJwk.GenerateKey(EncryptionAlgorithm.A128CbcHS256);
Assert.Throws <ArgumentNullException>(() => new JweDescriptor(null, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256));
Assert.Throws <ArgumentNullException>(() => new JweDescriptor(encryptionKey, null, EncryptionAlgorithm.A128CbcHS256));
Assert.Throws <ArgumentNullException>(() => new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, null));
var descriptor = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256, CompressionAlgorithm.Def, "typ_value", "cty_value");
Assert.Equal(encryptionKey, descriptor.EncryptionKey);
Assert.Equal(KeyManagementAlgorithm.A128KW, descriptor.Alg);
Assert.Equal(EncryptionAlgorithm.A128CbcHS256, descriptor.Enc);
Assert.Equal(CompressionAlgorithm.Def, descriptor.Zip);
Assert.True(descriptor.Header.TryGetValue("typ", out var typ));
Assert.Equal("typ_value", (string)typ.Value);
Assert.True(descriptor.Header.TryGetValue("cty", out var cty));
Assert.Equal("cty_value", (string)cty.Value);
var descriptorDefault = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256);
Assert.Equal(CompressionAlgorithm.NoCompression, descriptorDefault.Zip);
Assert.False(descriptorDefault.Header.TryGetValue("typ", out _));
Assert.True(descriptorDefault.Header.TryGetValue("cty", out cty));
Assert.Equal("JWT", (string)cty.Value);
}
public void Descriptor_FullCapacity()
{
var payload = new JwtPayload();
for (int i = 0; i < 256; i++)
{
payload.Add(i.ToString(), i);
}
var descriptor = new JweDescriptor(SymmetricJwk.GenerateKey(EncryptionAlgorithm.A128CbcHS256), KeyManagementAlgorithm.Dir, EncryptionAlgorithm.A128CbcHS256, CompressionAlgorithm.Def)
{
Payload = new JwsDescriptor(SymmetricJwk.GenerateKey(SignatureAlgorithm.HS256), SignatureAlgorithm.HS256)
{
Payload = payload
}
};
for (int i = 0; i < 256; i++)
{
descriptor.Payload.TryGetClaim(i.ToString(), out var member);
Assert.Equal(JwtValueKind.Int32, member.Type);
Assert.Equal(i.ToString(), member.Name.ToString());
Assert.Equal(i, (int)member.Value);
}
PooledByteBufferWriter writer = new PooledByteBufferWriter();
var context = new EncodingContext(writer, null, 0, false);
descriptor.Encode(context);
}
static void Main()
{
// Creates a symmetric key defined for the 'HS256' algorithm
var signatureKey = SymmetricJwk.FromBase64Url("R9MyWaEoyiMYViVWo8Fk4TUGWiSoaW6U1nOqXri8_XU");
// Creates a symmetric key for encryption
var encryptionKey = SymmetricJwk.FromBase64Url("R9MyWaEoyiMYViVWo8Fk4T");
// Creates a JWE descriptor with all its properties
var descriptor = new JweDescriptor <JwsDescriptor>()
{
EncryptionKey = encryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
Algorithm = KeyManagementAlgorithm.Aes128KW,
Payload = new JwsDescriptor
{
SigningKey = signatureKey,
Algorithm = SignatureAlgorithm.HmacSha256,
IssuedAt = DateTime.UtcNow,
ExpirationTime = DateTime.UtcNow.AddHours(1),
Issuer = "https://idp.example.com/",
Audience = "636C69656E745F6964"
}
};
// Generates the UTF-8 string representation of the JWT
var writer = new JwtWriter();
var token = writer.WriteTokenString(descriptor);
Console.WriteLine("The JWT is:");
Console.WriteLine(descriptor);
Console.WriteLine();
Console.WriteLine("Its compact form is:");
Console.WriteLine(token);
}
public void Compatible(EncryptionAlgorithm enc, KeyManagementAlgorithm alg)
{
var writer = new JwtWriter();
foreach (var encryptionKey in SelectEncryptionKey(enc.Name.ToString(), alg.Name.ToString()))
{
var descriptor = new JweDescriptor(encryptionKey, alg, enc)
{
Payload = new JwsDescriptor(_signingKey, SignatureAlgorithm.HS256)
{
Payload = new JwtPayload
{
{ "sub", "Alice" }
}
}
};
var token = writer.WriteToken(descriptor);
var policy = new TokenValidationPolicyBuilder()
.RequireSignatureByDefault(_signingKey)
.WithDecryptionKeys(_keys.Jwks)
.Build();
var result = Jwt.TryParse(token, policy, out var jwt);
Assert.True(result);
Assert.True(jwt.Payload.TryGetClaim("sub", out var sub));
Assert.Equal("Alice", sub.GetString());
jwt.Dispose();
}
}
public void Encode_Decode(string enc, byte[] alg)
{
var writer = new JwtWriter();
var descriptor = new JweDescriptor(_bobKey, (KeyManagementAlgorithm)alg, (EncryptionAlgorithm)enc)
{
Payload = new JwsDescriptor(_signingKey, SignatureAlgorithm.HS256)
{
Payload = new JwtPayload
{
{ "sub", "Alice" }
}
}
};
var token = writer.WriteToken(descriptor);
var policy = new TokenValidationPolicyBuilder()
.RequireSignatureByDefault(_signingKey)
.WithDecryptionKey(_bobKey)
.Build();
var result = Jwt.TryParse(token, policy, out var jwt);
Assert.True(result);
Assert.True(jwt.Payload.TryGetClaim("sub", out var sub));
Assert.Equal("Alice", sub.GetString());
jwt.Dispose();
}
private static IDictionary <string, JwtDescriptor> CreateDescriptors(IDictionary <string, Dictionary <string, object> > payloads, SymmetricJwk signingKey, SymmetricJwk encryptionKey)
{
var descriptors = new Dictionary <string, JwtDescriptor>();
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(Jwk.None, SignatureAlgorithm.None);
FillPayload(payload, descriptor);
descriptors.Add("JWT-" + payload.Key, descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, signingKey.SignatureAlgorithm);
FillPayload(payload, descriptor);
descriptors.Add("JWS-" + payload.Key, descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, signingKey.SignatureAlgorithm);
FillPayload(payload, descriptor);
var jwe = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256)
{
Payload = descriptor,
Header = new JwtHeader
{
{ "cty", "JWT" }
}
};
descriptors.Add("JWE-" + payload.Key, jwe);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, signingKey.SignatureAlgorithm);
FillPayload(payload, descriptor);
var jwe = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256, CompressionAlgorithm.Def)
{
Payload = descriptor,
Header = new JwtHeader
{
{ "cty", "JWT" }
}
};
descriptors.Add("JWE-DEF-" + payload.Key, jwe);
}
return(descriptors);
}
public void WithCacheHit_5parameters()
{
_output.Clear();
JweDescriptor descriptor = new JweDescriptor(_encryptionKey, KeyManagementAlgorithm.Dir, EncryptionAlgorithm.A128Gcm, typ: "typ", cty: "cty")
{
Payload = new JwsDescriptor(_signingKey, SignatureAlgorithm.HS256)
};
descriptor.Encode(new EncodingContext(_output, _enabledCache, 0, false));
}
public void WithCacheHit_9parameters()
{
_output.Clear();
JweDescriptor descriptor = new JweDescriptor(_encryptionKey, KeyManagementAlgorithm.Dir, EncryptionAlgorithm.A128Gcm, typ: "typ", cty: "cty")
{
Header = new JwtHeader
{
{ "header5", "value 5" },
{ "header6", "value 6" },
{ "header7", "value 7" },
{ "header8", "value 8" }
},
Payload = new JwsDescriptor(_signingKey, SignatureAlgorithm.HS256)
{
}
};
descriptor.Encode(new EncodingContext(_output, _enabledCache, 0, false));
}
private static byte[] Encode6(JwtWriter writer)
{
JweDescriptor descriptor = new JweDescriptor(encryptionKey1, KeyManagementAlgorithm.Dir, EncryptionAlgorithm.A256Gcm)
{
Payload = new JwsDescriptor(signingKey3, SignatureAlgorithm.RS256)
{
Payload = new JwtPayload
{
{ JwtClaimNames.Iat, 1500000000L },
{ JwtClaimNames.Exp, 2000000000L },
{ JwtClaimNames.Iss, "https://idp.example.com/" },
{ JwtClaimNames.Aud, "636C69656E745F6964" },
{ JwtClaimNames.Sub, "*****@*****.**" },
{ JwtClaimNames.Jti, "12345667890" }
}
}
};
return(writer.WriteToken(descriptor));
}
public void Encode_Decode_NotSupported()
{
var writer = new JwtWriter();
var descriptor = new JweDescriptor(Jwk.None, KeyManagementAlgorithm.Dir, new EncryptionAlgorithm(AlgorithmId.Undefined, "unsupported", 0, SignatureAlgorithm.None, 0, EncryptionType.NotSupported))
{
Payload = new JwsDescriptor(_signingKey, SignatureAlgorithm.HS256)
{
Payload = new JwtPayload
{
{ "sub", "Alice" }
}
}
};
Assert.Throws <NotSupportedException>(() =>
{
var token = writer.WriteToken(descriptor);
});
}
public void Encode_Decode_NotSupported()
{
var writer = new JwtWriter();
var descriptor = new JweDescriptor
{
EncryptionAlgorithm = new EncryptionAlgorithm(-99, "unsupported", 0, SignatureAlgorithm.None, 0, EncryptionType.Undefined),
Algorithm = KeyManagementAlgorithm.Direct,
Payload = new JwsDescriptor
{
SigningKey = _signingKey,
Algorithm = SignatureAlgorithm.HmacSha256,
Subject = "Alice"
}
};
Assert.Throws <NotSupportedException>(() =>
{
var token = writer.WriteToken(descriptor);
});
}
private static ReadOnlyMemory <byte> CreateJws()
{
var descriptor = new JweDescriptor(encryptionKey1, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256)
{
Payload = new JwsDescriptor(signingKey1, SignatureAlgorithm.HS256)
{
Payload = new JwtPayload
{
{ JwtClaimNames.Iat, 1500000000L },
{ JwtClaimNames.Exp, 2000000000L },
{ JwtClaimNames.Iss, "https://idp.example.com/" },
{ JwtClaimNames.Aud, "636C69656E745F6964" },
{ JwtClaimNames.Sub, "*****@*****.**" },
{ JwtClaimNames.Jti, "12345667890" }
}
}
};
var bufferWriter = new System.Buffers.ArrayBufferWriter <byte>();
var context = new EncodingContext(bufferWriter, null, 0, false);
descriptor.Encode(context);
return(bufferWriter.WrittenMemory);
}
static void Main()
{
// Generates the symmetric key for AES encryption with the algorithm 'A256GCMKW'
var sharedEncryptionKey = SymmetricJwk.GenerateKey(KeyManagementAlgorithm.A256GcmKW);
// Creates the symmetric key defined for the 'HS256' signature algorithm
var signatureKey = SymmetricJwk.GenerateKey(SignatureAlgorithm.HS256);
// Creates the JWE descriptor
// The descriptor sets the 'alg' with value 'A256GCMKW' and 'enc' with value 'A128CBC-HS256'
var descriptor = new JweDescriptor(sharedEncryptionKey, KeyManagementAlgorithm.A256GcmKW, EncryptionAlgorithm.A256CbcHS512)
{
// Creates the JWS payload
Payload = new JwsDescriptor(signatureKey, SignatureAlgorithm.HS256)
{
Payload = new JwtPayload
{
// Defines the JWS claims
{ JwtClaimNames.Iat, EpochTime.UtcNow },
{ JwtClaimNames.Exp, EpochTime.UtcNow + EpochTime.OneHour },
{ JwtClaimNames.Iss, "https://idp.example.com/" },
{ JwtClaimNames.Aud, "636C69656E745F6964" }
}
}
};
// Generates the UTF-8 string representation of the JWT
var writer = new JwtWriter();
var token = writer.WriteTokenString(descriptor);
Console.WriteLine("The JWT is:");
Console.WriteLine(descriptor);
Console.WriteLine();
Console.WriteLine("Its compact form is:");
Console.WriteLine(token);
}
public void Descriptor_AllKindOfObject()
{
var descriptor = new JweDescriptor(SymmetricJwk.GenerateKey(256), KeyManagementAlgorithm.Dir, EncryptionAlgorithm.A128CbcHS256, CompressionAlgorithm.Def)
{
Payload = new JwsDescriptor(SymmetricJwk.GenerateKey(SignatureAlgorithm.HS256), SignatureAlgorithm.HS256)
{
Header = new JwtHeader
{
{ "H1", "value1" },
{ "H2", new Dictionary <string, object> {
{ "prop1", "value2" }
} },
{ "H3", 123L },
{ "H4", new Fake {
Inner = new Fake {
Value = "Inner1", Inner = new Fake {
Value = "Inner2"
}
}, Value = "Inner0"
} },
{ "H5", new [] { "a", "b", "c" } },
{ "H6", new [] { new object(), new object(), "abc", 123 } },
{ "H7", true },
{ "H8", false },
},
Payload = new JwtPayload
{
{ "P1", "value1" },
{ "P2", new Dictionary <string, object> {
{ "prop1", "value2" }
} },
{ "P3", 123L },
{ "P4", new Fake {
Inner = new Fake {
Value = "Inner1", Inner = new Fake {
Value = "Inner2"
}
}, Value = "Inner0"
} },
{ "P5", new [] { "a", "b", "c" } },
{ "P6", new [] { new object(), new object(), "abc", 123 } },
{ "P7", true },
{ "P8", false },
}
}
};
Assert.True(descriptor.Payload.TryGetClaim("P1", out var claim));
Assert.Equal(JwtValueKind.String, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P2", out claim));
Assert.Equal(JwtValueKind.Object, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P3", out claim));
Assert.Equal(JwtValueKind.Int64, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P4", out claim));
Assert.Equal(JwtValueKind.Object, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P5", out claim));
Assert.Equal(JwtValueKind.Array, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P6", out claim));
Assert.Equal(JwtValueKind.Array, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P7", out claim));
Assert.Equal(JwtValueKind.True, claim.Type);
Assert.True(descriptor.Payload.TryGetClaim("P8", out claim));
Assert.Equal(JwtValueKind.False, claim.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("alg", out var jwsHeaderParameter));
Assert.Equal(JwtValueKind.JsonEncodedString, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("kid", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.JsonEncodedString, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H1", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.String, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H2", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.Object, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H3", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.Int64, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H4", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.Object, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H5", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.Array, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H6", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.Array, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H7", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.True, jwsHeaderParameter.Type);
Assert.True(descriptor.Payload.Header.TryGetValue("H8", out jwsHeaderParameter));
Assert.Equal(JwtValueKind.False, jwsHeaderParameter.Type);
Assert.True(descriptor.Header.TryGetValue("kid", out var jweHeaderParameter));
Assert.True(descriptor.Header.TryGetValue("alg", out jweHeaderParameter));
Assert.Equal(KeyManagementAlgorithm.Dir.Name, ((JsonEncodedText)jweHeaderParameter.Value));
Assert.True(descriptor.Header.TryGetValue("enc", out jweHeaderParameter));
Assert.Equal(EncryptionAlgorithm.A128CbcHS256.Name, ((JsonEncodedText)jweHeaderParameter.Value));
Assert.True(descriptor.Header.TryGetValue("zip", out jweHeaderParameter));
Assert.Equal(CompressionAlgorithm.Def.Name, (JsonEncodedText)jweHeaderParameter.Value);
PooledByteBufferWriter writer = new PooledByteBufferWriter();
var context = new EncodingContext(writer, null, 0, false);
descriptor.Encode(context);
}
private static IDictionary <string, JwtDescriptor> CreateDescriptors(IDictionary <string, JObject> payloads, SymmetricJwk signingKey, SymmetricJwk encryptionKey)
{
var descriptors = new Dictionary <string, JwtDescriptor>();
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
Algorithm = SignatureAlgorithm.None
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.ToDateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWT " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = (SignatureAlgorithm?)signingKey.Alg
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.ToDateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWS " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = (SignatureAlgorithm?)signingKey.Alg
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.ToDateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
var jwe = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = encryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
Algorithm = KeyManagementAlgorithm.Aes128KW,
ContentType = "JWT"
};
descriptors.Add("JWE " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", jwe);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = (SignatureAlgorithm?)signingKey.Alg
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.ToDateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
var jwe = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = encryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
Algorithm = KeyManagementAlgorithm.Aes128KW,
ContentType = "JWT",
CompressionAlgorithm = CompressionAlgorithm.Deflate
};
descriptors.Add("JWE DEF " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", jwe);
}
return(descriptors);
}
private static IDictionary <string, JwtDescriptor> CreateDescriptors(IDictionary <string, JObject> payloads, SymmetricJwk signingKey, SymmetricJwk encryptionKey)
{
var descriptors = new Dictionary <string, JwtDescriptor>();
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(Jwk.None, SignatureAlgorithm.None);
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.Payload !.Add(property.Name, (long)property.Value);
break;
default:
descriptor.Payload !.Add(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWT " + payload.Key + "6 claims", descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, SignatureAlgorithm.HS256);
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.Payload !.Add(property.Name, (long)property.Value);
break;
default:
descriptor.Payload !.Add(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWS " + payload.Key + "6 claims", descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, SignatureAlgorithm.HS256);
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.Payload !.Add(property.Name, (long)property.Value);
break;
default:
descriptor.Payload !.Add(property.Name, (string)property.Value);
break;
}
}
var jwe = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256)
{
Payload = descriptor
};
descriptors.Add("JWE " + payload.Key + "6 claims", jwe);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor(signingKey, SignatureAlgorithm.HS256);
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.Payload !.Add(property.Name, (long)property.Value);
break;
default:
descriptor.Payload !.Add(property.Name, (string)property.Value);
break;
}
}
var jwe = new JweDescriptor(encryptionKey, KeyManagementAlgorithm.A128KW, EncryptionAlgorithm.A128CbcHS256, CompressionAlgorithm.Def)
{
Payload = descriptor
};
descriptors.Add("JWE DEF " + payload.Key + "6 claims", jwe);
}
return(descriptors);
}
private static IDictionary<string, JwtDescriptor> CreateDescriptors(IDictionary<string, JObject> payloads, SymmetricJwk signingKey, SymmetricJwk encryptionKey)
{
var descriptors = new Dictionary<string, JwtDescriptor>();
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
Algorithm = SignatureAlgorithm.None
};
FillPayload(payload, descriptor);
descriptors.Add("JWT-" + payload.Key, descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = signingKey.SignatureAlgorithm
};
FillPayload(payload, descriptor);
descriptors.Add("JWS-" + payload.Key, descriptor);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = signingKey.SignatureAlgorithm
};
FillPayload(payload, descriptor);
var jwe = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = encryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
Algorithm = KeyManagementAlgorithm.Aes128KW,
ContentType = "JWT"
};
descriptors.Add("JWE-" + payload.Key, jwe);
}
foreach (var payload in payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = signingKey,
Algorithm = signingKey.SignatureAlgorithm
};
FillPayload(payload, descriptor);
var jwe = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = encryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
Algorithm = KeyManagementAlgorithm.Aes128KW,
ContentType = "JWT",
CompressionAlgorithm = CompressionAlgorithm.Deflate
};
descriptors.Add("JWE-DEF-" + payload.Key, jwe);
}
return descriptors;
}
private static Dictionary <string, JwtDescriptor> CreateJwtDescriptors()
{
var descriptors = new Dictionary <string, JwtDescriptor>();
foreach (var payload in Tokens.Payloads)
{
var descriptor = new JwsDescriptor()
{
Algorithm = SignatureAlgorithm.None
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.DateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWT " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", descriptor);
}
foreach (var payload in Tokens.Payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = SigningKey
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, EpochTime.DateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
descriptors.Add("JWS " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", descriptor);
}
foreach (var payload in Tokens.Payloads)
{
var descriptor = new JwsDescriptor()
{
SigningKey = SigningKey
};
foreach (var property in payload.Value.Properties())
{
switch (property.Name)
{
case "iat":
case "nbf":
case "exp":
descriptor.AddClaim(property.Name, Microsoft.IdentityModel.Tokens.EpochTime.DateTime((long)property.Value));
break;
default:
descriptor.AddClaim(property.Name, (string)property.Value);
break;
}
}
var jwe = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = EncryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256
};
descriptors.Add("JWE " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", jwe);
var jwc = new JweDescriptor
{
Payload = descriptor,
EncryptionKey = EncryptionKey,
EncryptionAlgorithm = EncryptionAlgorithm.Aes128CbcHmacSha256,
CompressionAlgorithm = CompressionAlgorithm.Deflate
};
descriptors.Add("JWE DEF " + (payload.Key == "0" ? "" : payload.Key) + "6 claims", jwc);
}
return(descriptors);
}
public JweDescriptorWrapper(JweDescriptor descriptor)
{
_descriptor = descriptor;
}
