/// <summary> /// Decodes the base64 JWT and veries it with the public key /// in the certificate provided. /// </summary> /// <param name="token"> /// The base64-encoded JWT. /// </param> /// <param name="signingCertificate"> /// The certificate with the public key to verify the JWT. /// </param> /// <param name="verity"> /// If this value is true, signature verification will be proceeded. /// </param> /// <returns> /// The decoded ProxyToken. /// </returns> public static ProxyToken Decode(string token, X509Certificate2 signingCertificate, bool verity = false) { var segments = token.Split('.'); if (verity) { // get the signed data by decoding the string with ASCII // because when signing it, we use ASCII var signedData = Encoding.ASCII.GetBytes(string.Concat(segments[0], ".", segments[1])); var signature = Base64Helper.Base64Decode(segments[2]); // veify the signature if (!RSASigningHelper.VerifySignature(signedData, signature, signingCertificate, HashAlgorithm)) { throw new CryptographicException("Invalid signature"); } } // decode header and payload var header = Encoding.UTF8.GetString(Base64Helper.Base64Decode(segments[0])); var payload = Encoding.UTF8.GetString(Base64Helper.Base64Decode(segments[1])); return(JSONObject.Parse <ProxyToken>(payload)); }
/// <summary> /// An extension to string. Convert the base64 string to plain text. /// </summary> public static string DecodeFromBase64(this string base64, Encoding encoding, bool urlSafe = true, bool padding = false) { return(encoding.GetString(Base64Helper.Base64Decode(base64, urlSafe, padding))); }