/// <summary>
/// Encode a ProxyToken to base64 JWT, and sign it with the private key
/// provided by the certificate.
/// </summary>
/// <param name="payload">
/// The ProxyToken to be encoded.
/// </param>
/// <param name="signingCertificate">
/// The X509Certificate which includes the private key to sign the JWT.
/// </param>
/// <returns>
/// The base64 encoded JWT with signature appended.
/// </returns>
public static string Encode(ProxyToken payload, X509Certificate2 signingCertificate)
{
// header, payload and signature are joint by dot
// header.payload.signature
var segments = new List <string>();
// RS256 is the ONLY algorithm that works
var header = new JwtHeader {
typ = Type, alg = SigningAlgorithm
};
// x5t is the base64 encoded SHA1 hash of the certificate
// must use SHA1 hash algorithm here
header.x5t = Base64Helper.Base64Encode(signingCertificate.GetCertHash());
// header and payload should be encoded using UTF8
var base64header = Base64Helper.Base64Encode(Encoding.UTF8.GetBytes(header.ToString()));
var base64payload = Base64Helper.Base64Encode(Encoding.UTF8.GetBytes(payload.ToString()));
segments.Add(base64header);
segments.Add(base64payload);
// what we sign is the base64 encoded result
var stringToSign = string.Join(".", segments.ToArray());
// sign the data: header and payload
var signature = RSASigningHelper.SignData(
// data to be signed should use ASCII encoding
Encoding.ASCII.GetBytes(stringToSign),
signingCertificate, HashAlgorithm);
segments.Add(Base64Helper.Base64Encode(signature));
return(string.Join(".", segments.ToArray()));
}
public string GetIncorrectBasicAuthorizationHeader()
{
string credential = string.Format("{0}:{1}", EnvironmentConfig.DomainAdminUser + "_123", EnvironmentConfig.DomainAdminPassword);
string hash = Base64Helper.Base64Encode(System.Text.Encoding.UTF8.GetBytes(credential));
return("Basic " + hash);
}
public string GetPreAuthTokenHeader()
{
string proxy_token = GetAuthToken();
string access_token = "VGhpcyBpcyB5b3VyIHBhc3N3b3Jk"; //mocked access token
string combined_token = "{" + string.Format("\"proxy_token\":\"{0}\", \"access_token\":\"{1}\"", proxy_token, access_token) + "}";
string hash = Base64Helper.Base64Encode(System.Text.Encoding.UTF8.GetBytes(combined_token));
return(hash);
}
/// <summary>
/// An extension to string. Convert the given text to base64.
/// </summary>
public static string EncodeToBase64(this string text, Encoding encoding, bool urlSafe = true, bool padding = false)
{
return(Base64Helper.Base64Encode(encoding.GetBytes(text), urlSafe, padding));
}
