private static IJwtParser GetParser(byte[] key)
        {
            IJwtParser parser = new DefaultJwtParser(Serializers.Create().JsonNetSerializer().Build());

            parser.SetSigningKey(key);

            return(parser);
        }
예제 #2
0
        public void When_decoding(IDictionary <string, object> expectedPayload, string signingKey, string jwt)
        {
            IJwtParser parser = new DefaultJwtParser(Serializers.Create().JsonNetSerializer().Build());

            var signingKeyBytes = Encoding.UTF8.GetBytes(signingKey);
            var decoded         = parser
                                  .SetSigningKey(signingKeyBytes)
                                  .Parse(jwt);

            decoded.Body.ToDictionary().ShouldBe(expectedPayload);
        }
예제 #3
0
        public void When_verifying(IDictionary <string, object> ignored, string signingKey, string jwt)
        {
            IJwtParser parser = new DefaultJwtParser(Serializers.Create().JsonNetSerializer().Build());

            var signingKeyBytes = Encoding.UTF8.GetBytes(signingKey);
            var decoded         = parser
                                  .SetSigningKey(signingKeyBytes)
                                  .Parse(jwt);

            var validator = new JwtSignatureValidator(signingKeyBytes);

            validator.IsValid(decoded).ShouldBeTrue();
        }
        async Task <IAccountResult> IIdSiteAsyncCallbackHandler.GetAccountResultAsync(CancellationToken cancellationToken)
        {
            var signingKeyBytes = Encoding.UTF8.GetBytes(
                this.internalDataStore.ApiKey.GetSecret());

            IJwtParser parser = new DefaultJwtParser(this.internalDataStore.Serializer);
            var        jwt    = parser
                                .SetSigningKey(signingKeyBytes)
                                .Parse(this.jwtResponse);

            ThrowIfRequiredParametersMissing(jwt.Body);

            string apiKeyFromJwt = null;

            if (IsError(jwt.Body))
            {
                jwt.Header.TryGetValueAsString(JwtHeaderParameters.KeyId, out apiKeyFromJwt);
            }
            else
            {
                apiKeyFromJwt = (string)jwt.Body.GetClaim(DefaultJwtClaims.Audience);
            }

            ThrowIfJwtSignatureInvalid(apiKeyFromJwt, this.internalDataStore.ApiKey, jwt);
            ThrowIfJwtIsExpired(jwt.Body);

            IfErrorThrowIdSiteException(jwt.Body);

            if (!this.nonceStore.IsAsynchronousSupported || this.asyncNonceStore == null)
            {
                throw new ApplicationException("The current nonce store does not support asynchronous operations.");
            }

            var responseNonce = (string)jwt.Body.GetClaim(IdSiteClaims.ResponseId);

            await this.ThrowIfNonceIsAlreadyUsedAsync(responseNonce, cancellationToken).ConfigureAwait(false);

            await this.asyncNonceStore.PutNonceAsync(responseNonce, cancellationToken).ConfigureAwait(false);

            ThrowIfSubjectIsMissing(jwt.Body);

            var accountResult = CreateAccountResult(jwt.Body, this.internalDataStore);
            var resultStatus  = GetResultStatus(jwt.Body);

            if (this.resultListener != null)
            {
                await this.DispatchResponseStatusAsync(resultStatus, accountResult, cancellationToken).ConfigureAwait(false);
            }

            return(accountResult);
        }