static void Main(string[] args) { if (args?.Length != 1 || string.IsNullOrWhiteSpace(args[0])) { Console.WriteLine("usage: jwtdump <bearer_token>"); return; } string bearerToken = args[0]; JwtSecurityTokenHandler jwtSecurityTokenHandler = new JwtSecurityTokenHandler(); if (!jwtSecurityTokenHandler.CanReadToken(bearerToken)) { Console.WriteLine($"{jwtSecurityTokenHandler.GetType().FullName}.{nameof(jwtSecurityTokenHandler.CanReadToken)}(...) is false."); return; } JwtSecurityToken jwtSecurityToken = jwtSecurityTokenHandler.ReadJwtToken(bearerToken); string json = JsonConvert.SerializeObject(new { jwtSecurityToken.Payload, jwtSecurityToken.ValidFrom, jwtSecurityToken.ValidTo }, Formatting.Indented); Console.WriteLine(Environment.NewLine + json); }
internal static bool Verify(string jwtToken, WebSecureToken outToken, string secretKey) { bool ok = false; byte[] bSecretKey = Encoding.ASCII.GetBytes(secretKey); if (!string.IsNullOrEmpty(jwtToken)) { try { using (var hmac = new System.Security.Cryptography.HMACSHA256(bSecretKey)) { var handler = new JwtSecurityTokenHandler(); var validationParameters = new TokenValidationParameters { ClockSkew = TimeSpan.FromMinutes(1), ValidateAudience = false, ValidateIssuer = false, IssuerSigningKey = new SymmetricSecurityKey(hmac.Key), }; //Avoid handler.ValidateToken which does not work in medium trust environment JwtSecurityToken jwtSecurityToken = (JwtSecurityToken)handler.GetType().InvokeMember("ValidateSignature", System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.InvokeMethod, null, handler, new object[] { jwtToken, validationParameters }); Validators.ValidateIssuerSecurityKey(jwtSecurityToken.SigningKey, jwtSecurityToken, validationParameters); outToken.Expiration = new DateTime(1970, 1, 1).AddSeconds(Double.Parse(jwtSecurityToken.Claims.First(c => c.Type == WebSecureToken.GXEXPIRATION).Value)); outToken.ProgramName = jwtSecurityToken.Claims.First(c => c.Type == WebSecureToken.GXPROGRAM).Value; outToken.Issuer = jwtSecurityToken.Claims.First(c => c.Type == WebSecureToken.GXISSUER).Value; outToken.Value = jwtSecurityToken.Claims.First(c => c.Type == WebSecureToken.GXVALUE).Value; ok = true; } } catch (Exception e) { GXLogging.Error(_log, string.Format("Web Token verify failed for Token '{0}'", jwtToken), e); } } return(ok); }