public async void AuthMethodTest() { var unixTimeNow = (int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds; var token = JwtSigner.Sign(new { jit = "1234", iss = "auth", aud = "test", sid = "123456789", sub = "*****@*****.**", nbf = unixTimeNow - 600, iat = unixTimeNow, exp = unixTimeNow + 600, acr = "AM2", amr = new List <string> { "password", "devicetoken:1234" } }); var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "http://testserver/api/authpassword"); httpRequestMessage.Headers.Add("Authorization", "Bearer " + token); var response = await TestHttpClient.SendAsync(httpRequestMessage); Assert.True(response.IsSuccessStatusCode); var result = await response.Content.ReadAsStringAsync(); Assert.Contains("*****@*****.**", result); }
public TokenModule(IUserRepository userRepository) : base("/token") { this._userRepository = userRepository; this._jwtSigner = new JwtSigner(); this._passwordHasher = new PasswordHasher(); Post("/auth", async args => { // The user from the POST request var authUser = this.Bind <User>(); // Find the user in the database var user = await this._userRepository.GetUser(authUser.Email); if (user == null) { return(Response.AsJson(new { Status = "Error", Message = "User does not exist" })); } // Does the entered password match the password from the database var validPassword = this._passwordHasher.ValidatePassword(authUser.Password, user.Password, user.Salt); if (!validPassword) { return(Response.AsJson(new { Status = "Error", Message = "Incorrect Password" })); } // Sign a token var token = this._jwtSigner.GenerateToken(user); return(Response.AsJson(new { Status = "Success", Token = token })); }); }
private SecurityKey GetKey() { var data = @" { 'kty' : 'RSA', 'kid' : 'cc34c0a0-bd5a-4a3c-a50d-a2a7db7643df', 'use' : 'sig', 'n' : 'pjdss8ZaDfEH6K6U7GeW2nxDqR4IP049fk1fK0lndimbMMVBdPv_hSpm8T8EtBDxrUdi1OHZfMhUixGaut-3nQ4GG9nM249oxhCtxqqNvEXrmQRGqczyLxuh-fKn9Fg--hS9UpazHpfVAFnB5aCfXoNhPuI8oByyFKMKaOVgHNqP5NBEqabiLftZD3W_lsFCPGuzr4Vp0YS7zS2hDYScC2oOMu4rGU1LcMZf39p3153Cq7bS2Xh6Y-vw5pwzFYZdjQxDn8x8BG3fJ6j8TGLXQsbKH1218_HcUJRvMwdpbUQG5nvA2GXVqLqdwp054Lzk9_B_f1lVrmOKuHjTNHq48w', 'e' : 'AQAB', 'd' : 'ksDmucdMJXkFGZxiomNHnroOZxe8AmDLDGO1vhs-POa5PZM7mtUPonxwjVmthmpbZzla-kg55OFfO7YcXhg-Hm2OWTKwm73_rLh3JavaHjvBqsVKuorX3V3RYkSro6HyYIzFJ1Ek7sLxbjDRcDOj4ievSX0oN9l-JZhaDYlPlci5uJsoqro_YrE0PRRWVhtGynd-_aWgQv1YzkfZuMD-hJtDi1Im2humOWxA4eZrFs9eG-whXcOvaSwO4sSGbS99ecQZHM2TcdXeAs1PvjVgQ_dKnZlGN3lTWoWfQP55Z7Tgt8Nf1q4ZAKd-NlMe-7iqCFfsnFwXjSiaOa2CRGZn-Q', 'p' : '4A5nU4ahEww7B65yuzmGeCUUi8ikWzv1C81pSyUKvKzu8CX41hp9J6oRaLGesKImYiuVQK47FhZ--wwfpRwHvSxtNU9qXb8ewo-BvadyO1eVrIk4tNV543QlSe7pQAoJGkxCia5rfznAE3InKF4JvIlchyqs0RQ8wx7lULqwnn0', 'q' : 'ven83GM6SfrmO-TBHbjTk6JhP_3CMsIvmSdo4KrbQNvp4vHO3w1_0zJ3URkmkYGhz2tgPlfd7v1l2I6QkIh4Bumdj6FyFZEBpxjE4MpfdNVcNINvVj87cLyTRmIcaGxmfylY7QErP8GFA-k4UoH_eQmGKGK44TRzYj5hZYGWIC8', 'dp' : 'lmmU_AG5SGxBhJqb8wxfNXDPJjf__i92BgJT2Vp4pskBbr5PGoyV0HbfUQVMnw977RONEurkR6O6gxZUeCclGt4kQlGZ-m0_XSWx13v9t9DIbheAtgVJ2mQyVDvK4m7aRYlEceFh0PsX8vYDS5o1txgPwb3oXkPTtrmbAGMUBpE', 'dq' : 'mxRTU3QDyR2EnCv0Nl0TCF90oliJGAHR9HJmBe__EjuCBbwHfcT8OG3hWOv8vpzokQPRl5cQt3NckzX3fs6xlJN4Ai2Hh2zduKFVQ2p-AF2p6Yfahscjtq-GY9cB85NxLy2IXCC0PF--Sq9LOrTE9QV988SJy_yUrAjcZ5MmECk', 'qi' : 'ldHXIrEmMZVaNwGzDF9WG8sHj2mOZmQpw9yrjLK9hAsmsNr5LTyqWAqJIYZSwPTYWhY4nu2O0EY9G9uYiqewXfCKw_UngrJt8Xwfq1Zruz0YY869zPN4GiE9-9rzdZB33RBw8kIOquY3MK74FMwCihYx_LiU2YTHkaoJ3ncvtvg' } ".Replace("'", "\""); var d = JsonSerializer.Deserialize <JwkData>(data, new JsonSerializerOptions { PropertyNameCaseInsensitive = true }); var key = JwtSigner.ImportKeyFromJwk(d); return(key); }
public void TestSignAndVerifyJwt(String subDir, string nestDir) { var subPath = Util.TestDataPath(TEST_DATA, subDir, nestDir); using (var ks = new FileSystemKeySet(subPath)) using (var signer = new JwtSigner(ks)) using (var verifier = new JwtVerifier(ks)) { var signedoutput = signer.SignCompact(JObject.Parse(jsonInput)); Console.WriteLine(signedoutput); Expect(verifier.VerifyCompact(signedoutput), Is.True); Expect(signer.VerifyCompact(signedoutput), Is.True); } }
public void CreateJwtSignature() { var key = GetKey(); var somedate = new DateTime(2020, 12, 24); var token = JwtSigner.CalculateJwtToken(key, d => { d.Expires = somedate; d.Claims = new Dictionary <string, object>() { { "shoe", 43 } }; d.Subject = new ClaimsIdentity("identiteetti"); }); Check.That(token) .StartsWith( "eyJhbGciOiJSUzI1NiIsImtpZCI6ImNjMzRjMGEwLWJkNWEtNGEzYy1hNTBkLWEyYTdkYjc2NDNkZiIsInR5cCI6IkpXVCJ9"); }
public void CreateSignAndPublicSized(string keyType, string topDir, string nestDir) { KeyType type = keyType; topDir += "-sizes"; var kspath = Util.TestDataPath(WRITE_DATA, topDir, nestDir); var writer = new FileSystemKeySetWriter(kspath, overwrite: true); using (var ks = CreateNewKeySet(type.Kind, KeyPurpose.SignAndVerify)) { var success = ks.Save(writer); Expect(success, Is.True); } int i = 0; foreach (int size in type.KeySizeOptions) { if (Util.IsSizeTooSlow(size)) { break; } i++; using (var ks = new MutableKeySet(kspath)) { var ver = ks.AddKey(KeyStatus.Primary, size, type: type); Expect(ver, Is.EqualTo(i)); var success = ks.Save(writer); Expect(success, Is.True); } using (var ks = new FileSystemKeySet(kspath)) using (var signer = new Signer(ks)) using (var jwtSigner = new JwtSigner(ks)) { var ciphertext = signer.Sign(input); File.WriteAllText(Path.Combine(kspath, $"{size}.out"), ciphertext); var key = ks.GetPrimaryKey(); if (Jwt.AlgForKey(key) != null) { var token = jwtSigner.SignCompact(JObject.Parse(jsonInput)); File.WriteAllText(Path.Combine(kspath, $"{size}.jwt"), token); } } } if (type.Asymmetric) { var kspath2 = Util.TestDataPath(WRITE_DATA, topDir + ".public", nestDir); var writer2 = new FileSystemKeySetWriter(kspath2, overwrite: true); using (var ks = new MutableKeySet(kspath)) { var pubKs = ks.PublicKey(); var success = pubKs.Save(writer2); Expect(success, Is.True); } } }
protected int TakeAction(IKeySet keyset, Stream inStream, Stream outStream, Stream outStream2, IKeySet keyset2) { if ((WireFormat.IsNullOrEmpty(_format) && (keyset.Metadata.Purpose == KeyPurpose.DecryptAndEncrypt || keyset.Metadata.Purpose == KeyPurpose.Encrypt)) || _format == WireFormat.Crypt ) { using (var ucrypter = new Encrypter(keyset)) { var err = UseCompression(ucrypter); if (err != 0) { return(err); } ucrypter.Encrypt(inStream, outStream); } } else if (WireFormat.IsNullOrEmpty(_format) || _format == WireFormat.Sign) { using (var signer = new Signer(keyset)) { var sig = signer.Sign(inStream); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.SignJwt) { try { using (var signer = new JwtSigner(keyset)) using (var reader = new StreamReader(inStream)) { var sig = signer.SignCompact(JObject.Parse(reader.ReadToEnd())); outStream.Write(Encoding.UTF8.GetBytes(sig), 0, sig.Length); } } catch (Exception ex) { Console.WriteLine(ex.Message); Console.WriteLine(ex.StackTrace); return(-1); } } else if (_format == WireFormat.SignTimeout) { using (var signer = new TimeoutSigner(keyset)) { var sig = signer.Sign(inStream, _expires.GetValueOrDefault()); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.SignAttached) { using (var signer = new AttachedSigner(keyset)) { byte[] hidden = null; if (!String.IsNullOrWhiteSpace(_attachedHidden)) { hidden = signer.Config.RawStringEncoding.GetBytes(_attachedHidden); } signer.Sign(inStream, outStream, hidden); } } else if (_format == WireFormat.SignVanilla || _format == WireFormat.SignUnversioned) { using (var signer = new Keyczar.Compat.VanillaSigner(keyset)) { var sig = signer.Sign(inStream); outStream.Write(sig, 0, sig.Length); } } else if (_format == WireFormat.CryptSession) { using (var crypter = new Encrypter(keyset)) using (var sessionCrypter = new SessionCrypter(crypter)) { var err = UseCompression(sessionCrypter); if (err != 0) { return(err); } var materials = sessionCrypter.SessionMaterial.ToBytes(); outStream.Write(materials, 0, materials.Length); sessionCrypter.Encrypt(inStream, outStream2); } } else if (_format == WireFormat.CryptSignedSession) { if (keyset2 == null) { Console.WriteLine(Localized.MsgRequiresLocation2); return(-1); } using (var crypter = new Encrypter(keyset)) using (var signer = new AttachedSigner(keyset2)) using (var sessionCrypter = new SessionCrypter(crypter, signer)) { var err = UseCompression(sessionCrypter); if (err != 0) { return(err); } var materials = sessionCrypter.SessionMaterial.ToBytes(); outStream.Write(materials, 0, materials.Length); sessionCrypter.Encrypt(inStream, outStream2); } } else { Console.WriteLine(Localized.MsgUnknownFormat, _format); return(-1); } return(0); }