private void Parse() { this.Claims = new NameValueCollection(); if (RawToken.StartsWith("wrap_access_token=")) { RawToken = RawToken.Replace("wrap_access_token=", ""); } foreach (var rawNameValue in RawToken.Split(new[] { '&' }, StringSplitOptions.RemoveEmptyEntries)) { if (rawNameValue.StartsWith("HMACSHA256=")) { continue; } var nameValue = rawNameValue.Split('='); if (nameValue.Length != 2) { throw new InvalidSecurityTokenException(string.Format( "Invalid token contains a name/value pair missing an = character: '{0}'", rawNameValue)); } var key = HttpUtility.UrlDecode(nameValue[0]); if (this.Claims.AllKeys.Contains(key)) { throw new InvalidSecurityTokenException("Duplicated name token."); } var values = HttpUtility.UrlDecode(nameValue[1]); switch (key) { case Saml2Constants.Elements.Audience: this.Audience = values; break; case "ExpiresOn": this.ExpiresOn = ulong.Parse(values).ToDateTimeFromEpoch(); break; case Saml2Constants.Elements.Issuer: this.Issuer = values; break; default: foreach (var value in values.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries)) { this.Claims.Add(key, value); } break; } } }
public bool IsValidSignature(string signatureKey) { var result = false; const string separator = "&" + SwtConstants.HmacSha256 + "="; var elements = RawToken.Split(new string[] { separator }, StringSplitOptions.None); if (elements.Length == 2) { var validSignature = HttpUtility.UrlEncode(CalculateSignature(elements[0], signatureKey)); result = string.Equals(validSignature, elements[1], StringComparison.InvariantCulture); } return(result); }
private void ProcessToken() { string payload = RawToken.Split('.') [1]; var bytes = ParseBase64WithoutPadding(payload); var json = Encoding.ASCII.GetString(bytes); var dictionary = JsonConvert.DeserializeObject <Dictionary <string, object> > (json); if (dictionary.TryGetValue("role", out object role)) { Role = role.ToString(); } if (dictionary.TryGetValue("exp", out object expiryInSeconds)) { CalculateExpiry((Int64)expiryInSeconds); } if (dictionary.TryGetValue("nameid", out object id)) { Id = Guid.Parse(id.ToString()); } }