예제 #1
0
        /// <summary>Consume a JSON array.</summary>
        /// <param name="reader"></param>
        internal static void ConsumeJsonArray(ref Utf8JsonReader reader)
        {
            while (reader.Read())
            {
                switch (reader.TokenType)
                {
                case JsonTokenType.EndArray:
                    return;

                case JsonTokenType.StartObject:
                    ConsumeJsonObject(ref reader);
                    break;

                case JsonTokenType.StartArray:
                    ConsumeJsonArray(ref reader);
                    break;

                default:
                    break;
                }
            }

            // If we are here, we are missing a closing bracket.
            ThrowHelper.ThrowFormatException_MalformedJson();
        }
예제 #2
0
        internal static void ConsumeJsonMember(ref Utf8JsonReader reader)
        {
            if (reader.Read())
            {
                switch (reader.TokenType)
                {
                case JsonTokenType.StartObject:
                    ConsumeJsonObject(ref reader);
                    break;

                case JsonTokenType.StartArray:
                    ConsumeJsonArray(ref reader);
                    break;

                case JsonTokenType.String:
                case JsonTokenType.Number:
                case JsonTokenType.True:
                case JsonTokenType.False:
                case JsonTokenType.Null:
                case JsonTokenType.Comment:
                    break;

                default:
                    ThrowHelper.ThrowFormatException_MalformedJson();
                    break;
                }
            }
            else
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }
        }
예제 #3
0
        /// <summary>
        /// Use the <paramref name="reader"/> as JSON input and returns a <see cref="JwtObject"/>.
        /// </summary>
        /// <param name="reader"></param>
        public static JwtObject ReadJsonObject(ref Utf8JsonReader reader)
        {
            var current = new JwtObject();

            while (reader.Read() && reader.TokenType is JsonTokenType.PropertyName)
            {
                var name = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                reader.Read();
                var type = reader.TokenType;
                switch (type)
                {
                case JsonTokenType.StartObject:
                    current.Add(name, ReadJsonObject(ref reader));
                    break;

                case JsonTokenType.StartArray:
                    current.Add(name, ReadJsonArray(ref reader));
                    break;

                case JsonTokenType.String:
                    current.Add(name, reader.GetString());
                    break;

                case JsonTokenType.True:
                    current.Add(name, true);
                    break;

                case JsonTokenType.False:
                    current.Add(name, false);
                    break;

                case JsonTokenType.Null:
                    current.Add(name);
                    break;

                case JsonTokenType.Number:
                    if (reader.TryGetInt64(out long longValue))
                    {
                        current.Add(name, longValue);
                    }
                    else
                    {
                        current.Add(name, reader.GetDouble());
                    }
                    break;

                default:
                    ThrowHelper.ThrowFormatException_MalformedJson();
                    break;
                }
            }

            if (!(reader.TokenType is JsonTokenType.EndObject))
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            return(current);
        }
예제 #4
0
        /// <summary>
        /// Use the <paramref name="reader"/> as JSON input and returns a <see cref="JwtArray"/>.
        /// </summary>
        /// <param name="reader"></param>
        public static JwtArray ReadJsonArray(ref Utf8JsonReader reader)
        {
            var array = new JwtArray(new List <JwtValue>(2));

            while (reader.Read())
            {
                switch (reader.TokenType)
                {
                case JsonTokenType.EndArray:
                    return(array);

                case JsonTokenType.StartObject:
                    array.Add(ReadJsonObject(ref reader));
                    break;

                case JsonTokenType.StartArray:
                    var innerArray = ReadJsonArray(ref reader);
                    array.Add(innerArray);
                    break;

                case JsonTokenType.Null:
                    array.Add(JwtValue.Null);
                    break;

                case JsonTokenType.Number:
                    if (reader.TryGetInt64(out long longValue))
                    {
                        array.Add(longValue);
                    }
                    else
                    {
                        array.Add(reader.GetDouble());
                    }

                    break;

                case JsonTokenType.String:
                    string valueString = reader.GetString();
                    array.Add(valueString);
                    break;

                case JsonTokenType.True:
                    array.Add(JwtValue.True);
                    break;

                case JsonTokenType.False:
                    array.Add(JwtValue.False);
                    break;

                case JsonTokenType.EndObject:
                case JsonTokenType.PropertyName:
                default:
                    break;
                }
            }

            // If we are here, we are missing a closing brace.
            ThrowHelper.ThrowFormatException_MalformedJson();
            return(default);
예제 #5
0
        /// <summary>
        /// Parses the UTF-8 <paramref name="buffer"/> as JSON and returns a <see cref="JwtObject"/>.
        /// </summary>
        /// <param name="buffer"></param>
        public static JwtObject Parse(ReadOnlySpan <byte> buffer)
        {
            Utf8JsonReader reader = new Utf8JsonReader(buffer, true, default);

            if (!reader.Read() || reader.TokenType != JsonTokenType.StartObject)
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            return(ReadJsonObject(ref reader));
        }
예제 #6
0
        public static OpenIdConnectConfiguration FromJson(ReadOnlySpan <byte> json)
        {
            var config = JsonSerializer.Deserialize <OpenIdConnectConfiguration>(json, JsonSerializationBehavior.SerializerOptions);

            if (config is null)
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
                return(null);
            }

            return(config);
        }
예제 #7
0
        internal static void ConsumeJsonObject(ref Utf8JsonReader reader)
        {
            int objectCount = 0;

            while (reader.Read())
            {
                switch (reader.TokenType)
                {
                case JsonTokenType.EndObject:
                    if (objectCount != 0)
                    {
                        objectCount--;
                        break;
                    }
                    else
                    {
                        return;
                    }

                case JsonTokenType.PropertyName:
                    reader.Read();
                    var type = reader.TokenType;
                    switch (type)
                    {
                    case JsonTokenType.StartObject:
                        ConsumeJsonObject(ref reader);
                        objectCount++;
                        break;

                    case JsonTokenType.StartArray:
                        ConsumeJsonArray(ref reader);
                        break;

                    default:
                        break;
                    }
                    break;

                default:
                    break;
                }
            }

            // If we are here, we are missing a closing brace.
            ThrowHelper.ThrowFormatException_MalformedJson();
        }
예제 #8
0
        private static int CheckArrayAudience(ref Utf8JsonReader reader, ref byte validationControl, TokenValidationPolicy policy)
        {
            int count = 0;

            if (policy.RequireAudience)
            {
                validationControl &= unchecked ((byte)~TokenValidationPolicy.MissingAudienceMask);
                while (reader.Read() && reader.TokenType == JsonTokenType.String)
                {
                    count++;
                    var requiredAudiences = policy.RequiredAudiencesBinary;
                    for (int i = 0; i < requiredAudiences.Length; i++)
                    {
                        if (reader.ValueTextEquals(requiredAudiences[i]))
                        {
                            validationControl &= unchecked ((byte)~TokenValidationPolicy.AudienceMask);
                            while (reader.Read() && reader.TokenType == JsonTokenType.String)
                            {
                                // Just read...
                                count++;
                            }

                            goto Found;
                        }
                    }
                }
            }
            else
            {
                while (reader.Read() && reader.TokenType == JsonTokenType.String)
                {
                    // Just read...
                    count++;
                }
            }

Found:
            if (reader.TokenType != JsonTokenType.EndArray)
            {
                ThrowHelper.ThrowFormatException_MalformedJson("The 'aud' claim must be an array of string or a string.");
            }

            return(count);
        }
예제 #9
0
        public static Address FromJson(ReadOnlySpan <byte> json)
        {
            Utf8JsonReader reader = new Utf8JsonReader(json, true, default);

            var address = new Address();

            while (reader.Read())
            {
                switch (reader.TokenType)
                {
                case JsonTokenType.EndObject:
                    return(address);

                case JsonTokenType.PropertyName:
                    var propertyName = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan;

                    reader.Read();
                    switch (reader.TokenType)
                    {
                    case JsonTokenType.String:
                        if (propertyName.SequenceEqual(OidcClaims.FormattedUtf8))
                        {
                            address.Formatted = reader.GetString();
                        }
                        else if (propertyName.SequenceEqual(OidcClaims.StreetAddressUtf8))
                        {
                            address.StreetAddress = reader.GetString();
                        }
                        else if (propertyName.SequenceEqual(OidcClaims.LocalityUtf8))
                        {
                            address.Locality = reader.GetString();
                        }
                        else if (propertyName.SequenceEqual(OidcClaims.RegionUtf8))
                        {
                            address.Region = reader.GetString();
                        }
                        else if (propertyName.SequenceEqual(OidcClaims.PostalCodeUtf8))
                        {
                            address.PostalCode = reader.GetString();
                        }
                        else if (propertyName.SequenceEqual(OidcClaims.CountryUtf8))
                        {
                            address.Country = reader.GetString();
                        }
                        break;

                    case JsonTokenType.StartArray:
                        JsonParser.ConsumeJsonArray(ref reader);
                        break;

                    case JsonTokenType.StartObject:
                        JsonParser.ConsumeJsonObject(ref reader);
                        break;
                    }
                    break;

                default:
                    ThrowHelper.ThrowFormatException_MalformedJson();
                    break;
                }
            }

            ThrowHelper.ThrowFormatException_MalformedJson();
            return(null);
        }
예제 #10
0
        public static OpenIdConnectConfiguration FromJson(ReadOnlySpan <byte> json)
        {
            Utf8JsonReader reader = new Utf8JsonReader(json, true, default);

            if (reader.Read() && reader.TokenType == JsonTokenType.StartObject)
            {
                var config = new OpenIdConnectConfiguration();
                while (reader.Read())
                {
                    switch (reader.TokenType)
                    {
                    case JsonTokenType.EndObject:
                        return(config);

                    case JsonTokenType.PropertyName:
                        var propertyName = reader.GetString();

                        reader.Read();
                        switch (reader.TokenType)
                        {
                        case JsonTokenType.True:
                            ReadTrueProperty(config, propertyName);
                            break;

                        case JsonTokenType.False:
                            ReadFalseProperty(config, propertyName);
                            break;

                        case JsonTokenType.String:
                            ReadStringProperty(ref reader, config, propertyName);
                            break;

                        case JsonTokenType.StartArray:
                            ReadArrayProperty(ref reader, config, propertyName);
                            break;

                        case JsonTokenType.StartObject:
                            config.AdditionalData.Add(new JwtProperty(propertyName, JsonParser.ReadJsonObject(ref reader)));
                            break;

                        case JsonTokenType.Number:
                            if (reader.TryGetInt64(out long longValue))
                            {
                                config.AdditionalData.Add(new JwtProperty(propertyName, longValue));
                            }
                            else
                            {
                                config.AdditionalData.Add(new JwtProperty(propertyName, reader.GetDouble()));
                            }
                            break;
                        }
                        break;

                    default:
                        ThrowHelper.ThrowFormatException_MalformedJson();
                        break;
                    }
                }
            }

            ThrowHelper.ThrowFormatException_MalformedJson();
            return(null);
        }
예제 #11
0
        /// <summary>
        /// Parses the UTF-8 <paramref name="buffer"/> as JSON and returns a <see cref="JwtHeader"/>.
        /// </summary>
        /// <param name="buffer"></param>
        /// <param name="policy"></param>
        public static JwtHeader ParseHeader(ReadOnlySpan <byte> buffer, TokenValidationPolicy policy)
        {
            Utf8JsonReader reader = new Utf8JsonReader(buffer, isFinalBlock: true, state: default);

            if (!reader.Read() || reader.TokenType != JsonTokenType.StartObject)
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            var header = new JwtHeader();

            while (reader.Read())
            {
                if (!(reader.TokenType is JsonTokenType.PropertyName))
                {
                    break;
                }

                var name = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                reader.Read();
                var type = reader.TokenType;


                if (name.Length == 3)
                {
                    if (reader.TokenType == JsonTokenType.String)
                    {
                        var refName = IntegerMarshal.ReadUInt24(name);
                        switch (refName)
                        {
                        case Alg:
                            var alg = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                            if (SignatureAlgorithm.TryParse(alg, out var signatureAlgorithm))
                            {
                                header.SignatureAlgorithm = signatureAlgorithm;
                            }
                            else if (KeyManagementAlgorithm.TryParse(alg, out var keyManagementAlgorithm))
                            {
                                header.KeyManagementAlgorithm = keyManagementAlgorithm;
                            }
                            else if (SignatureAlgorithm.TryParseSlow(ref reader, out signatureAlgorithm))
                            {
                                header.SignatureAlgorithm = signatureAlgorithm;
                            }
                            else if (KeyManagementAlgorithm.TryParseSlow(ref reader, out keyManagementAlgorithm))
                            {
                                header.KeyManagementAlgorithm = keyManagementAlgorithm;
                            }
                            else
                            {
                                header.SignatureAlgorithm = SignatureAlgorithm.Create(reader.GetString());
                            }

                            continue;

                        case Enc:
                            var enc = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                            if (EncryptionAlgorithm.TryParse(enc, out var encryptionAlgorithm))
                            {
                                header.EncryptionAlgorithm = encryptionAlgorithm;
                            }
                            else if (EncryptionAlgorithm.TryParseSlow(ref reader, out encryptionAlgorithm))
                            {
                                header.EncryptionAlgorithm = encryptionAlgorithm;
                            }
                            else
                            {
                                header.EncryptionAlgorithm = EncryptionAlgorithm.Create(reader.GetString());
                            }

                            continue;

                        case Zip:
                            var zip = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                            if (CompressionAlgorithm.TryParse(zip, out var compressionAlgorithm))
                            {
                                header.CompressionAlgorithm = compressionAlgorithm;
                            }
                            else if (CompressionAlgorithm.TryParseSlow(ref reader, out compressionAlgorithm))
                            {
                                header.CompressionAlgorithm = compressionAlgorithm;
                            }
                            else
                            {
                                header.CompressionAlgorithm = CompressionAlgorithm.Create(reader.GetString());
                            }

                            continue;

                        case Cty:
                            header.Cty = reader.GetString();
                            continue;

                        case Typ:
                            header.Typ = reader.GetString();
                            continue;

                        case Kid:
                            header.Kid = reader.GetString();
                            continue;
                        }
                    }
                }
                else if (name.Length == 4)
                {
                    if (reader.TokenType == JsonTokenType.StartArray && IntegerMarshal.ReadUInt32(name) == Crit)
                    {
                        var handlers = policy.CriticalHandlers;
                        if (handlers.Count != 0)
                        {
                            var criticalHeaderHandlers = new List <KeyValuePair <string, ICriticalHeaderHandler> >(handlers.Count);
                            var criticals = new List <JwtValue>();
                            while (reader.Read() && reader.TokenType == JsonTokenType.String)
                            {
                                string criticalHeader = reader.GetString();
                                criticals.Add(new JwtValue(criticalHeader));
                                if (handlers.TryGetValue(criticalHeader, out var handler))
                                {
                                    criticalHeaderHandlers.Add(new KeyValuePair <string, ICriticalHeaderHandler>(criticalHeader, handler));
                                }
                                else
                                {
                                    criticalHeaderHandlers.Add(new KeyValuePair <string, ICriticalHeaderHandler>(criticalHeader, null !));
                                }
                            }

                            header.CriticalHeaderHandlers = criticalHeaderHandlers;

                            if (reader.TokenType != JsonTokenType.EndArray)
                            {
                                ThrowHelper.ThrowFormatException_MalformedJson("The 'crit' header parameter must be an array of string.");
                            }

                            header.Inner.Add(name, new JwtArray(criticals));
                        }
                        else
                        {
                            var criticals = new List <JwtValue>();
                            while (reader.Read() && reader.TokenType == JsonTokenType.String)
                            {
                                string criticalHeader = reader.GetString();
                                criticals.Add(new JwtValue(criticalHeader));
                            }

                            if (reader.TokenType != JsonTokenType.EndArray)
                            {
                                ThrowHelper.ThrowFormatException_MalformedJson("The 'crit' header parameter must be an array of string.");
                            }

                            header.Inner.Add(name, new JwtArray(criticals));
                        }

                        continue;
                    }
                }


                switch (type)
                {
                case JsonTokenType.StartObject:
                    header.Inner.Add(name, JsonParser.ReadJsonObject(ref reader));
                    break;

                case JsonTokenType.StartArray:
                    header.Inner.Add(name, JsonParser.ReadJsonArray(ref reader));
                    break;

                case JsonTokenType.String:
                    header.Inner.Add(name, reader.GetString());
                    break;

                case JsonTokenType.True:
                    header.Inner.Add(name, true);
                    break;

                case JsonTokenType.False:
                    header.Inner.Add(name, false);
                    break;

                case JsonTokenType.Null:
                    header.Inner.Add(name);
                    break;

                case JsonTokenType.Number:
                    if (reader.TryGetInt64(out long longValue))
                    {
                        header.Inner.Add(name, longValue);
                    }
                    else
                    {
                        header.Inner.Add(name, reader.GetDouble());
                    }
                    break;

                default:
                    ThrowHelper.ThrowFormatException_MalformedJson();
                    break;
                }
            }

            if (!(reader.TokenType is JsonTokenType.EndObject))
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            return(header);
        }
예제 #12
0
        /// <summary>
        /// Parses the UTF-8 <paramref name="buffer"/> as JSON and returns a <see cref="JwtPayload"/>.
        /// </summary>
        /// <param name="buffer"></param>
        /// <param name="policy"></param>
        public static JwtPayload ParsePayload(ReadOnlySpan <byte> buffer, TokenValidationPolicy policy)
        {
            Utf8JsonReader reader = new Utf8JsonReader(buffer, isFinalBlock: true, state: default);

            if (!reader.Read() || reader.TokenType != JsonTokenType.StartObject)
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            var  payload = new JwtPayload();
            byte control = policy.ValidationControl;

            while (reader.Read() && reader.TokenType is JsonTokenType.PropertyName)
            {
                var name = reader.ValueSpan /* reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan */;
                reader.Read();
                var type = reader.TokenType;
                if (name.Length == 3)
                {
                    uint nameValue = IntegerMarshal.ReadUInt24(name);
                    switch (nameValue)
                    {
                    case Aud:
                        if (type == JsonTokenType.String)
                        {
                            if (policy.RequireAudience)
                            {
                                var audiencesBinary = policy.RequiredAudiencesBinary;
                                var audiences       = policy.RequiredAudiences;
                                for (int i = 0; i < audiencesBinary.Length; i++)
                                {
                                    if (reader.ValueTextEquals(audiencesBinary[i]))
                                    {
                                        payload.Aud = new[] { audiences[i] };
                                        control    &= unchecked ((byte)~TokenValidationPolicy.AudienceFlag);
                                        break;
                                    }
                                }

                                control &= unchecked ((byte)~JwtPayload.MissingAudienceFlag);
                            }
                            else
                            {
                                payload.Aud = new[] { reader.GetString() };
                            }
                        }
                        else if (type == JsonTokenType.StartArray)
                        {
                            if (policy.RequireAudience)
                            {
                                var audiences = new List <string>();
                                while (reader.Read() && reader.TokenType == JsonTokenType.String)
                                {
                                    var requiredAudiences = policy.RequiredAudiencesBinary;
                                    for (int i = 0; i < requiredAudiences.Length; i++)
                                    {
                                        if (reader.ValueTextEquals(requiredAudiences[i]))
                                        {
                                            control &= unchecked ((byte)~TokenValidationPolicy.AudienceFlag);
                                            break;
                                        }
                                    }

                                    audiences.Add(reader.GetString());
                                    control &= unchecked ((byte)~JwtPayload.MissingAudienceFlag);
                                }

                                if (reader.TokenType != JsonTokenType.EndArray)
                                {
                                    ThrowHelper.ThrowFormatException_MalformedJson("The 'aud' claim must be an array of string or a string.");
                                }

                                payload.Aud = audiences.ToArray();
                            }
                            else
                            {
                                payload.Aud = JsonParser.ReadStringArray(ref reader);
                            }
                        }
                        else
                        {
                            ThrowHelper.ThrowFormatException_MalformedJson("The 'aud' claim must be an array of string or a string.");
                        }

                        continue;

                    case Iss:
                        if (policy.RequireIssuer)
                        {
                            if (reader.ValueTextEquals(policy.RequiredIssuerBinary))
                            {
                                payload.Iss = policy.RequiredIssuer;
                                control    &= unchecked ((byte)~TokenValidationPolicy.IssuerFlag);
                            }
                            else
                            {
                                control &= unchecked ((byte)~JwtPayload.MissingIssuerFlag);
                            }
                        }
                        else
                        {
                            payload.Iss = reader.GetString();
                        }

                        continue;

                    case Exp:
                        if (!reader.TryGetInt64(out long longValue))
                        {
                            ThrowHelper.ThrowFormatException_MalformedJson("The claim 'exp' must be an integral number.");
                        }

                        if (policy.RequireExpirationTime)
                        {
                            control &= unchecked ((byte)~JwtPayload.MissingExpirationFlag);
                        }

                        if (longValue >= EpochTime.UtcNow - policy.ClockSkew)
                        {
                            control &= unchecked ((byte)~JwtPayload.ExpiredFlag);
                        }

                        payload.Exp = longValue;
                        continue;

                    case Iat:
                        if (!reader.TryGetInt64(out longValue))
                        {
                            ThrowHelper.ThrowFormatException_MalformedJson("The claim 'iat' must be an integral number.");
                        }

                        payload.Iat = longValue;
                        continue;

                    case Nbf:
                        if (!reader.TryGetInt64(out longValue))
                        {
                            ThrowHelper.ThrowFormatException_MalformedJson("The claim 'nbf' must be an integral number.");
                        }

                        // the 'nbf' claim is not common. The 2nd call to EpochTime.UtcNow should be rare.
                        if (longValue <= EpochTime.UtcNow + policy.ClockSkew)
                        {
                            control &= unchecked ((byte)~JwtPayload.NotYetFlag);
                        }

                        payload.Nbf = longValue;
                        continue;

                    case Jti:
                        payload.Jti = reader.GetString();
                        continue;

                    case Sub:
                        payload.Sub = reader.GetString();
                        continue;
                    }
                }

                switch (type)
                {
                case JsonTokenType.StartObject:
                    payload.Inner.Add(name, JsonParser.ReadJsonObject(ref reader));
                    break;

                case JsonTokenType.StartArray:
                    payload.Inner.Add(name, JsonParser.ReadJsonArray(ref reader));
                    break;

                case JsonTokenType.String:
                    payload.Inner.Add(name, reader.GetString());
                    break;

                case JsonTokenType.True:
                    payload.Inner.Add(name, true);
                    break;

                case JsonTokenType.False:
                    payload.Inner.Add(name, false);
                    break;

                case JsonTokenType.Null:
                    payload.Inner.Add(name);
                    break;

                case JsonTokenType.Number:
                    long longValue;

                    if (reader.TryGetInt64(out longValue))
                    {
                        payload.Inner.Add(name, longValue);
                    }
                    else
                    {
                        payload.Inner.Add(name, reader.GetDouble());
                    }
                    break;

                default:
                    ThrowHelper.ThrowFormatException_MalformedJson();
                    break;
                }
            }

            if (!(reader.TokenType is JsonTokenType.EndObject))
            {
                ThrowHelper.ThrowFormatException_MalformedJson();
            }

            payload.ValidationControl = control;

            return(payload);
        }