/// <summary> /// 通过Jwt获取OauthToken /// </summary> /// <param name="payload">Jwt中需要的内容</param> /// <param name="cert">X509Certificate2 对象, 包含私钥的证书文件</param> /// <returns>通用Oauthtoken对象</returns> public static YfyAuthtoken GetOAuthTokenByJwt(YfyJwtPayload payload, X509Certificate2 cert) { RSACryptoServiceProvider privateKey; var rsaCsp = cert.PrivateKey as RSACryptoServiceProvider; if (rsaCsp != null && rsaCsp.CspKeyContainerInfo.ProviderType == 1) { CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsaCsp.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsaCsp.CspKeyContainerInfo.KeyNumber; if (rsaCsp.CspKeyContainerInfo.MachineKeyStore) { csp.Flags = CspProviderFlags.UseMachineKeyStore; } csp.Flags |= CspProviderFlags.UseExistingKey; privateKey = new RSACryptoServiceProvider(csp); } else { throw new ArgumentException(nameof(cert)); } return(_GetOAuthTokenByJwt(payload, privateKey)); }
/// <summary> /// 通过Jwt获取OauthToken /// </summary> /// <param name="payload">Jwt中需要的内容</param> /// <param name="keyPath">私钥路径。注意,私钥必须是pkcs1格式,不支持pkcs8</param> /// <param name="passwd">私钥密码</param> /// <returns>通用Oauthtoken对象</returns> public static YfyAuthtoken GetOAuthTokenByJwt(YfyJwtPayload payload, string keyPath, string passwd) { string pemString = new StreamReader(File.OpenRead(keyPath)).ReadToEnd(); AsymmetricCipherKeyPair keyPair; using (StreamReader sr = new StreamReader(keyPath)) { var passwdProvider = new RSAPasswdFinder(passwd); PemReader pr = new PemReader(sr, passwdProvider); keyPair = (AsymmetricCipherKeyPair)pr.ReadObject(); } RSAParameters rsaParams = DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)keyPair.Private); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); rsa.ImportParameters(rsaParams); return(_GetOAuthTokenByJwt(payload, rsa)); }
private static YfyAuthtoken _GetOAuthTokenByJwt(YfyJwtPayload payload, RSACryptoServiceProvider privateKey) { string alg = Enum.GetName(typeof(JwtAlgorithms), payload.Alg); var jwtPayload = new Dictionary <string, object>() { { "yifangyun_sub_type", Enum.GetName(typeof(YfySubType), payload.SubType).ToLower() }, { "sub", payload.Sub }, { "exp", payload.Exp }, { "iat", payload.Iat }, { "jti", payload.Jti } }; string token = Jose.JWT.Encode( jwtPayload, privateKey, (Jose.JwsAlgorithm)Enum.Parse(typeof(Jose.JwsAlgorithm), alg), new Dictionary <string, object>() { { "kid", payload.Kid } } ); var request = WebRequest.Create(UriHelper.GetOAuthTokenJwtUri(token)); request.Method = HttpMethod.Post; request.Headers.Add(HttpRequestHeader.Authorization, OAuthHelper.GetBasicAuthrization()); try { var response = request.GetResponse() as HttpWebResponse; return(JsonConvert.DeserializeObject <YfyAuthtoken>(new StreamReader(response.GetResponseStream(), new UTF8Encoding(false)).ReadToEnd())); } catch (WebException we) { throw new YfyHttpException(we); } }