Exemplo n.º 1
0
        public static JWTProperty JWTDecode(string jwt)
        {
            JWTProperty jwtProperty = new JWTProperty();

            string[] tokens = jwt.Split('.');

            if (tokens.Length != 3)
            {
                throw new ApplicationException("jwt separate error.");
            }

            string header = tokens[0];
            string payload = tokens[1];
            jwtProperty._signature = tokens[2];

            jwtProperty._toSignatureString = header + "." + payload;

            jwtProperty._header = Base64Decode(header);
            jwtProperty._payload = Base64Decode(payload);

            return jwtProperty;
        }
Exemplo n.º 2
0
        public static JWTProperty JWTDecode(string jwt)
        {
            JWTProperty jwtProperty = new JWTProperty();

            string[] tokens = jwt.Split('.');

            if (tokens.Length != 3)
            {
                throw new ApplicationException("jwt separate error.");
            }

            string header  = tokens[0];
            string payload = tokens[1];

            jwtProperty._signature = tokens[2];

            jwtProperty._toSignatureString = header + "." + payload;

            jwtProperty._header  = Base64Decode(header);
            jwtProperty._payload = Base64Decode(payload);

            return(jwtProperty);
        }
Exemplo n.º 3
0
        public static bool Validation(string idToken, string jwksJsonString)
        {
            // IDトークンはJWTなのでまず分解する。
            JWTProperty jwtProperty = JWTDecode(idToken);

            var idtokenHeader  = JObject.Parse(jwtProperty._header);
            var idtokenPayload = JObject.Parse(jwtProperty._payload);

            // jwksのJSONをパースする
            var json_jwks = JObject.Parse(jwksJsonString);

            var keys = json_jwks["keys"];

            string modulus  = string.Empty;
            string exponent = string.Empty;
            string alg      = string.Empty;

            JArray a = JArray.Parse(keys.ToString());

            foreach (JObject k in a.Children <JObject>())
            {
                if (idtokenHeader["kid"].ToString() == k["kid"].ToString())
                {
                    modulus  = k["n"].ToString();
                    exponent = k["e"].ToString();
                    alg      = k["alg"].ToString();
                }
            }

            bool          b = false;
            RSAParameters publicKeyParams = new RSAParameters();

            publicKeyParams.Modulus  = DecodeBytes(modulus);
            publicKeyParams.Exponent = DecodeBytes(exponent);
            RSACryptoServiceProvider publicKey = new RSACryptoServiceProvider();

            publicKey.ImportParameters(publicKeyParams);

            RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(publicKey);

            //署名の検証に使用するハッシュアルゴリズムを指定
            string hashAlgorithm = string.Empty;
            string signstring    = jwtProperty._toSignatureString;

            byte[] hashData = null;
            switch (alg)
            {
            case "RS256":
                hashAlgorithm = "SHA256";
                SHA256 signer_sha256 = SHA256.Create();
                hashData = signer_sha256.ComputeHash(Encoding.UTF8.GetBytes(signstring));
                break;

            case "HS256":
                hashAlgorithm = "HMACSHA256";
                HMAC signer_hsha256 = HMACSHA256.Create();
                hashData = signer_hsha256.ComputeHash(Encoding.UTF8.GetBytes(signstring));
                break;

            case "RS512":
                hashAlgorithm = "SHA512";
                SHA512 signer_sha512 = SHA512.Create();
                hashData = signer_sha512.ComputeHash(Encoding.UTF8.GetBytes(signstring));
                break;
            }
            rsaDeformatter.SetHashAlgorithm(hashAlgorithm);

            //署名を検証し、結果を返す
            b = rsaDeformatter.VerifySignature(hashData, DecodeBytes(jwtProperty._signature));

            return(b);
        }