/// <summary>
/// Initializes a new instance of the <see cref="JsonWebToken" /> class.
/// </summary>
/// <param name="base64UrlEncodedHeader">The header information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="base64UrlEncodedPayload">The payload information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="algorithm">The <see cref="JsonWebTokenHashAlgorithm"/> to use when signing the JSON Web Token.</param>
/// <param name="secret">The secret that is used when signing the JSON Web Token.</param>
public JsonWebToken(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm, byte[] secret)
{
ValidateJwtParameters(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, secret);
Base64UrlEncodedHeader = base64UrlEncodedHeader;
Base64UrlEncodedPayload = base64UrlEncodedPayload;
Algorithm = algorithm;
Secret = secret;
}
/// <summary>
/// Converts the specified <paramref name="value"/> to its <see cref="HmacAlgorithmType"/> equivalent.
/// </summary>
/// <param name="value">The JSON Web Token hash algorithm to be converted.</param>
/// <returns>A <see cref="HmacAlgorithmType"/> that is equivalent to <paramref name="value"/>.</returns>
public static HmacAlgorithmType ToHmacAlgorithm(JsonWebTokenHashAlgorithm value)
{
switch (value)
{
case JsonWebTokenHashAlgorithm.SHA256:
return(HmacAlgorithmType.SHA256);
default:
throw new ArgumentOutOfRangeException(nameof(value), value, "The specified value is not supported by this converter.");
}
}
/// <summary>
/// Converts the specified <paramref name="value"/> to its JWT <see cref="string"/> equivalent.
/// </summary>
/// <param name="value">The JSON Web Token hash algorithm to be converted.</param>
/// <returns>A JWT <see cref="string"/> that is equivalent to <paramref name="value"/>.</returns>
public static string ToString(JsonWebTokenHashAlgorithm value)
{
switch (value)
{
case JsonWebTokenHashAlgorithm.None:
return("none");
case JsonWebTokenHashAlgorithm.SHA256:
return("HS256");
}
throw new ArgumentOutOfRangeException(nameof(value));
}
private static void ValidateJwtParameters(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm, byte[] secret)
{
Validator.ThrowIfNullOrEmpty(base64UrlEncodedHeader, nameof(base64UrlEncodedHeader));
Validator.ThrowIfNullOrEmpty(base64UrlEncodedPayload, nameof(base64UrlEncodedPayload));
if (algorithm != JsonWebTokenHashAlgorithm.None && secret == null)
{
throw new ArgumentException("You must specify a secret when JsonWebTokenHashAlgorithm is specified to other than None.", nameof(secret));
}
}
/// <summary>
/// Returns a <see cref="string" /> that represents this instance.
/// </summary>
/// <param name="base64UrlEncodedHeader">The header information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="base64UrlEncodedPayload">The payload information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="algorithm">The <see cref="JsonWebTokenHashAlgorithm"/> to use when signing the JSON Web Token.</param>
/// <param name="secret">The secret that is used when signing the JSON Web Token.</param>
/// <returns>A <see cref="string" /> that represents this instance.</returns>
public string ToString(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm, byte[] secret)
{
ValidateJwtParameters(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, secret);
string tokenString = Tokenize(base64UrlEncodedHeader, base64UrlEncodedPayload);
return(algorithm == JsonWebTokenHashAlgorithm.None ? tokenString : "{0}.{1}".FormatWith(tokenString, ComputeSignature(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, secret)));
}
/// <summary>
/// Returns a <see cref="string" /> that represents this instance.
/// </summary>
/// <param name="base64UrlEncodedHeader">The header information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="base64UrlEncodedPayload">The payload information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="algorithm">The <see cref="JsonWebTokenHashAlgorithm"/> to use when signing the JSON Web Token.</param>
/// <returns>A <see cref="string" /> that represents this instance.</returns>
public string ToString(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm)
{
return(ToString(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, Secret));
}
/// <summary>
/// Computes the signature of the JSON Web Token.
/// </summary>
/// <param name="base64UrlEncodedHeader">The header information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="base64UrlEncodedPayload">The payload information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="algorithm">The <see cref="JsonWebTokenHashAlgorithm"/> to use when signing the JSON Web Token.</param>
/// <param name="secret">The secret that is used when signing the JSON Web Token.</param>
/// <returns>A <see cref="string"/> that represent the signature of a JSON Web Token.</returns>
public string ComputeSignature(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm, byte[] secret)
{
ValidateJwtParameters(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, secret);
return(Tokenize(base64UrlEncodedHeader, base64UrlEncodedPayload).ComputeKeyedHash(secret, o =>
{
o.AlgorithmType = JsonWebTokenHashAlgorithmConverter.ToHmacAlgorithm(algorithm);
o.Encoding = Encoding.UTF8;
}).ToUrlEncodedBase64());
}
/// <summary>
/// Computes the signature of the JSON Web Token.
/// </summary>
/// <param name="base64UrlEncodedHeader">The header information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="base64UrlEncodedPayload">The payload information of the JSON Web Token; encoded as a Base64 structure usable for transmission on the URL.</param>
/// <param name="algorithm">The <see cref="JsonWebTokenHashAlgorithm"/> to use when signing the JSON Web Token.</param>
/// <returns>A <see cref="string"/> that represent the signature of a JSON Web Token.</returns>
public string ComputeSignature(string base64UrlEncodedHeader, string base64UrlEncodedPayload, JsonWebTokenHashAlgorithm algorithm)
{
return(ComputeSignature(base64UrlEncodedHeader, base64UrlEncodedPayload, algorithm, Secret));
}
public static String Encode([NotNull] Object payload, [NotNull] Byte[] keyBytes, JsonWebTokenHashAlgorithm algorithm)
{
if (payload == null)
{
throw new ArgumentNullException(nameof(payload));
}
if (keyBytes == null || keyBytes.Length == 0)
{
throw new ArgumentNullException(nameof(keyBytes));
}
var segments = new Collection <String>();
var header = new { typ = "JWT", alg = algorithm.ToString() };
var headerBytes = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header, Formatting.None, JsonSerializerSettings));
var payloadBytes = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload, Formatting.None, JsonSerializerSettings));
segments.Add(Base64UrlEncode(headerBytes));
segments.Add(Base64UrlEncode(payloadBytes));
var stringToSign = String.Join(".", segments.ToArray());
var bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
var signature = HashAlgorithms[algorithm](keyBytes, bytesToSign);
segments.Add(Base64UrlEncode(signature));
return(String.Join(".", segments.ToArray()));
}
