Exemplo n.º 1
0
        private static JweToken ParseJson(IDictionary <string, object> json)
        {
            var recipients = new List <JweRecipient>();

            IEnumerable _recipients = Dictionaries.Get <IEnumerable>(json, "recipients");

            if (_recipients != null)
            {
                foreach (IDictionary <string, object> recipient in _recipients)
                {
                    byte[] encryptedCek = Base64Url.Decode(Dictionaries.Get <string>(recipient, "encrypted_key"));
                    recipients.Add(new JweRecipient(encryptedCek, Dictionaries.Get <IDictionary <string, object> >(recipient, "header")));
                }
            }
            else if (recipients.Count == 0)
            {
                byte[] encryptedCek = Base64Url.Decode(Dictionaries.Get <string>(json, "encrypted_key"));
                recipients.Add(new JweRecipient(encryptedCek, Dictionaries.Get <IDictionary <string, object> >(json, "header")));
            }

            var _protected = Dictionaries.Get <string>(json, "protected");
            var _aad       = Dictionaries.Get <string>(json, "aad");

            return(new JweToken(
                       protectedHeaderBytes: _protected == null ? new byte[0] : Base64Url.Decode(_protected),
                       unprotectedHeader: Dictionaries.Get <IDictionary <string, object> >(json, "unprotected"),
                       recipients: recipients,
                       aad: _aad == null ? null : Base64Url.Decode(_aad),
                       iv: Base64Url.Decode(Dictionaries.Get <string>(json, "iv")),
                       ciphertext: Base64Url.Decode(Dictionaries.Get <string>(json, "ciphertext")),
                       authTag: Base64Url.Decode(Dictionaries.Get <string>(json, "tag")),
                       encoding: SerializationMode.Json));
        }
Exemplo n.º 2
0
        public static JwkSet FromDictionary(IDictionary <string, object> data)
        {
            var keyList = Dictionaries.Get <IEnumerable <object> >(data, "keys");

            JwkSet result = new JwkSet();

            foreach (var key in keyList)
            {
                result.Add(Jwk.FromDictionary((IDictionary <string, object>)key));
            }

            return(result);
        }
Exemplo n.º 3
0
        /// <summary>
        /// Encodes given binary data to JWT token and sign it using given algorithm.
        /// </summary>
        /// <param name="payload">Binary data to encode (not null)</param>
        /// <param name="key">key for signing, suitable for provided JWS algorithm, can be null.</param>
        /// <param name="algorithm">JWT algorithm to be used.</param>
        /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param>
        /// <param name="settings">optional settings to override global DefaultSettings</param>
        /// <param name="options">additional encoding options</param>
        /// <returns>JWT in compact serialization form, digitally signed.</returns>
        public static string EncodeBytes(byte[] payload, object key, JwsAlgorithm algorithm, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null, JwtOptions options = null)
        {
            if (payload == null)
            {
                throw new ArgumentNullException(nameof(payload));
            }

            var jwtSettings = GetSettings(settings);
            var jwtOptions  = options ?? JwtOptions.Default;

            var jwtHeader = new Dictionary <string, object> {
                { "alg", jwtSettings.JwsHeaderValue(algorithm) }
            };

            if (extraHeaders == null) //allow overload, but keep backward compatible defaults
            {
                extraHeaders = new Dictionary <string, object> {
                    { "typ", "JWT" }
                };
            }


            if (!jwtOptions.EncodePayload)
            {
                jwtHeader["b64"]  = false;
                jwtHeader["crit"] = Collections.Union(new[] { "b64" }, Dictionaries.Get <object>(extraHeaders, "crit"));
            }

            Dictionaries.Append(jwtHeader, extraHeaders);
            byte[] headerBytes = Encoding.UTF8.GetBytes(jwtSettings.JsonMapper.Serialize(jwtHeader));

            var jwsAlgorithm = jwtSettings.Jws(algorithm);

            if (jwsAlgorithm == null)
            {
                throw new JoseException(string.Format("Unsupported JWS algorithm requested: {0}", algorithm));
            }

            byte[] signature = jwsAlgorithm.Sign(securedInput(headerBytes, payload, jwtOptions.EncodePayload), key);


            byte[] payloadBytes = jwtOptions.DetachPayload ? new byte[0] : payload;


            return(jwtOptions.EncodePayload
                ? Compact.Serialize(headerBytes, payloadBytes, signature)
                : Compact.Serialize(headerBytes, Encoding.UTF8.GetString(payloadBytes), signature));
        }