/// <summary>
/// Decodes the base64 JWT and veries it with the public key
/// in the certificate provided.
/// </summary>
/// <param name="token">
/// The base64-encoded JWT.
/// </param>
/// <param name="signingCertificate">
/// The certificate with the public key to verify the JWT.
/// </param>
/// <param name="verity">
/// If this value is true, signature verification will be proceeded.
/// </param>
/// <returns>
/// The decoded ProxyToken.
/// </returns>
public static ProxyToken Decode(string token, X509Certificate2 signingCertificate, bool verity = false)
{
var segments = token.Split('.');
if (verity)
{
// get the signed data by decoding the string with ASCII
// because when signing it, we use ASCII
var signedData = Encoding.ASCII.GetBytes(string.Concat(segments[0], ".", segments[1]));
var signature = Base64Helper.Base64Decode(segments[2]);
// veify the signature
if (!RSASigningHelper.VerifySignature(signedData, signature, signingCertificate, HashAlgorithm))
{
throw new CryptographicException("Invalid signature");
}
}
// decode header and payload
var header = Encoding.UTF8.GetString(Base64Helper.Base64Decode(segments[0]));
var payload = Encoding.UTF8.GetString(Base64Helper.Base64Decode(segments[1]));
return(JSONObject.Parse <ProxyToken>(payload));
}
/// <summary>
/// An extension to string. Convert the base64 string to plain text.
/// </summary>
public static string DecodeFromBase64(this string base64, Encoding encoding, bool urlSafe = true, bool padding = false)
{
return(encoding.GetString(Base64Helper.Base64Decode(base64, urlSafe, padding)));
}
/// <summary>
/// An extension to string. Convert the given text to base64.
/// </summary>
public static string EncodeToBase64(this string text, Encoding encoding, bool urlSafe = true, bool padding = false)
{
return(Base64Helper.Base64Encode(encoding.GetBytes(text), urlSafe, padding));
}
