public virtual string WriteTokenAsString(System.IdentityModel.Tokens.SecurityToken token)
{
Utility.VerifyNonNullArgument("token", token);
JsonWebSecurityToken jsonWebSecurityToken = token as JsonWebSecurityToken;
if (jsonWebSecurityToken == null)
{
throw new System.ArgumentException("Unsupported token type", "token");
}
if (jsonWebSecurityToken.CanWriteSourceData)
{
return(jsonWebSecurityToken.WriteSourceData());
}
System.Collections.Generic.IDictionary <string, string> self = jsonWebSecurityToken.CreateHeaderClaims();
System.Collections.Generic.IDictionary <string, string> self2 = jsonWebSecurityToken.CreatePayloadClaims();
string text = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}.{1}", new object[]
{
Base64UrlEncoder.Encode(self.EncodeToJson()),
Base64UrlEncoder.Encode(self2.EncodeToJson())
});
string text2 = this.Sign(text, jsonWebSecurityToken.SigningCredentials);
return(string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}.{1}", new object[]
{
text,
text2
}));
}
protected virtual string Sign(string signingInput, System.IdentityModel.Tokens.SigningCredentials signingCredentials)
{
if (signingCredentials == null)
{
return(string.Empty);
}
string result;
using (SignatureProvider signatureProvider = SignatureProvider.Create(signingCredentials))
{
result = Base64UrlEncoder.Encode(signatureProvider.Sign(Base64UrlEncoder.TextEncoding.GetBytes(signingInput)));
}
return(result);
}
public virtual System.Collections.Generic.IDictionary <string, string> CreateHeaderClaims()
{
System.Collections.Generic.Dictionary <string, string> dictionary = new System.Collections.Generic.Dictionary <string, string>(System.StringComparer.Ordinal);
dictionary.Add("typ", "JWT");
if (this.SigningCredentials != null)
{
if (System.StringComparer.Ordinal.Compare(this.SigningCredentials.SignatureAlgorithm, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256") == 0)
{
Microsoft.IdentityModel.SecurityTokenService.X509SigningCredentials x509SigningCredentials = this.SigningCredentials as Microsoft.IdentityModel.SecurityTokenService.X509SigningCredentials;
if (x509SigningCredentials == null)
{
throw new System.InvalidOperationException("JWT token is not valid. RSA signature requires X509SigningCredentials");
}
dictionary.Add("alg", "RS256");
dictionary.Add("x5t", Base64UrlEncoder.Encode(x509SigningCredentials.Certificate.GetCertHash()));
}
else if (System.StringComparer.Ordinal.Compare(this.SigningCredentials.SignatureAlgorithm, "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256") == 0)
{
dictionary.Add("alg", "HS256");
}
}
else if (this.IssuerToken != null)
{
System.IdentityModel.Tokens.X509SecurityToken x509SecurityToken = this.IssuerToken as System.IdentityModel.Tokens.X509SecurityToken;
if (x509SecurityToken != null)
{
dictionary.Add("alg", "RS256");
dictionary.Add("x5t", Base64UrlEncoder.Encode(x509SecurityToken.Certificate.GetCertHash()));
}
else if (this.IssuerToken is BinarySecretSecurityToken)
{
dictionary.Add("alg", "HS256");
}
}
else
{
dictionary.Add("alg", "none");
}
return(dictionary);
}
public static string Encode(string arg)
{
Utility.VerifyNonNullOrEmptyStringArgument("arg", arg);
return(Base64UrlEncoder.Encode(Base64UrlEncoder.TextEncoding.GetBytes(arg)));
}