Exemplo n.º 1
0
        public ClaimsPrincipal ValidateToken(string securityToken,
                                             TokenValidationParameters validationParameters,
                                             out SecurityToken validatedToken)
        {
            ClaimsPrincipal result = null;
            SecurityToken   token  = null;

            Task.WaitAll(Task.Run(async() =>
            {
                GOSTSecurityToken gostToken = GOSTSecurityToken.Decode(securityToken, _signingSecurityKey);

                if (gostToken != null)                 // if not null - verify OK
                {
                    var identity = new ClaimsIdentity("Bearer");
                    identity.AddClaim(new Claim(ClaimTypes.Name, gostToken.Id.ToString()));

                    result = new ClaimsPrincipal(identity);

                    token = gostToken;
                }
            }));

            validatedToken = token;
            return(result);
        }
Exemplo n.º 2
0
        internal static string WriteToken(GOSTSecurityToken token)
        {
            string header = JsonConvert.SerializeObject(new { alg = "gost34.11.2012", typ = "JWT" });

            // TODO claims // audience
            string payLoad = JsonConvert.SerializeObject(new
            {
                userId = token.Id,
                iss    = token.Issuer,
                aud    = "TemplateApp",
                nbf    = token.ValidFrom.ToString(),
                exp    = token.ValidTo.ToString()
            });                //1

            byte[] securityKey   = ((SymmetricSecurityKey)token.SecurityKey).Key;
            string unsignedToken = ToBase64(header) + '.' + ToBase64(payLoad);

            GostCrypto.Gost34102012Signer signer = new GostCrypto.Gost34102012Signer(new BigInteger(securityKey));

            string signature = signer.Sign(unsignedToken);

            return(ToBase64(header) + "." + ToBase64(payLoad) + "." + ToBase64(signature));
        }