public ClaimsPrincipal ValidateToken(string securityToken,
TokenValidationParameters validationParameters,
out SecurityToken validatedToken)
{
ClaimsPrincipal result = null;
SecurityToken token = null;
Task.WaitAll(Task.Run(async() =>
{
GOSTSecurityToken gostToken = GOSTSecurityToken.Decode(securityToken, _signingSecurityKey);
if (gostToken != null) // if not null - verify OK
{
var identity = new ClaimsIdentity("Bearer");
identity.AddClaim(new Claim(ClaimTypes.Name, gostToken.Id.ToString()));
result = new ClaimsPrincipal(identity);
token = gostToken;
}
}));
validatedToken = token;
return(result);
}
internal static string WriteToken(GOSTSecurityToken token)
{
string header = JsonConvert.SerializeObject(new { alg = "gost34.11.2012", typ = "JWT" });
// TODO claims // audience
string payLoad = JsonConvert.SerializeObject(new
{
userId = token.Id,
iss = token.Issuer,
aud = "TemplateApp",
nbf = token.ValidFrom.ToString(),
exp = token.ValidTo.ToString()
}); //1
byte[] securityKey = ((SymmetricSecurityKey)token.SecurityKey).Key;
string unsignedToken = ToBase64(header) + '.' + ToBase64(payLoad);
GostCrypto.Gost34102012Signer signer = new GostCrypto.Gost34102012Signer(new BigInteger(securityKey));
string signature = signer.Sign(unsignedToken);
return(ToBase64(header) + "." + ToBase64(payLoad) + "." + ToBase64(signature));
}