Пример #1
0
        //private Encode
        private Task <string> Encrypt(string data, string kid)
        {
            var extraHeaders = new Dictionary <string, object>
            {
                { "typ", "JOSE" },
                { "kid", kid },
                { "iat", DateTime.UtcNow }
            };

            using var key = KeyStore.GetServerKey();
            return(Task.FromResult(Jose.JWT.Encode(data, key, JweAlgorithm.RSA_OAEP, JweEncryption.A256CBC_HS512, extraHeaders: extraHeaders)));
        }
Пример #2
0
        //private  Decode
        private Task <AuthResult> VerifySign(string jwsToken)
        {
            var result = new AuthResult
            {
                JwsHeader = Jose.JWT.Headers(jwsToken)
            };


            if (!result.JwsHeader.TryGetValue("alg", out var alg))
            {
                throw new Exception("Required Element Missing (JWS.alg)");
            }


            if (!result.JwsHeader.TryGetValue("kid", out var kid))
            {
                throw new Exception("Required Element Missing (JWS.kid)");
            }


            if (!result.JwsHeader.TryGetValue("typ", out var typ))
            {
                throw new Exception("Required Element Missing (JWS.typ)");
            }


            if (!result.JwsHeader.TryGetValue("cty", out var cty))
            {
                throw new Exception("Required Element Missing (JWS.cty)");
            }

            try
            {
                using var key   = KeyStore.GetServerKey();
                result.JweToken = Jose.JWT.Decode(jwsToken, key, JwsAlgorithm.RS256);
                result.Kid      = (string)kid;
            }
            catch (Exception)
            {
                throw new Exception("The JWS signature is not valid.");
            }

            return(Task.FromResult(result));
        }