示例#1
0
        public async Task <JwsPayload> UnSign(string jws)
        {
            if (string.IsNullOrWhiteSpace(jws))
            {
                throw new ArgumentNullException(nameof(jws));
            }

            var protectedHeader = _jwsParser.GetHeader(jws);

            if (protectedHeader == null)
            {
                return(null);
            }

            var jsonWebKeySet = await _identityServerClientFactory.CreateJwksClient()
                                .ResolveAsync(_parametersProvider.GetOpenIdConfigurationUrl())
                                .ConfigureAwait(false);

            var jsonWebKeys = _jsonWebKeyConverter.ExtractSerializedKeys(jsonWebKeySet);

            if (jsonWebKeys == null ||
                !jsonWebKeys.Any(j => j.Kid == protectedHeader.Kid))
            {
                return(null);
            }

            var jsonWebKey = jsonWebKeys.First(j => j.Kid == protectedHeader.Kid);

            if (protectedHeader.Alg == Jwt.Constants.JwsAlgNames.NONE)
            {
                return(_jwsParser.GetPayload(jws));
            }

            return(_jwsParser.ValidateSignature(jws, jsonWebKey));
        }
        public async Task <JwsPayload> UnSign(string jws, string openidProvider)
        {
            if (string.IsNullOrWhiteSpace(jws))
            {
                throw new ArgumentNullException(nameof(jws));
            }

            if (string.IsNullOrWhiteSpace(openidProvider))
            {
                throw new ArgumentNullException(nameof(openidProvider));
            }

            var protectedHeader = _jwsParser.GetHeader(jws);

            if (protectedHeader == null)
            {
                return(null);
            }

            if (protectedHeader.Alg == SimpleIdServer.Core.Jwt.Constants.JwsAlgNames.NONE)
            {
                return(_jwsParser.GetPayload(jws));
            }

            var jsonWebKeySet = await _identityServerClientFactory.CreateJwksClient().ResolveAsync(openidProvider).ConfigureAwait(false);

            return(_jwsParser.ValidateSignature(jws, jsonWebKeySet));
        }
        public Task <JwsPayload> UnSign(string jws, PolicyRule policyRule)
        {
            if (string.IsNullOrWhiteSpace(jws))
            {
                throw new ArgumentNullException(nameof(jws));
            }

            if (policyRule == null)
            {
                throw new ArgumentNullException(nameof(policyRule));
            }

            var protectedHeader = _jwsParser.GetHeader(jws);

            if (protectedHeader == null)
            {
                return(null);
            }

            if (protectedHeader.Alg == SimpleIdentityServer.Core.Jwt.Constants.JwsAlgNames.NONE)
            {
                return(Task.FromResult(_jwsParser.GetPayload(jws)));
            }

            var jsonWebKey = new JsonWebKey
            {
                Kty           = KeyType.RSA,
                Kid           = protectedHeader.Kid,
                SerializedKey = policyRule.SerializedCertificate
            };

            return(Task.FromResult(_jwsParser.ValidateSignature(jws, jsonWebKey)));
        }
        public async Task <JwsPayload> UnSign(
            string jws,
            string jwks)
        {
            if (string.IsNullOrWhiteSpace(jws))
            {
                throw new ArgumentNullException(nameof(jws));
            }

            if (string.IsNullOrWhiteSpace(jwks))
            {
                throw new ArgumentNullException(nameof(jwks));
            }

            var protectedHeader = _jwsParser.GetHeader(jws);

            if (protectedHeader == null)
            {
                return(null);
            }

            var jsonWebKey = await GetJsonWebKey(jwks, protectedHeader.Kid);

            if (jsonWebKey == null &&
                protectedHeader.Alg != Core.Jwt.Constants.JwsAlgNames.NONE)
            {
                return(null);
            }

            if (protectedHeader.Alg == Core.Jwt.Constants.JwsAlgNames.NONE)
            {
                return(_jwsParser.GetPayload(jws));
            }

            return(_jwsParser.ValidateSignature(jws, jsonWebKey));
        }
 public bool IsJwsToken(string jws)
 {
     return _jwsParser.GetHeader(jws) != null;
 }
示例#6
0
        public async Task <JweInformationResult> ExecuteAsync(GetJweParameter getJweParameter)
        {
            if (getJweParameter == null)
            {
                throw new ArgumentNullException(nameof(getJweParameter));
            }

            if (string.IsNullOrWhiteSpace(getJweParameter.Jwe))
            {
                throw new ArgumentNullException(nameof(getJweParameter.Jwe));
            }

            if (string.IsNullOrWhiteSpace(getJweParameter.Url))
            {
                throw new ArgumentNullException(nameof(getJweParameter.Url));
            }

            Uri uri = null;

            if (!Uri.TryCreate(getJweParameter.Url, UriKind.Absolute, out uri))
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          string.Format(ErrorDescriptions.TheUrlIsNotWellFormed, getJweParameter.Url));
            }

            var jwe       = getJweParameter.Jwe;
            var jweHeader = _jweParser.GetHeader(jwe);

            if (jweHeader == null)
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          ErrorDescriptions.TheTokenIsNotAValidJwe);
            }

            var jsonWebKey = await _jsonWebKeyHelper.GetJsonWebKey(jweHeader.Kid, uri).ConfigureAwait(false);

            if (jsonWebKey == null)
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          string.Format(ErrorDescriptions.TheJsonWebKeyCannotBeFound, jweHeader.Kid, uri.AbsoluteUri));
            }

            var content = string.Empty;

            if (!string.IsNullOrWhiteSpace(getJweParameter.Password))
            {
                content = _jweParser.ParseByUsingSymmetricPassword(jwe, jsonWebKey, getJweParameter.Password);
            }
            else
            {
                content = _jweParser.Parse(jwe, jsonWebKey);
            }

            if (string.IsNullOrWhiteSpace(content))
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          ErrorDescriptions.TheContentCannotBeExtractedFromJweToken);
            }

            var result = new JweInformationResult
            {
                Content      = content,
                IsContentJws = false
            };

            var jwsHeader = _jwsParser.GetHeader(content);

            if (jwsHeader != null)
            {
                result.IsContentJws = true;
            }

            return(result);
        }
示例#7
0
        public async Task <JwsInformationResult> Execute(GetJwsParameter getJwsParameter)
        {
            if (getJwsParameter == null || string.IsNullOrWhiteSpace(getJwsParameter.Jws))
            {
                throw new ArgumentNullException(nameof(getJwsParameter));
            }

            Uri uri = null;

            if (!string.IsNullOrWhiteSpace(getJwsParameter.Url))
            {
                if (!Uri.TryCreate(getJwsParameter.Url, UriKind.Absolute, out uri))
                {
                    throw new IdentityServerManagerException(
                              ErrorCodes.InvalidRequestCode,
                              string.Format(ErrorDescriptions.TheUrlIsNotWellFormed, getJwsParameter.Url));
                }
            }

            var jws       = getJwsParameter.Jws;
            var jwsHeader = _jwsParser.GetHeader(jws);

            if (jwsHeader == null)
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          ErrorDescriptions.TheTokenIsNotAValidJws);
            }

            if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase) &&
                uri == null)
            {
                throw new IdentityServerManagerException(
                          ErrorCodes.InvalidRequestCode,
                          ErrorDescriptions.TheSignatureCannotBeChecked);
            }

            var result = new JwsInformationResult
            {
                Header = jwsHeader
            };

            JwsPayload payload = null;

            if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase))
            {
                var jsonWebKey = await _jsonWebKeyHelper.GetJsonWebKey(jwsHeader.Kid, uri).ConfigureAwait(false);

                if (jsonWebKey == null)
                {
                    throw new IdentityServerManagerException(
                              ErrorCodes.InvalidRequestCode,
                              string.Format(ErrorDescriptions.TheJsonWebKeyCannotBeFound, jwsHeader.Kid, uri.AbsoluteUri));
                }

                payload = _jwsParser.ValidateSignature(jws, jsonWebKey);
                if (payload == null)
                {
                    throw new IdentityServerManagerException(
                              ErrorCodes.InvalidRequestCode,
                              ErrorDescriptions.TheSignatureIsNotCorrect);
                }

                var jsonWebKeyDic = _jsonWebKeyEnricher.GetJsonWebKeyInformation(jsonWebKey);
                jsonWebKeyDic.AddRange(_jsonWebKeyEnricher.GetPublicKeyInformation(jsonWebKey));
                result.JsonWebKey = jsonWebKeyDic;
            }
            else
            {
                payload = _jwsParser.GetPayload(jws);
            }


            result.Payload = payload;
            return(result);
        }