/// <summary> /// Initializes a new instance of the <see cref="Jwt" /> class using its string representation. /// </summary> /// <param name="jwtStr">string representation of signed jwt. It must be equal to: /// base64UrlEncode(JWT Header) + "." + base64UrlEncode(JWT Body) "." + base64UrlEncode(Jwt Signature). /// </param> public Jwt(string jwtStr) { var parts = jwtStr.Split(new char[] { '.' }); if (parts.Length != 3) { throw new ArgumentException("Wrong JWT format."); } try { var headerJson = Bytes.ToString(Base64Url.Decode(parts[0])); HeaderContent = Configuration.Serializer.Deserialize <JwtHeaderContent>(headerJson); var bodyJson = Bytes.ToString(Base64Url.Decode(parts[1])); BodyContent = Configuration.Serializer.Deserialize <JwtBodyContent>(bodyJson); SignatureData = Base64Url.Decode(parts[2]); } catch (Exception) { throw new ArgumentException("Wrong JWT format."); } BodyContent.AppId = BodyContent.Issuer.ToString().Replace(JwtBodyContent.SubjectPrefix, ""); BodyContent.Identity = BodyContent.Subject.ToString().Replace(JwtBodyContent.IdentityPrefix, ""); unsignedData = Bytes.FromString(parts[0] + "." + parts[1]); stringRepresentation = jwtStr; }
/// <summary> /// Generates new JWT using specified identity and additional data. /// </summary> /// <param name="identity">identity to generate with.</param> /// <param name="data">dictionary with additional data which will be kept in jwt body.</param> /// <returns>a new instanse of <see cref="Jwt"/>.</returns> public Jwt GenerateToken(string identity, Dictionary <object, object> data = null) { if (string.IsNullOrWhiteSpace(identity)) { throw new ArgumentException($"{nameof(identity)} property is mandatory"); } //to truncate milliseconds and microseconds var timeNow = DateTime.UtcNow; var issuedAt = timeNow.AddTicks(-timeNow.Ticks % TimeSpan.TicksPerSecond); var expiresAt = issuedAt.AddMilliseconds(LifeTime.TotalMilliseconds); var jwtBody = new JwtBodyContent( AppId, identity, issuedAt, expiresAt, data); var jwtHeader = new JwtHeaderContent(AccessTokenSigner.GetAlgorithm(), ApiPublicKeyId); var unsignedJwt = new Jwt(jwtHeader, jwtBody, null); var jwtBytes = Bytes.FromString(unsignedJwt.ToString()); var signature = AccessTokenSigner.GenerateTokenSignature(jwtBytes, ApiKey); return(new Jwt(jwtHeader, jwtBody, signature)); }
/// <summary> /// Initializes a new instance of the <see cref="Jwt" /> class using specified header, body and signature. /// </summary> /// <param name="jwtHeaderContent">jwt header, an instance of <see cref="JwtHeaderContent"/>.</param> /// <param name="jwtBodyContent">jwt body, an instance of <see cref="JwtBodyContent"/>.</param> /// <param name="signatureData">jwt signature data.</param> public Jwt( JwtHeaderContent jwtHeaderContent, JwtBodyContent jwtBodyContent, byte[] signatureData ) { BodyContent = jwtBodyContent ?? throw new ArgumentNullException(nameof(jwtBodyContent)); HeaderContent = jwtHeaderContent ?? throw new ArgumentNullException(nameof(jwtHeaderContent)); SignatureData = signatureData; var withoutSignature = this.HeaderBase64() + "." + this.BodyBase64(); unsignedData = Bytes.FromString(withoutSignature); stringRepresentation = withoutSignature; if (this.SignatureData != null) { stringRepresentation += "." + this.SignatureBase64(); } }