示例#1
0
            public override SignatureValidationResult TryValidateSignature(JwtHeader header, ReadOnlySpan <byte> contentBytes, ReadOnlySpan <byte> signatureSegment)
            {
                if (contentBytes.IsEmpty && signatureSegment.IsEmpty)
                {
                    // This is not a JWS
                    return(SignatureValidationResult.Success());
                }

                if (signatureSegment.IsEmpty)
                {
                    return(SignatureValidationResult.MissingSignature());
                }

                try
                {
                    int         signatureBytesLength = Base64Url.GetArraySizeRequiredToDecode(signatureSegment.Length);
                    Span <byte> signatureBytes       = stackalloc byte[signatureBytesLength];
                    if (Base64Url.Decode(signatureSegment, signatureBytes, out int byteConsumed, out int bytesWritten) != OperationStatus.Done)
                    {
                        return(SignatureValidationResult.MalformedSignature());
                    }

                    Debug.Assert(bytesWritten == signatureBytes.Length);
                    bool keysTried = false;

                    var keySet = _keyProvider.GetKeys(header);
                    if (keySet != null)
                    {
                        var algorithm = _algorithm;
                        for (int i = 0; i < keySet.Length; i++)
                        {
                            var key = keySet[i];
                            if (key.CanUseForSignature(header.SignatureAlgorithm))
                            {
                                var alg = algorithm ?? key.SignatureAlgorithm;
                                if (!(alg is null))
                                {
                                    if (key.TryGetSigner(alg, out var signer))
                                    {
                                        if (signer.Verify(contentBytes, signatureBytes))
                                        {
                                            return(SignatureValidationResult.Success(key));
                                        }
                                    }
                                }

                                keysTried = true;
                            }
                        }
                    }

                    return(keysTried
                        ? SignatureValidationResult.InvalidSignature()
                        : SignatureValidationResult.SignatureKeyNotFound());
                }
                catch (FormatException e)
                {
                    return(SignatureValidationResult.MalformedSignature(e));
                }
            }
示例#2
0
 internal static TokenValidationResult SignatureValidationFailed(SignatureValidationResult result)
 {
     return(new TokenValidationResult
     {
         Status = result.Status,
         Exception = result.Exception
     });
 }
示例#3
0
 public override SignatureValidationResult TryValidateSignature(JwtHeader header, ReadOnlySpan <byte> contentBytes, ReadOnlySpan <byte> signatureSegment)
 {
     return(SignatureValidationResult.Success());
 }
示例#4
0
 public override SignatureValidationResult TryValidateSignature(JwtHeader header, ReadOnlySpan <byte> contentBytes, ReadOnlySpan <byte> signatureSegment)
 {
     return((contentBytes.Length == 0 && signatureSegment.Length == 0) || (signatureSegment.IsEmpty && header.SignatureAlgorithm == SignatureAlgorithm.None)
         ? SignatureValidationResult.Success()
         : SignatureValidationResult.InvalidSignature());
 }