-
Notifications
You must be signed in to change notification settings - Fork 464
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
to create an algorithms based on JSON Web key sets
- Loading branch information
1 parent
c04de2b
commit 96e1c76
Showing
5 changed files
with
170 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
namespace JWT.Jwk; | ||
|
||
public interface IJwtWebKeysCollectionFactory | ||
{ | ||
JwtWebKeysCollection CreateKeys(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
using System; | ||
using System.Security.Cryptography; | ||
using JWT.Algorithms; | ||
using JWT.Exceptions; | ||
using JWT.Serializers; | ||
|
||
namespace JWT.Jwk | ||
{ | ||
public sealed class JwtJsonWebKeySetAlgorithmFactory : IAlgorithmFactory | ||
{ | ||
private readonly JwtWebKeysCollection _webKeysCollection; | ||
|
||
public JwtJsonWebKeySetAlgorithmFactory(JwtWebKeysCollection webKeysCollection) | ||
{ | ||
_webKeysCollection = webKeysCollection; | ||
} | ||
|
||
public JwtJsonWebKeySetAlgorithmFactory(Func<JwtWebKeysCollection> getJsonWebKeys) | ||
{ | ||
_webKeysCollection = getJsonWebKeys(); | ||
} | ||
|
||
public JwtJsonWebKeySetAlgorithmFactory(IJwtWebKeysCollectionFactory webKeysCollectionFactory) | ||
{ | ||
_webKeysCollection = webKeysCollectionFactory.CreateKeys(); | ||
} | ||
|
||
public JwtJsonWebKeySetAlgorithmFactory(string keySet, IJsonSerializer serializer) | ||
{ | ||
_webKeysCollection = new JwtWebKeysCollection(keySet, serializer); | ||
} | ||
|
||
public JwtJsonWebKeySetAlgorithmFactory(string keySet, IJsonSerializerFactory jsonSerializerFactory) | ||
{ | ||
_webKeysCollection = new JwtWebKeysCollection(keySet, jsonSerializerFactory); | ||
} | ||
|
||
public IJwtAlgorithm Create(JwtDecoderContext context) | ||
{ | ||
if (string.IsNullOrEmpty(context.Header.KeyId)) | ||
throw new SignatureVerificationException("The key id is missing in the token header"); | ||
|
||
var key = _webKeysCollection.Find(context.Header.KeyId); | ||
|
||
if (key == null) | ||
throw new SignatureVerificationException("The key id is not presented in the JSON Web key set"); | ||
|
||
if (key.KeyType != "RSA") | ||
throw new NotSupportedException($"JSON Web key type {key.KeyType} currently is not supported"); | ||
|
||
#if NETSTANDARD2_1 || NET6_0_OR_GREATER | ||
var rsaParameters = new RSAParameters | ||
{ | ||
Modulus = JwtWebKeyPropertyValuesEncoder.Base64UrlDecode(key.Modulus), | ||
Exponent = JwtWebKeyPropertyValuesEncoder.Base64UrlDecode(key.Exponent) | ||
}; | ||
|
||
var rsa = RSA.Create(rsaParameters); | ||
|
||
var rsaAlgorithmFactory = new RSAlgorithmFactory(rsa); | ||
|
||
return rsaAlgorithmFactory.Create(context); | ||
#else | ||
throw new NotImplementedException("Not implemented yet"); | ||
#endif | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
using System; | ||
|
||
namespace JWT.Jwk; | ||
|
||
/// <summary> | ||
/// Based on Microsoft.AspNetCore.WebUtilities.WebEncoders | ||
/// </summary> | ||
internal static class JwtWebKeyPropertyValuesEncoder | ||
{ | ||
public static byte[] Base64UrlDecode(string input) | ||
{ | ||
if (input == null) | ||
return null; | ||
|
||
var inputLength = input.Length; | ||
|
||
var paddingCharsCount = GetNumBase64PaddingCharsToAddForDecode(inputLength); | ||
|
||
var buffer = new char[inputLength + paddingCharsCount]; | ||
|
||
for (var i = 0; i < inputLength; ++i) | ||
{ | ||
var symbol = input[i]; | ||
|
||
switch (symbol) | ||
{ | ||
case '-': | ||
buffer[i] = '+'; | ||
break; | ||
case '_': | ||
buffer[i] = '/'; | ||
break; | ||
default: | ||
buffer[i] = symbol; | ||
break; | ||
} | ||
} | ||
|
||
for (var i = input.Length; i < buffer.Length; ++i) | ||
buffer[i] = '='; | ||
|
||
return Convert.FromBase64CharArray(buffer, 0, buffer.Length); | ||
} | ||
|
||
private static int GetNumBase64PaddingCharsToAddForDecode(int inputLength) | ||
{ | ||
switch (inputLength % 4) | ||
{ | ||
case 0: | ||
return 0; | ||
case 2: | ||
return 2; | ||
case 3: | ||
return 1; | ||
default: | ||
throw new FormatException($"Malformed input: {inputLength} is an invalid input length."); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters