Skip to content

Commit

Permalink
Extracting SignatureVerificationException to separate file
Browse files Browse the repository at this point in the history
  • Loading branch information
@abatishchev
abatishchev committed Jul 11, 2015
1 parent aa0cd1e commit 1dd8f17
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 39 deletions.
70 changes: 31 additions & 39 deletions JWT/JWT.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,9 @@ public static class JsonWebToken

/// <summary>
/// Pluggable JSON Serializer
/// </summary>
public static readonly IJsonSerializer JsonSerializer = new DefaultJsonSerializer();

/// </summary>
public static IJsonSerializer JsonSerializer = new DefaultJsonSerializer();

private static readonly DateTime UnixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);

static JsonWebToken()
Expand Down Expand Up @@ -145,34 +145,34 @@ public static string Decode(string token, byte[] key, bool verify = true)
return payloadJson;
}

private static void Verify(string decodedCrypto, string decodedSignature, string payloadJson)
{
if (decodedCrypto != decodedSignature)
{
throw new SignatureVerificationException(string.Format("Invalid signature. Expected {0} got {1}", decodedCrypto, decodedSignature));
}

// verify exp claim https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.4
var payloadData = JsonSerializer.Deserialize<Dictionary<string, object>>(payloadJson);
if (payloadData.ContainsKey("exp") && payloadData["exp"] != null)
{
// safely unpack a boxed int
int exp;
try
{
exp = Convert.ToInt32(payloadData["exp"]);
}
catch (Exception)
{
throw new SignatureVerificationException("Claim 'exp' must be an integer.");
}

var secondsSinceEpoch = Math.Round((DateTime.UtcNow - UnixEpoch).TotalSeconds);
if (secondsSinceEpoch >= exp)
{
throw new SignatureVerificationException("Token has expired.");
}
}
private static void Verify(string decodedCrypto, string decodedSignature, string payloadJson)
{
if (decodedCrypto != decodedSignature)
{
throw new SignatureVerificationException(string.Format("Invalid signature. Expected {0} got {1}", decodedCrypto, decodedSignature));
}

// verify exp claim https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.4
var payloadData = JsonSerializer.Deserialize<Dictionary<string, object>>(payloadJson);
if (payloadData.ContainsKey("exp") && payloadData["exp"] != null)
{
// safely unpack a boxed int
int exp;
try
{
exp = Convert.ToInt32(payloadData["exp"]);
}
catch (Exception)
{
throw new SignatureVerificationException("Claim 'exp' must be an integer.");
}

var secondsSinceEpoch = Math.Round((DateTime.UtcNow - UnixEpoch).TotalSeconds);
if (secondsSinceEpoch >= exp)
{
throw new SignatureVerificationException("Token has expired.");
}
}
}

/// <summary>
Expand Down Expand Up @@ -284,12 +284,4 @@ public static byte[] Base64UrlDecode(string input)
return converted;
}
}

public class SignatureVerificationException : Exception
{
public SignatureVerificationException(string message)
: base(message)
{
}
}
}
1 change: 1 addition & 0 deletions JWT/JWT.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
<Compile Include="DefaultJsonSerializer.cs" />
<Compile Include="JWT.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="SignatureVerificationException.cs" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
Expand Down
12 changes: 12 additions & 0 deletions JWT/SignatureVerificationException.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
using System;

namespace JWT
{
public class SignatureVerificationException : Exception
{
public SignatureVerificationException(string message)
: base(message)
{
}
}
}

0 comments on commit 1dd8f17

Please sign in to comment.