如何使用带有签名证书的 C# JWT 包解码 JWT
How to decode a JWT using C# JWT Package with Signing Certificate
我正在调用 ADFS 以使用 OAuth 授权代码授予获取访问令牌。
我正在以
的形式取回访问令牌
{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...."
"token_type":"bearer",
"expires":3600}
现在,我正在复制 access_token 值并将其粘贴到 https://jwt.io
它解码完美,但签名无效。
Header 为 Jwt.io returns:
{
"typ": "JWT",
"alg": "RS256",
"x5t": "eQKi04zWoOV3eLmNNBrI2_rbqSY"
}
我有如下所示的 pem 令牌签名证书:
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIKUJvNQgAAAAANxTA...
BgNVBAcTBEtlbnQxJjAkBgNVBAoTHVR...
-----END CERTIFICATE-----
现在,如何使用 System.IdentityModel.Tokens.Jwt 或任何其他方法通过证书验证令牌。
请帮助。
经过大量研究,我找到了答案。将其张贴在这里,以便对其他人有所帮助。
string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken;
//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));
var certToken = new X509SecurityToken(clientCertificate);
var validationParameters = new TokenValidationParameters()
{
IssuerSigningToken = certToken,
ValidAudience = audience,
ValidIssuer = issuer,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true
};
try
{
SecurityToken validatedToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
}
catch (Exception err)
{
Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
}
我正在调用 ADFS 以使用 OAuth 授权代码授予获取访问令牌。 我正在以
的形式取回访问令牌{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...."
"token_type":"bearer",
"expires":3600}
现在,我正在复制 access_token 值并将其粘贴到 https://jwt.io 它解码完美,但签名无效。
Header 为 Jwt.io returns:
{
"typ": "JWT",
"alg": "RS256",
"x5t": "eQKi04zWoOV3eLmNNBrI2_rbqSY"
}
我有如下所示的 pem 令牌签名证书:
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIKUJvNQgAAAAANxTA...
BgNVBAcTBEtlbnQxJjAkBgNVBAoTHVR...
-----END CERTIFICATE-----
现在,如何使用 System.IdentityModel.Tokens.Jwt 或任何其他方法通过证书验证令牌。
请帮助。
经过大量研究,我找到了答案。将其张贴在这里,以便对其他人有所帮助。
string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken;
//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));
var certToken = new X509SecurityToken(clientCertificate);
var validationParameters = new TokenValidationParameters()
{
IssuerSigningToken = certToken,
ValidAudience = audience,
ValidIssuer = issuer,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true
};
try
{
SecurityToken validatedToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
}
catch (Exception err)
{
Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
}