在C#中非对称地验证JWT
[英]Validating JWT Asymmetrically in C#
问题描述
I'm trying to do a proof of concept validating a json web token asymmetrically in c#. 
我正在尝试做一个概念证明,以c#身份非对称地验证json网络令牌。 I'm currently trying the Json Web Token Handler for Microsoft.NET library, but I'm struggling to get it to work. 我目前正在尝试用于Microsoft.NET库的Json Web令牌处理程序,但是我正努力使其工作。 The documentation is limited, and most posts online are either issuing tokens or validating tokens symmetrically. 文档是有限的,并且大多数在线帖子都是对称地发行令牌或验证令牌。 I was able to symmetrically validate a token using the generic JWT library as described in this post , but the solution provided there does not handle asymmetric validation, based on the way the decode function is written. 我能对称地验证使用通用JWT库中描述的令牌这个职位 ,但提供的解决方案有不处理非对称验证,基于解码功能的编写方式。
Here is the code I'm working with: 这是我正在使用的代码:
var jwtHandler = new JwtSecurityTokenHandler();
var certificate = new X509Certificate2(certpath, "password", X509KeyStorageFlags.Exportable);
var privateKey = certificate.PrivateKey as RSACryptoServiceProvider;
if (privateKey == null)
{
throw new Exception("Not an RSA private key");
}
var cspBlob = privateKey.ExportCspBlob(true);
var pk = Convert.ToBase64String(cspBlob);
//This code also works instead of the above code, I believe
//var privateKey = certificate.Export(X509ContentType.Pfx);
var tokenValidationParameters = new TokenValidationParameters()
{
ValidAudience = "exampleAudience",
ValidIssuer = "exampleIssuer",
IssuerSigningToken = pk
};
//The token passed in here is a string version of the token
//I have tried both a JWTSecurityToken token and just a string version
ClaimsPrincipal claimsPrincipal = jwtHandler.ValidateToken(asymmetricToken, tokenValidationParameters);
if (claimsPrincipal != null)
{
// Valid
Console.Write("Valid!");
}
I'm getting a couple of errors, namely in the tokenValidationParameters section and the Validate token method. 我遇到了几个错误,即在tokenValidationParameters部分和Validate令牌方法中。 I'm just not sure how these functions work with respect to my scenario. 我只是不确定这些功能如何针对我的情况工作。 What validation parameters do I need to set? 我需要设置哪些验证参数? Also, I see on the msdn page that there is an overloaded method that takes a token and validation parameters, but I'm getting a compilation error indicating that no version of this method takes 2 parameters. 另外,我在msdn页面上看到有一个重载的方法,该方法带有令牌和验证参数,但是我收到编译错误,指示该方法的任何版本都没有2个参数。
Lastly, does anyone know if this code will actually work for asymmetric validation, or does the ValidateToken method on JWTHandler only work for symmetric validation? 最后,是否有人知道此代码是否真正适用于非对称验证,还是JWTHandler上的ValidateToken方法仅适用于对称验证?
Any help at all would be appreciated. 任何帮助将不胜感激。 Thanks. 谢谢。
1 个解决方案
解决方案1
0 已采纳 2016-03-03 16:38:36
I found the solution to my question, and just wanted to share. 我找到了问题的解决方案,只想分享一下。 I ended up using the JWT library I used for symmetric validation. 我最终使用了用于对称验证的JWT库。 I stumbled upon this issue and found that they branched the library and included code for asymmetric validation. 我偶然发现了这个问题 ,发现它们分支了库,并包含了用于非对称验证的代码。 The code for the implementation can be found here . 实现的代码可以在这里找到。
The code I used to import my .pfx certificate and verify the token: 我用来导入.pfx证书并验证令牌的代码:
var certificate = new X509Certificate2(certpath, "password", X509KeyStorageFlags.Exportable);
var privateKey = certificate.Export(X509ContentType.Pfx);
string payload = JWT.Decode(tokenString, privateKey);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.