.net 4.0 在.NET 4.0中使用PEM私钥与RS256签署JWT令牌_.net 4.0_Rsa_Jwt_Github Api_Pem

.net 4.0 在.NET 4.0中使用PEM私钥与RS256签署JWT令牌

.net-4.0 jwt

.net 4.0 在.NET 4.0中使用PEM私钥与RS256签署JWT令牌,.net-4.0,rsa,jwt,github-api,pem,.net 4.0,Rsa,Jwt,Github Api,Pem,我需要与GitHub集成API进行交互，但特别是在.NET4.0中，所以我不能使用Octokit 基本上，我得到了一个标准.NETAPI不支持的PEM格式的私有rsa密钥，并且必须发送一个RS256 jwt令牌来获取一个auth令牌，以便与API交互提供了以下ruby示例代码： # Private key contents private_pem = File.read(path_to_pem) private_key = OpenSSL::PKey::RSA.new(private_pem)

我需要与GitHub集成API进行交互，但特别是在.NET4.0中，所以我不能使用Octokit

基本上，我得到了一个标准.NETAPI不支持的PEM格式的私有rsa密钥，并且必须发送一个RS256 jwt令牌来获取一个auth令牌，以便与API交互

提供了以下ruby示例代码：

# Private key contents
private_pem = File.read(path_to_pem)
private_key = OpenSSL::PKey::RSA.new(private_pem)

# Generate the JWT
payload = {
  # issued at time
  iat: Time.now.to_i,
  # JWT expiration time
  exp: 1.minute.from_now.to_i,
  # Integration's GitHub identifier
  iss: 42
}

jwt = JWT.encode(payload, private_key, "RS256")

使用下面的curl示例

curl -i -X POST \
-H "Authorization: Bearer $JWT" \
-H "Accept: application/vnd.github.machine-man-preview+json" \
https://api.github.com/installations/:installation_id/access_tokens

以及以下结果示例：

Status: 201 Created
{
  "token": "v1.1f699f1069f60xxx",
  "expires_at": "2016-07-11T22:14:10Z",
  "on_behalf_of": null
}

能够使用.net 4.0上的以下包成功地与此身份验证API交互

BouncyCastle 1.8.1 何塞jwt 2.1.0 Newtonsoft.Json 9.0.1 FSharp.数据2.3.2 F代码：

open System
open System.Security.Cryptography
open Jose
open Org.BouncyCastle.Crypto
open Org.BouncyCastle.Security
open Org.BouncyCastle.OpenSsl
open Org.BouncyCastle.Crypto.Parameters
open Newtonsoft.Json
open FSharp.Data

let integrationID = 42 //sample
let installID = 10 // sample
let appUserAgent = "My-App-Name" //sample

//Result Format
type InstallToken = { token:string; expires_at:DateTime ; on_behalf_of: string}

let apiBase = "https://api.github.com"
let instBase = apiBase + sprintf "/installations/%i" installID

//.Net 4.0 doesn't have a method for seconds from Epoch
let epochSeconds (date:DateTime) =
      date.ToUniversalTime().Subtract(new DateTime(1970,1,1,0,0,0,DateTimeKind.Utc)).TotalSeconds |> Convert.ToInt64

let createBotToken (pemPath:string) =

    //Parse PEM file with BouncyCastle
    use streamRead = new StreamReader(pemPath)
    let pemRead = PemReader(streamRead)
    let bcRSA:AsymmetricCipherKeyPair = downcast (pemRead.ReadObject())

    //Convert to .NET RSA object with Bouncy Castle
    let dnRSA = bcRSA.Private :?> RsaPrivateCrtKeyParameters |> DotNetUtilities.ToRSAParameters
    use key = new RSACryptoServiceProvider()
    key.ImportParameters(dnRSA)


    //JWT needs literal Dictionary<string,obj> type
    let payload= dict [
                      "iat", (DateTime.Now |> epochSeconds) :> obj ; 
                      "exp", (DateTime.Now.AddMinutes(1.0) |> epochSeconds) :> obj;
                      "iss", integrationID :> obj; 
                     ]
                  |> Dictionary<string,obj>

    //Create token with JWT
    let bearer = JWT.Encode(payload, key, JwsAlgorithm.RS256)

    //Send Request with FSharp.Data
    let iresult = Http.RequestString( instBase + "/access_tokens", httpMethod=HttpMethod.Post ,
                                                         headers=[HttpRequestHeaders.Authorization (sprintf "Bearer %s" bearer); 
                                                                  HttpRequestHeaders.UserAgent appUserAgent;
                                                                  HttpRequestHeaders.Accept "application/vnd.github.machine-man-preview+json";
                                                                  ])
    //Use Newtonsoft.Json to convert to obj
    JsonConvert.DeserializeObject<InstallToken>(iresult)