Fatal编程技术网
  • csharp/
  • 如何使用带有签名证书的C#JWT包解码JWT

如何使用带有签名证书的C#JWT包解码JWT

c# oauth jwt

如何使用带有签名证书的C#JWT包解码JWT,c#,oauth,jwt,adfs3.0,C#,Oauth,Jwt,Adfs3.0,我正在调用ADFS,以使用OAuth授权码Grant获取访问令牌。 我正在表单中获取访问令牌 {"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...." "token_type":"bearer", "expires":3600} 现在,我正在复制access_令牌值并将其粘贴到 它可以完美解码,但签名无效 Jwt.io的头返回: { "typ": "JWT", "alg": "RS256", "x5t": "eQKi0

我正在调用ADFS,以使用OAuth授权码Grant获取访问令牌。 我正在表单中获取访问令牌

{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...."
 "token_type":"bearer",
 "expires":3600}
现在,我正在复制access_令牌值并将其粘贴到 它可以完美解码,但签名无效

Jwt.io的头返回:

{
"typ": "JWT",
"alg": "RS256",
"x5t": "eQKi04zWoOV3eLmNNBrI2_rbqSY"
}
我有pem令牌签名证书,看起来像:

-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIKUJvNQgAAAAANxTA...
BgNVBAcTBEtlbnQxJjAkBgNVBAoTHVR...
-----END CERTIFICATE-----
现在,如何使用System.IdentityModel.Tokens.Jwt或任何其他方法使用证书验证令牌

请帮忙。

经过大量研究,我找到了答案。将其张贴在此处,以便对其他人有所帮助

  string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
  var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
  var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken; 

//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
 X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));

 var certToken = new X509SecurityToken(clientCertificate);

 var validationParameters = new TokenValidationParameters()
    {   
        IssuerSigningToken = certToken,
        ValidAudience = audience,
        ValidIssuer = issuer,
        ValidateLifetime = true,
        ValidateAudience = true,
        ValidateIssuer = true,
        ValidateIssuerSigningKey = true
    };


    try
    {
       SecurityToken validatedToken;
       var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);

    }
    catch (Exception err)
    {

        Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
    }
经过大量研究,我找到了答案。将其张贴在此处,以便对其他人有所帮助

  string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
  var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
  var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken; 

//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
 X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));

 var certToken = new X509SecurityToken(clientCertificate);

 var validationParameters = new TokenValidationParameters()
    {   
        IssuerSigningToken = certToken,
        ValidAudience = audience,
        ValidIssuer = issuer,
        ValidateLifetime = true,
        ValidateAudience = true,
        ValidateIssuer = true,
        ValidateIssuerSigningKey = true
    };


    try
    {
       SecurityToken validatedToken;
       var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);

    }
    catch (Exception err)
    {

        Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
    }