如何使用带有签名证书的C#JWT包解码JWT
我正在调用ADFS,以使用OAuth授权码Grant获取访问令牌。 我正在表单中获取访问令牌如何使用带有签名证书的C#JWT包解码JWT,c#,oauth,jwt,adfs3.0,C#,Oauth,Jwt,Adfs3.0,我正在调用ADFS,以使用OAuth授权码Grant获取访问令牌。 我正在表单中获取访问令牌 {"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...." "token_type":"bearer", "expires":3600} 现在,我正在复制access_令牌值并将其粘贴到 它可以完美解码,但签名无效 Jwt.io的头返回: { "typ": "JWT", "alg": "RS256", "x5t": "eQKi0
{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...."
"token_type":"bearer",
"expires":3600}
现在,我正在复制access_令牌值并将其粘贴到
它可以完美解码,但签名无效
Jwt.io的头返回:
{
"typ": "JWT",
"alg": "RS256",
"x5t": "eQKi04zWoOV3eLmNNBrI2_rbqSY"
}
我有pem令牌签名证书,看起来像:
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIKUJvNQgAAAAANxTA...
BgNVBAcTBEtlbnQxJjAkBgNVBAoTHVR...
-----END CERTIFICATE-----
现在,如何使用System.IdentityModel.Tokens.Jwt或任何其他方法使用证书验证令牌
请帮忙。经过大量研究,我找到了答案。将其张贴在此处,以便对其他人有所帮助
string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken;
//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));
var certToken = new X509SecurityToken(clientCertificate);
var validationParameters = new TokenValidationParameters()
{
IssuerSigningToken = certToken,
ValidAudience = audience,
ValidIssuer = issuer,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true
};
try
{
SecurityToken validatedToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
}
catch (Exception err)
{
Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
}
经过大量研究,我找到了答案。将其张贴在此处,以便对其他人有所帮助
string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken;
//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));
var certToken = new X509SecurityToken(clientCertificate);
var validationParameters = new TokenValidationParameters()
{
IssuerSigningToken = certToken,
ValidAudience = audience,
ValidIssuer = issuer,
ValidateLifetime = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true
};
try
{
SecurityToken validatedToken;
var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
}
catch (Exception err)
{
Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
}