JWT Verify
This commit is contained in:
parent
a6d0dbe33d
commit
13ed90803c
|
@ -10,11 +10,87 @@ using System.Text;
|
|||
using BCryptNet = BCrypt.Net.BCrypt;
|
||||
using System.Diagnostics;
|
||||
using System.Net;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.IO;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.OpenSsl;
|
||||
using Org.BouncyCastle.Security;
|
||||
|
||||
namespace FIT5032_Assignment.Controllers
|
||||
{
|
||||
public class HomeController : Controller
|
||||
{
|
||||
public static RsaSecurityKey LoadRsaSecurityKeyFromPem(string pem)
|
||||
{
|
||||
TextReader textReader = new StringReader(pem);
|
||||
PemReader pemReader = new PemReader(textReader);
|
||||
AsymmetricKeyParameter keyParameter = (AsymmetricKeyParameter)pemReader.ReadObject();
|
||||
|
||||
RSAParameters rsaParameters = DotNetUtilities.ToRSAParameters((Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)keyParameter);
|
||||
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
|
||||
rsa.ImportParameters(rsaParameters);
|
||||
|
||||
return new RsaSecurityKey(rsa);
|
||||
}
|
||||
private String loginVerify(string token)
|
||||
{
|
||||
|
||||
var jwtHandler = new JwtSecurityTokenHandler();
|
||||
var jwtToken = jwtHandler.ReadJwtToken(token);
|
||||
|
||||
string base64Publickey = "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQTRUWEQwVEh4NnJjNXlQcXM0Skw5M01nVEgvTS95Z2s3V1pYWWsrS01XTTA0bDdzM3owRlMKODlDRE56SFJkbVpJb3RCbDgrcUJ5TUwvck5VcUhXMnJ1Uzg0dmxFaWdza2djK2RsaitCZXFsaGsySFRpQitpegpQcGdCU1FJc2YrZjdSU3dkYktFS2hRQm1La3MxVGF4YWNDUndPVWJKT1VQbjJXZmhVSHhRd0FwZGNCQWdNdHVNCld3QzJZRThGblFRZDhxc3dMTTBGQWhoSzUrdXRXY0s0bHdCVlFxUGJRaUJZYnZmWXkwYVF6UFB2V2NMR1JvR00KUVA1b1JCTmRuRzQ4Sm9Eb2tCSEJkbCt4RzM1L1U2N1BvejFKY0VVSnpWTHdIUFNHa0xyRU1OYlFrbnJSK2tHZwpnS1dWNFpvYWVOSHZVeFE3YVg3SElFMlc1UnIwRmxGUG1RSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K";
|
||||
RsaSecurityKey rsaKey = LoadRsaSecurityKeyFromPem(Encoding.UTF8.GetString(Convert.FromBase64String(base64Publickey)));
|
||||
// Valid time 3600s
|
||||
var validationParameters = new TokenValidationParameters()
|
||||
{
|
||||
ValidIssuer = "https://auth.passage.id/v1/apps/ZHM5whW5xsZEczTn2loffzjN",
|
||||
ValidateAudience = false,
|
||||
IssuerSigningKey = rsaKey,
|
||||
ValidateLifetime = true,
|
||||
ClockSkew = TimeSpan.FromSeconds(3600)
|
||||
};
|
||||
|
||||
try
|
||||
{
|
||||
var claimsPrincipal = jwtHandler.ValidateToken(token, validationParameters, out var rawValidatedToken);
|
||||
}
|
||||
catch (SecurityTokenExpiredException)
|
||||
{
|
||||
Trace.WriteLine("Token has expired");
|
||||
return null;
|
||||
}
|
||||
catch (SecurityTokenInvalidSignatureException)
|
||||
{
|
||||
Trace.WriteLine("Token has invalid signature");
|
||||
return null;
|
||||
}
|
||||
catch (SecurityTokenInvalidIssuerException)
|
||||
{
|
||||
Trace.WriteLine("Token has invalid issuer");
|
||||
return null;
|
||||
}
|
||||
catch (SecurityTokenInvalidAudienceException)
|
||||
{
|
||||
Trace.WriteLine("Token has invalid audience");
|
||||
return null;
|
||||
}
|
||||
catch (SecurityTokenValidationException)
|
||||
{
|
||||
Trace.WriteLine("Token failed validation");
|
||||
return null;
|
||||
}
|
||||
catch (ArgumentException)
|
||||
{
|
||||
Trace.WriteLine("Token was empty or null");
|
||||
return null;
|
||||
}
|
||||
|
||||
string sub = jwtToken.Claims.First(claim => claim.Type == "sub").Value;
|
||||
|
||||
return sub;
|
||||
}
|
||||
|
||||
private Database1Entities db = new Database1Entities();
|
||||
|
||||
private string GenerateRandomString(int length)
|
||||
|
@ -41,6 +117,17 @@ namespace FIT5032_Assignment.Controllers
|
|||
// See cookies
|
||||
var psg_auth_token = Request.Cookies["psg_auth_token"];
|
||||
Trace.WriteLine(psg_auth_token.Value);
|
||||
// JWT Verify
|
||||
string sub = loginVerify(psg_auth_token.Value);
|
||||
if (sub == null)
|
||||
{
|
||||
return RedirectToAction("Login");
|
||||
}
|
||||
else
|
||||
{
|
||||
Trace.WriteLine(sub);
|
||||
}
|
||||
|
||||
return View();
|
||||
}
|
||||
|
||||
|
|
|
@ -49,6 +49,9 @@
|
|||
<Reference Include="BCrypt.Net-Next, Version=4.0.3.0, Culture=neutral, PublicKeyToken=1e11be04b6288443, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\BCrypt.Net-Next.4.0.3\lib\net48\BCrypt.Net-Next.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="BouncyCastle.Crypto, Version=1.8.9.0, Culture=neutral, PublicKeyToken=0e99375e54769942">
|
||||
<HintPath>..\packages\BouncyCastle.1.8.9\lib\BouncyCastle.Crypto.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\EntityFramework.6.4.4\lib\net45\EntityFramework.dll</HintPath>
|
||||
</Reference>
|
||||
|
@ -62,6 +65,18 @@
|
|||
<HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.6.0.0\lib\net461\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.CSharp" />
|
||||
<Reference Include="Microsoft.IdentityModel.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Abstractions.7.0.0\lib\net472\Microsoft.IdentityModel.Abstractions.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.JsonWebTokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.JsonWebTokens.7.0.0\lib\net472\Microsoft.IdentityModel.JsonWebTokens.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.Logging, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Logging.7.0.0\lib\net472\Microsoft.IdentityModel.Logging.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.Tokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Tokens.7.0.0\lib\net472\Microsoft.IdentityModel.Tokens.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\Newtonsoft.Json.13.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
|
||||
</Reference>
|
||||
|
@ -71,8 +86,11 @@
|
|||
</Reference>
|
||||
<Reference Include="System.Data" />
|
||||
<Reference Include="System.Drawing" />
|
||||
<Reference Include="System.Memory, Version=4.0.1.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\System.Memory.4.5.4\lib\net461\System.Memory.dll</HintPath>
|
||||
<Reference Include="System.IdentityModel.Tokens.Jwt, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\System.IdentityModel.Tokens.Jwt.7.0.0\lib\net472\System.IdentityModel.Tokens.Jwt.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="System.Memory, Version=4.0.1.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
|
||||
<HintPath>..\packages\System.Memory.4.5.5\lib\net461\System.Memory.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="System.Numerics" />
|
||||
<Reference Include="System.Numerics.Vectors, Version=4.1.4.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
|
||||
|
|
|
@ -56,6 +56,18 @@
|
|||
<assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
|
||||
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
|
||||
</dependentAssembly>
|
||||
<dependentAssembly>
|
||||
<assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
|
||||
<bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2" />
|
||||
</dependentAssembly>
|
||||
<dependentAssembly>
|
||||
<assemblyIdentity name="System.Text.Json" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
|
||||
<bindingRedirect oldVersion="0.0.0.0-6.0.0.7" newVersion="6.0.0.7" />
|
||||
</dependentAssembly>
|
||||
<dependentAssembly>
|
||||
<assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
|
||||
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
|
||||
</dependentAssembly>
|
||||
</assemblyBinding>
|
||||
</runtime>
|
||||
<system.codedom>
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
<package id="Antlr" version="3.5.0.2" targetFramework="net48" />
|
||||
<package id="BCrypt.Net-Next" version="4.0.3" targetFramework="net48" />
|
||||
<package id="bootstrap" version="5.2.3" targetFramework="net48" />
|
||||
<package id="BouncyCastle" version="1.8.9" targetFramework="net48" />
|
||||
<package id="EntityFramework" version="6.4.4" targetFramework="net48" />
|
||||
<package id="jQuery" version="3.4.1" targetFramework="net48" />
|
||||
<package id="jQuery.Validation" version="1.17.0" targetFramework="net48" />
|
||||
|
@ -13,12 +14,17 @@
|
|||
<package id="Microsoft.AspNet.WebPages" version="3.2.9" targetFramework="net48" />
|
||||
<package id="Microsoft.Bcl.AsyncInterfaces" version="6.0.0" targetFramework="net48" />
|
||||
<package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.1" targetFramework="net48" />
|
||||
<package id="Microsoft.IdentityModel.Abstractions" version="7.0.0" targetFramework="net48" />
|
||||
<package id="Microsoft.IdentityModel.JsonWebTokens" version="7.0.0" targetFramework="net48" />
|
||||
<package id="Microsoft.IdentityModel.Logging" version="7.0.0" targetFramework="net48" />
|
||||
<package id="Microsoft.IdentityModel.Tokens" version="7.0.0" targetFramework="net48" />
|
||||
<package id="Microsoft.jQuery.Unobtrusive.Validation" version="3.2.11" targetFramework="net48" />
|
||||
<package id="Microsoft.Web.Infrastructure" version="2.0.1" targetFramework="net48" />
|
||||
<package id="Modernizr" version="2.8.3" targetFramework="net48" />
|
||||
<package id="Newtonsoft.Json" version="13.0.2" targetFramework="net48" />
|
||||
<package id="System.Buffers" version="4.5.1" targetFramework="net48" />
|
||||
<package id="System.Memory" version="4.5.4" targetFramework="net48" />
|
||||
<package id="System.IdentityModel.Tokens.Jwt" version="7.0.0" targetFramework="net48" />
|
||||
<package id="System.Memory" version="4.5.5" targetFramework="net48" />
|
||||
<package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net48" />
|
||||
<package id="System.Runtime.CompilerServices.Unsafe" version="6.0.0" targetFramework="net48" />
|
||||
<package id="System.Text.Encodings.Web" version="6.0.0" targetFramework="net48" />
|
||||
|
|
Loading…
Reference in New Issue
Block a user