Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How Bearer tokens (OAuth2) are created?

Tags:

asp.net-web-api

encryption

oauth-2.0

asp.net-identity

bearer-token

I want to know, what is the internal process to encrypt and decrypt a Bearer token used in OAuth2 and the code in Asp.Net Identity.

Once the server receives a token, it is able to retrieve the UserId, Roles, Claims and all properties inside it. So, how are Bearer tokens decrypted? What is encryption algorithm and the code used?

like image 495
Xavier Egea Avatar asked Sep 16 '14 21:09

Xavier Egea

1 Answers

Where are you obtaining the token from? Tokens are seldom encrypted (sometimes they are), but they will always be encoded (and signed). OpenID (a protocol on top of OAuth2) uses JWT. OAuth2 (not OpenID) uses "opaque" tokens.

See http://jwt.io for libraries on decoding a JWT.

like image 67
Eugenio Pace Avatar answered Oct 31 '22 09:10

Eugenio Pace
Sign in to Comment

Related questions

How to encrypt a .jar file
What symmetric cypher to use for encrypting messages?
RAR passwords, why don't rainbow tables work? [closed]
What is the "length" parameter of AES EVP_Decrypt?
GCM Multiplication Implementation
Converting a int to a BCD byte array
Securing Coredata objects
Signing assembly with Private Key
"try-finally" block vs. "using" block when disposing of SymmetricAlgorithm
Changing Laravel 5.4 password encryption and table column names
SSL Alternative - encrypt password with JavaScript submit to PHP to decrypt
How to connect user with a login cookie in PHP?
What's a good two-way encryption library implemented in Python?
How can I decrypt SHA-512 hash code using salt?
Is base64 considered encryption in an iPhone app?
Is it possible to use AES with an IV in ECB mode?
Which is the best encryption mechanism, Triple DES or RC4?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!