Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Verifying a JWT using the public key with C#

Tags:

c#

.net

jwt

azure

I am building a React app backed by Azure functions written in C#. I've implemented JWT authentication via Userfront which is working fine on the front end but I'm struggling to verify the token using the public key in the functions.

I've tried numerous approaches, JWT-DotNet being the most recent but to no avail.

Can anyone please provide a working code example?

Here is what I have currently (which errors when creating the new RS256Algorithm with "Cannot find the requested object."):

var headers = req.Headers;
if (!headers.TryGetValue("Authorization", out var tokenHeader))
   return new StatusCodeResult(StatusCodes.Status403Forbidden);

var token = tokenHeader[0].Replace("Bearer ", "");

var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("Userfront_PublicKey"));

var urlEncoder = new JwtBase64UrlEncoder();
var publicKey = urlEncoder.Encode(plainTextBytes);

try
{
   IJsonSerializer serializer = new JsonNetSerializer();
   var provider = new UtcDateTimeProvider();
   IJwtValidator validator = new JwtValidator(serializer, provider);
   IJwtAlgorithm algorithm = new RS256Algorithm(new X509Certificate2(plainTextBytes));
   IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder,algorithm);

   var json = decoder.Decode(token[0], publicKey, verify: true);
}
catch (TokenExpiredException)
   ...
catch (SignatureVerificationException)
   ...
like image 985
DiscoStu1975 Avatar asked Nov 06 '22 01:11

DiscoStu1975

1 Answers

Assuming that the environment variable "Userfront_PublicKey" contains a PEM-encoded RSA public key, i.e.:

-----BEGIN RSA PUBLIC KEY-----
(your base64-encoded RSA public key)
-----END RSA PUBLIC KEY-----

then I would try the following (not tested, sorry):

var headers = req.Headers;
if (!headers.TryGetValue("Authorization", out var tokenHeader))
    return new StatusCodeResult(StatusCodes.Status403Forbidden);

var token = tokenHeader[0].Replace("Bearer ", "");

var publicKeyPem = Environment.GetEnvironmentVariable("Userfront_PublicKey");
var publicKey = RSA.Create();
publicKey.ImportFromPem(publicKeyPem);

try
{
    var json = JwtBuilder.Create()
                         .WithAlgorithm(new RS256Algorithm(publicKey))
                         .MustVerifySignature()
                         .Decode(token); 
}
catch (TokenExpiredException)
...
catch (SignatureVerificationException)
...
like image 153
jsiwrk Avatar answered Nov 12 '22 19:11

jsiwrk
Sign in to Comment

Related questions

Memory Leak with EF Core Logging
Azure Functions: timer trigger and consumption plan issue
Bug in DateTime handling of Cosmos DB DocumentClient
How to set Title for OpenFolderDialog in an Avalonia application?
Adding an ETA to an embedded loop sequence
How to get the correct INavigationService instance on resolving a type manually in Prism application
Cannot debug client side blazor
Wait time for queue-triggered Azure Functions is very high compared to equivalent Webjobs
How to redirect to set logout page after external logout (openid Connect ) Asp net core 3.1
How to insert a silence of specific duration at an arbitrary position of a MP3 file?
Bot doesn't unmute user when setting guildUserProperties.Mute to false
Make diagnostic errors reported by a C# source generator appear in the Visual Studio editor
Overriding a DataModel inside a DLL
ILASM problem when dealing with double NaN and Inf
Using GetEnumerator in PowerShell on IEnumerable implemented using C# yield return
PropertyGrid and Dynamic Types of Objects
Reflection with generic syntax fails on a return parameter of an overridden method
Converting between time zones with Noda Time
Converting bool expression to char in c#

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!