WIP: Validation of JWT signature

8c7591ba · Klaus Fischer · 67730cc5 · 67730cc5 · 8c7591ba · 8c7591ba
Commit 8c7591ba authored 2 years ago by Klaus Fischer
--- a/.idea/.idea.FitConnect/.idea/.name
+++ b/.idea/.idea.FitConnect/.idea/.name
-FitConnect
\ No newline at end of file
--- a/EncryptionTests/TokenValidation.cs
+++ b/EncryptionTests/TokenValidation.cs
+using FitConnect.Encryption;
+using FluentAssertions;
+using NUnit.Framework;
+
+namespace SenderTest; 
+
+[TestFixture]
+public class TokenValidation {
+
+
+    [Test]
+    public void TestTokenValidator_pass() {
+        JoseEncryptor.CheckSignature(
+                "eyJraWQiOiJhZUJVaFFTOHVhSnZ0ek1jVHlpRUFOM0tXNG02NXVEbUwwWDFBQUlxZENFIiwidHlwIjoiSldUIiwiYWxnIjoiSFM1MTIifQ.eyJzdWJtaXNzaW9uSG9zdCI6InN1Ym1pc3Npb24tYXBpLXRlc3RpbmcuZml0LWNvbm5lY3QuZml0a28uZGV2IiwiaXNzIjoiaHR0cHM6Ly9wb3J0YWwuYXV0aC10ZXN0aW5nLmZpdC1jb25uZWN0LmZpdGtvLmRldiIsInNlcnZpY2VzIjpbeyJnZWJpZXRJRHMiOlsidXJuOmRlOmJ1bmQ6ZGVzdGF0aXM6YmV2b2Vsa2VydW5nc3N0YXRpc3RpazpzY2hsdWVzc2VsOnJzOjA2NDM1MDAxNDAxNCJdLCJsZWlzdHVuZ0lEcyI6WyJ1cm46ZGU6ZmltOmxlaWthOmxlaXN0dW5nOjk5MTIzNDU2NzYwNjEwIl19XSwiZGVzdGluYXRpb25JZCI6ImQ0MGU3YjEzLWRhOTgtNGIwOS05ZTE2LWJiZDYxY2E4MTUxMCIsImlhdCI6MTY1MjI5MTM5MCwianRpIjoiZDhiNTUzNjUtZjQzMy00YjYzLWI4N2ItMWVkYjU2N2M5ZmFjIn0.4baeODaTtpx_iy81TsqF8l6VJu3tzgjJHm0h-tZAJgYfCnFMu5Kjg613Yt7YHeY-_BEnipVcMeeWnY15qOoqiQ",
+                "4Y0sJhadfrQnNZXeS7Pqh73FvtFPXLvLw11h7OiZM0DlqvRNgoYHO5k-kxJKOVCaFek0LjKM1_VQxMVpdChCkHeapdTg60oQTQZj3pG0boR3LStbqN3hNEx_JZC4aHH16kau0vqBBPiOOoq-ExUz-hXz_GMLsp9QVqIkw9okO_tzNPjQOo--GM8r4eSsKzgSHZzmepc9Gfk16eraGicBevlkclk32TmWIE_ErD31dtVbBlK-7GG2NUe-o_5rkiCJ2EwKRHZlLkBYJkkj_IjeUdKc4dawXoE8L83DSBPyapX47_L1VHTnT0hJdOVe6WHtvzzpusZ0Au-YDhp6LSwXnU9d0-VzBJmQvtrep1FM0d9aQrz0e0lVf8wCn13VdKO_FBZw9D7i0XRhF8JqQRblqhcCY7UGshbTTM8HORMFONHFmSQm10qfV29PLmztOhIuubMyYe1DPnlfRkpn5jnt8IPoopl6MliDKSc3m4dgG23KylBpTLr3U-XGQrTlerjrYh4t1LXiJ-jQhLefkak_WnExZJSXv601BgmbGj3GdIhS6lxdMX62cOuwKLVISOmHHxvimpQwhtYwiFR9OmGoKVgtCQ5eMKLwGWVwXSvUJ5YXH-yUyNW1_vOrt0DAtYmXwS_Ij0bMg9WoXKJ-5NtQpnnIzw1lr5bW5fNn2TgWpH")
+            .Should().BeTrue();
+    }
+
+    [Test]
+    public void TestTokenValidator_fail() {
+        JoseEncryptor.CheckSignature(
+                "eyJraWQiOiJhZUJVaFFTOHVhSnZ0ek1jVHlpRUFOM0tXNG02NXVEbUwwWDFBQUlxZENFIiwidHlwIjoiSldUIiwiYWxnIjoiSFM1MTIifQ.eyJzdWJtaXNzaW9uSG9zdCI6InN1Ym1pc3Npb24tYXBpLXRlc3RpbmcuZml0LWNvbm5lY3QuZml0a28uZGV2IiwiaXNzIjoiaHR0cHM6Ly9wb3J0YWwuYXV0aC10ZXN0aW5nLmZpdC1jb25uZWN0LmZpdGtvLmRldiIsInNlcnZpY2VzIjpbeyJnZWJpZXRJRHMiOlsidXJuOmRlOmJ1bmQ6ZGVzdGF0aXM6YmV2b2Vsa2VydW5nc3N0YXRpc3RpazpzY2hsdWVzc2VsOnJzOjA2NDM1MDAxNDAxNCJdLCJsZWlzdHVuZ0lEcyI6WyJ1cm46ZGU6ZmltOmxlaWthOmxlaXN0dW5nOjk5MTIzNDU2NzYwNjEwIl19XSwiZGVzdGluYXRpb25JZCI6ImQ0MGU3YjEzLWRhOTgtNGIwOS05ZTE2LWJiZDYxY2E4MTUxMCIsImlhdCI6MTY1MjI5MTM5MCwianRpIjoiZDhiNTUzNjUtZjQzMy00YjYzLWI4N2ItMWVkYjU2N2M5ZmFjIn0.4baeODaTtpx_iy81TsqF8l6VJu3tzgjJHm0h-tZAJgYfCnFMu5Kjg613Yt7YHeY-_BEnipVcMeeWnY15qOoqiQ",
+                "5Y0sJhadfrQnNZXeS7Pqh73FvtFPXLvLw11h7OiZM0DlqvRNgoYHO5k-kxJKOVCaFek0LjKM1_VQxMVpdChCkHeapdTg60oQTQZj3pG0boR3LStbqN3hNEx_JZC4aHH16kau0vqBBPiOOoq-ExUz-hXz_GMLsp9QVqIkw9okO_tzNPjQOo--GM8r4eSsKzgSHZzmepc9Gfk16eraGicBevlkclk32TmWIE_ErD31dtVbBlK-7GG2NUe-o_5rkiCJ2EwKRHZlLkBYJkkj_IjeUdKc4dawXoE8L83DSBPyapX47_L1VHTnT0hJdOVe6WHtvzzpusZ0Au-YDhp6LSwXnU9d0-VzBJmQvtrep1FM0d9aQrz0e0lVf8wCn13VdKO_FBZw9D7i0XRhF8JqQRblqhcCY7UGshbTTM8HORMFONHFmSQm10qfV29PLmztOhIuubMyYe1DPnlfRkpn5jnt8IPoopl6MliDKSc3m4dgG23KylBpTLr3U-XGQrTlerjrYh4t1LXiJ-jQhLefkak_WnExZJSXv601BgmbGj3GdIhS6lxdMX62cOuwKLVISOmHHxvimpQwhtYwiFR9OmGoKVgtCQ5eMKLwGWVwXSvUJ5YXH-yUyNW1_vOrt0DAtYmXwS_Ij0bMg9WoXKJ-5NtQpnnIzw1lr5bW5fNn2TgWpH")
+            .Should().BeFalse();
+    }
+
+    
+}
--- a/FitConnect/Encryption/JoseEncryptor.cs
+++ b/FitConnect/Encryption/JoseEncryptor.cs
@@ -2,9 +2,7 @@ using System.IdentityModel.Tokens.Jwt;
 using System.Security.Principal;
 using System.Text;
 using Jose;
-using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Tokens;
-using Newtonsoft.Json;

 // ReSharper disable RedundantExplicitArrayCreation

@@ -70,18 +68,29 @@ public class JoseEncryptor : IEncryptor {
        }
    }

-    // public bool TokenValidator(string signature, string key) {
-    //     Jose.Jwk jwk = Jwk.FromJson(key, new JsonMapper());
-    //     var token = Jose.JweToken.FromString(signature);
-    //     Jose.
-    //     
-    //     
-    //     
-    // }
-
    private (string plainText, byte[] plainBytes, byte[] tag) Decrypt(Jwk key, string payload) {
        var result = JWE.Decrypt(payload, key, Algorithm, Encryption);

        return (result.Plaintext, result.PlaintextBytes, result.AuthTag);
    }
+
+
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="key"></param>
+    /// <param name="payload"></param>
+    /// <returns></returns>
+    public static bool CheckSignature(string token, string key) {
+        var tokenHandler = new JwtSecurityTokenHandler();
+
+        var validationParameters = new TokenValidationParameters {
+            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key)),
+            ValidAlgorithms = new[] { SecurityAlgorithms.HmacSha512 },
+        };
+
+        var principal =
+            tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
+        return true;
+    }
 }
--- a/FitConnect/Models/FitConnectEnvironment.cs
+++ b/FitConnect/Models/FitConnectEnvironment.cs
@@ -7,6 +7,7 @@ namespace FitConnect.Models;
 // }

 public class FitConnectEnvironment {
+    private readonly string _sspUrl;

    public static readonly FitConnectEnvironment Testing = new(
        "https://auth-testing.fit-connect.fitko.dev/token",