Skip to content
Snippets Groups Projects
Commit fe472c1b authored by Klaus Fischer's avatar Klaus Fischer
Browse files

WIP: Validation of JWT signature

parent 1536f31b
No related branches found
No related tags found
1 merge request!6Routing Api
Hide whitespace changes
Inline Side-by-side
.idea/.idea.FitConnect/.idea/.name deleted 100644 → 0
+ 0
1
View file @ 1536f31b
FitConnect
\ No newline at end of file
EncryptionTests/EncryptionTests.csproj
+ 10
10
View file @ fe472c1b
......@@ -10,22 +10,22 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="FluentAssertions" Version="6.7.0"/>
<PackageReference Include="Microsoft.Extensions.Logging" Version="6.0.0"/>
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="6.0.0"/>
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.11.0"/>
<PackageReference Include="NUnit" Version="3.13.2"/>
<PackageReference Include="NUnit3TestAdapter" Version="4.0.0"/>
<PackageReference Include="coverlet.collector" Version="3.1.0"/>
<PackageReference Include="FluentAssertions" Version="6.7.0" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="6.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="6.0.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.11.0" />
<PackageReference Include="NUnit" Version="3.13.2" />
<PackageReference Include="NUnit3TestAdapter" Version="4.0.0" />
<PackageReference Include="coverlet.collector" Version="3.1.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\FitConnect\FitConnect.csproj"/>
<ProjectReference Include="..\MockContainer\MockContainer.csproj"/>
<ProjectReference Include="..\FitConnect\FitConnect.csproj" />
<ProjectReference Include="..\MockContainer\MockContainer.csproj" />
</ItemGroup>
<ItemGroup>
<Folder Include="Certificates"/>
<Folder Include="Certificates" />
</ItemGroup>
<ItemGroup>
......
EncryptionTests/TokenValidation.cs 0 → 100644
+ 28
0
View file @ fe472c1b
using FitConnect.Encryption;
using FluentAssertions;
using NUnit.Framework;
namespace SenderTest;
[TestFixture]
public class TokenValidation {
[Test]
public void TestTokenValidator_pass() {
JoseEncryptor.CheckSignature(
"eyJraWQiOiJhZUJVaFFTOHVhSnZ0ek1jVHlpRUFOM0tXNG02NXVEbUwwWDFBQUlxZENFIiwidHlwIjoiSldUIiwiYWxnIjoiSFM1MTIifQ.eyJzdWJtaXNzaW9uSG9zdCI6InN1Ym1pc3Npb24tYXBpLXRlc3RpbmcuZml0LWNvbm5lY3QuZml0a28uZGV2IiwiaXNzIjoiaHR0cHM6Ly9wb3J0YWwuYXV0aC10ZXN0aW5nLmZpdC1jb25uZWN0LmZpdGtvLmRldiIsInNlcnZpY2VzIjpbeyJnZWJpZXRJRHMiOlsidXJuOmRlOmJ1bmQ6ZGVzdGF0aXM6YmV2b2Vsa2VydW5nc3N0YXRpc3RpazpzY2hsdWVzc2VsOnJzOjA2NDM1MDAxNDAxNCJdLCJsZWlzdHVuZ0lEcyI6WyJ1cm46ZGU6ZmltOmxlaWthOmxlaXN0dW5nOjk5MTIzNDU2NzYwNjEwIl19XSwiZGVzdGluYXRpb25JZCI6ImQ0MGU3YjEzLWRhOTgtNGIwOS05ZTE2LWJiZDYxY2E4MTUxMCIsImlhdCI6MTY1MjI5MTM5MCwianRpIjoiZDhiNTUzNjUtZjQzMy00YjYzLWI4N2ItMWVkYjU2N2M5ZmFjIn0.4baeODaTtpx_iy81TsqF8l6VJu3tzgjJHm0h-tZAJgYfCnFMu5Kjg613Yt7YHeY-_BEnipVcMeeWnY15qOoqiQ",
"4Y0sJhadfrQnNZXeS7Pqh73FvtFPXLvLw11h7OiZM0DlqvRNgoYHO5k-kxJKOVCaFek0LjKM1_VQxMVpdChCkHeapdTg60oQTQZj3pG0boR3LStbqN3hNEx_JZC4aHH16kau0vqBBPiOOoq-ExUz-hXz_GMLsp9QVqIkw9okO_tzNPjQOo--GM8r4eSsKzgSHZzmepc9Gfk16eraGicBevlkclk32TmWIE_ErD31dtVbBlK-7GG2NUe-o_5rkiCJ2EwKRHZlLkBYJkkj_IjeUdKc4dawXoE8L83DSBPyapX47_L1VHTnT0hJdOVe6WHtvzzpusZ0Au-YDhp6LSwXnU9d0-VzBJmQvtrep1FM0d9aQrz0e0lVf8wCn13VdKO_FBZw9D7i0XRhF8JqQRblqhcCY7UGshbTTM8HORMFONHFmSQm10qfV29PLmztOhIuubMyYe1DPnlfRkpn5jnt8IPoopl6MliDKSc3m4dgG23KylBpTLr3U-XGQrTlerjrYh4t1LXiJ-jQhLefkak_WnExZJSXv601BgmbGj3GdIhS6lxdMX62cOuwKLVISOmHHxvimpQwhtYwiFR9OmGoKVgtCQ5eMKLwGWVwXSvUJ5YXH-yUyNW1_vOrt0DAtYmXwS_Ij0bMg9WoXKJ-5NtQpnnIzw1lr5bW5fNn2TgWpH")
.Should().BeTrue();
}
[Test]
public void TestTokenValidator_fail() {
JoseEncryptor.CheckSignature(
"eyJraWQiOiJhZUJVaFFTOHVhSnZ0ek1jVHlpRUFOM0tXNG02NXVEbUwwWDFBQUlxZENFIiwidHlwIjoiSldUIiwiYWxnIjoiSFM1MTIifQ.eyJzdWJtaXNzaW9uSG9zdCI6InN1Ym1pc3Npb24tYXBpLXRlc3RpbmcuZml0LWNvbm5lY3QuZml0a28uZGV2IiwiaXNzIjoiaHR0cHM6Ly9wb3J0YWwuYXV0aC10ZXN0aW5nLmZpdC1jb25uZWN0LmZpdGtvLmRldiIsInNlcnZpY2VzIjpbeyJnZWJpZXRJRHMiOlsidXJuOmRlOmJ1bmQ6ZGVzdGF0aXM6YmV2b2Vsa2VydW5nc3N0YXRpc3RpazpzY2hsdWVzc2VsOnJzOjA2NDM1MDAxNDAxNCJdLCJsZWlzdHVuZ0lEcyI6WyJ1cm46ZGU6ZmltOmxlaWthOmxlaXN0dW5nOjk5MTIzNDU2NzYwNjEwIl19XSwiZGVzdGluYXRpb25JZCI6ImQ0MGU3YjEzLWRhOTgtNGIwOS05ZTE2LWJiZDYxY2E4MTUxMCIsImlhdCI6MTY1MjI5MTM5MCwianRpIjoiZDhiNTUzNjUtZjQzMy00YjYzLWI4N2ItMWVkYjU2N2M5ZmFjIn0.4baeODaTtpx_iy81TsqF8l6VJu3tzgjJHm0h-tZAJgYfCnFMu5Kjg613Yt7YHeY-_BEnipVcMeeWnY15qOoqiQ",
"5Y0sJhadfrQnNZXeS7Pqh73FvtFPXLvLw11h7OiZM0DlqvRNgoYHO5k-kxJKOVCaFek0LjKM1_VQxMVpdChCkHeapdTg60oQTQZj3pG0boR3LStbqN3hNEx_JZC4aHH16kau0vqBBPiOOoq-ExUz-hXz_GMLsp9QVqIkw9okO_tzNPjQOo--GM8r4eSsKzgSHZzmepc9Gfk16eraGicBevlkclk32TmWIE_ErD31dtVbBlK-7GG2NUe-o_5rkiCJ2EwKRHZlLkBYJkkj_IjeUdKc4dawXoE8L83DSBPyapX47_L1VHTnT0hJdOVe6WHtvzzpusZ0Au-YDhp6LSwXnU9d0-VzBJmQvtrep1FM0d9aQrz0e0lVf8wCn13VdKO_FBZw9D7i0XRhF8JqQRblqhcCY7UGshbTTM8HORMFONHFmSQm10qfV29PLmztOhIuubMyYe1DPnlfRkpn5jnt8IPoopl6MliDKSc3m4dgG23KylBpTLr3U-XGQrTlerjrYh4t1LXiJ-jQhLefkak_WnExZJSXv601BgmbGj3GdIhS6lxdMX62cOuwKLVISOmHHxvimpQwhtYwiFR9OmGoKVgtCQ5eMKLwGWVwXSvUJ5YXH-yUyNW1_vOrt0DAtYmXwS_Ij0bMg9WoXKJ-5NtQpnnIzw1lr5bW5fNn2TgWpH")
.Should().BeFalse();
}
}
FitConnect/Encryption/JoseEncryptor.cs
+ 24
0
View file @ fe472c1b
using System.IdentityModel.Tokens.Jwt;
using System.Security.Principal;
using System.Text;
using Jose;
using Microsoft.IdentityModel.Tokens;
// ReSharper disable RedundantExplicitArrayCreation
......@@ -69,4 +73,24 @@ public class JoseEncryptor : IEncryptor {
return (result.Plaintext, result.PlaintextBytes, result.AuthTag);
}
/// <summary>
///
/// </summary>
/// <param name="key"></param>
/// <param name="payload"></param>
/// <returns></returns>
public static bool CheckSignature(string token, string key) {
var tokenHandler = new JwtSecurityTokenHandler();
var validationParameters = new TokenValidationParameters {
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key)),
ValidAlgorithms = new[] { SecurityAlgorithms.HmacSha512 },
};
var principal =
tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
return true;
}
}
FitConnect/Models/FitConnectEnvironment.cs
+ 11
4
View file @ fe472c1b
......@@ -7,22 +7,27 @@ namespace FitConnect.Models;
// }
public class FitConnectEnvironment {
private readonly string _sspUrl;
public static readonly FitConnectEnvironment Development = new(
"https://auth-testing.fit-connect.fitko.dev/token",
new[] { "https://submission-api-testing.fit-connect.fitko.dev" },
"https://routing-api-testing.fit-connect.fitko.dev"
"https://routing-api-testing.fit-connect.fitko.dev",
"https://portal.auth-testing.fit-connect.fitko.dev/.well-known/jwks.json"
);
public static readonly FitConnectEnvironment Testing = new(
"https://auth-testing.fit-connect.fitko.dev/token",
new[] { "https://submission-api-testing.fit-connect.fitko.dev" },
"https://routing-api-testing.fit-connect.fitko.dev"
"https://routing-api-testing.fit-connect.fitko.dev",
"https://portal.auth-testing.fit-connect.fitko.dev/.well-known/jwks.json"
);
public static readonly FitConnectEnvironment Production = new(
"https://auth-testing.fit-connect.fitko.dev/token",
new[] { "https://submission-api-testing.fit-connect.fitko.dev" },
"https://routing-api-testing.fit-connect.fitko.dev"
"https://routing-api-testing.fit-connect.fitko.dev",
"https://portal.auth-testing.fit-connect.fitko.dev/.well-known/jwks.json"
);
public FitConnectEnvironment() {
......@@ -34,7 +39,9 @@ public class FitConnectEnvironment {
/// <param name="tokenUrl">URL for receiving the OAuth token</param>
/// <param name="submissionUrl">URL for the submission API</param>
/// <param name="routingUrl">URL for the routing API</param>
public FitConnectEnvironment(string tokenUrl, string[] submissionUrl, string routingUrl) {
public FitConnectEnvironment(string tokenUrl, string[] submissionUrl, string routingUrl,
string sspUrl) {
_sspUrl = sspUrl;
TokenUrl = tokenUrl;
SubmissionUrl = submissionUrl;
RoutingUrl = routingUrl;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment