How to validate and decode a Jwt token from microsoft identity server 4? #134
Comments
|
Hi @fabriziodb , this is RS256 signed token, you can decode / verify signature via: https://github.com/dvsekhvalnov/jose-jwt#verifying-and-decoding-tokens string token = "your-token-here";
var privateKey = ... ; // your private key
string json = Jose.JWT.Decode(token, privateKey);Then apply whatever checks you need, like token not expired, intended audience, e.t.c. |
|
hi, is this the right way to pass the privato key? get always the same error. thanks.
string token = "eyJhbGciOiJSUzI1NiIsImtpZCI6InVVaENEMWZtLUp4OGdIeDRZX2djM1EiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE1OTMwODk3OTMsImV4cCI6MTU5MzA5MzM5MywiaXNzIjoiaHR0cDovL2lkZW50aXR5c2VydmVyLmRldi4yNG9yZXByby5pbi5pbHNvbGUyNG9yZS5pdCIsImF1ZCI6InN3Z19lbnRpdGxlbWVudHMiLCJjbGllbnRfaWQiOiJtdmMiLCJzdWIiOiJmZGIxIiwiYXV0aF90aW1lIjoxNTkzMDg5NzkyLCJpZHAiOiJsb2NhbCIsInJvbGUiOlsiZGF0YUV2ZW50UmVjb3Jkcy5hZG1pbiIsImRhdGFFdmVudFJlY29yZHMudXNlciJdLCJ1c2VybmFtZSI6ImZkYjEiLCJ1c2VySWRlbnRpdHkiOiJQWjVmbThzTStYZS9hbWE0cmlnMXBPOEE3TnI3RVRxSU5DWTNyZzJQc1I0PSIsInNjb3BlIjpbInByb2ZpbGUiLCJvcGVuaWQiLCJzd2dfZW50aXRsZW1lbnRzIiwib2ZmbGluZV9hY2Nlc3MiXSwiYW1yIjpbInB3ZCJdfQ.ml-Jy8wwwC4MtncH_PisVj2H7Ro6kiU8hOs2HfeoPNJ6ExNhHjRxGgXua2GoYPmqBNYBJLSzmiZGHHXVB4pToJ2ETL8nqWhU46hvtpPV1IS6aVjPm2yHcTj2ooDwTDt35xT8sLmvar96_dYPmjkiIWQt9QvI15XqYJ9XF3znudG7dMU7RmWfLo_v_S0U1tz4-90xNMEqxEyoGFkEeB9xes74hfu_Ptd_0k7jOxdYebd1tz2IX3XDDXbBjQyZzxn77Jr2Xs5MCgdCFspDUYCAjnBMpo0hj4I5TAADMGOI7zZFkxmmLArzzmxadcul-475QkmOpw-nmrnKRMs0vriTMg";
Jose.JWT.Decode(token,"secret");
…________________________________
Da: DV <[email protected]>
Inviato: venerdì 26 giugno 2020 15:30
A: dvsekhvalnov/jose-jwt <[email protected]>
Cc: fabriziodb <[email protected]>; Mention <[email protected]>
Oggetto: Re: [dvsekhvalnov/jose-jwt] How to validate and decode a Jwt token from microsoft identity server 4? (#134)
Hi @fabriziodb<https://github.com/fabriziodb> ,
this is RS256 signed token, you can decode / verify signature via: https://github.com/dvsekhvalnov/jose-jwt#verifying-and-decoding-tokens
string token = "your-token-here";
var privateKey = ... ; // your private key
string json = Jose.JWT.Decode(token, privateKey);
Then apply whatever checks you need, like token not expired, intended audience, e.t.c.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#134 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAJMNZXFYKINE6LDUCGOPJTRYSPIPANCNFSM4OIQOAJQ>.
|
|
No. For RS256 you normally read your private key from .p12 file or windows truststore, like var privateKey=new X509Certificate2("key.p12", "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet).PrivateKey as RSACryptoServiceProvider;https://github.com/dvsekhvalnov/jose-jwt#verifying-and-decoding-tokens - covers all cases |
|
thanks, i've to create a file named key.p12 containing the secret inside?
…________________________________
Da: DV <[email protected]>
Inviato: venerdì 26 giugno 2020 16:13
A: dvsekhvalnov/jose-jwt <[email protected]>
Cc: fabriziodb <[email protected]>; Mention <[email protected]>
Oggetto: Re: [dvsekhvalnov/jose-jwt] How to validate and decode a Jwt token from microsoft identity server 4? (#134)
No. For RS256 you normally read your private key from .p12 file or windows truststore, like
var privateKey=new X509Certificate2("key.p12", "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet).PrivateKey as RSACryptoServiceProvider;
https://github.com/dvsekhvalnov/jose-jwt#verifying-and-decoding-tokens - covers all cases
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#134 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAJMNZSJ2WTLWZRSJDCSRULRYSUH7ANCNFSM4OIQOAJQ>.
|
|
no, you actually should have private key, because you registered public part of it microsoft identity server. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please, can anyone help me to understand how to validate and decode a jwt access token release from m$ IS4?
this is a token from the server, thanks.
eyJhbGciOiJSUzI1NiIsImtpZCI6InVVaENEMWZtLUp4OGdIeDRZX2djM1EiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE1OTMwODk3OTMsImV4cCI6MTU5MzA5MzM5MywiaXNzIjoiaHR0cDovL2lkZW50aXR5c2VydmVyLmRldi4yNG9yZXByby5pbi5pbHNvbGUyNG9yZS5pdCIsImF1ZCI6InN3Z19lbnRpdGxlbWVudHMiLCJjbGllbnRfaWQiOiJtdmMiLCJzdWIiOiJmZGIxIiwiYXV0aF90aW1lIjoxNTkzMDg5NzkyLCJpZHAiOiJsb2NhbCIsInJvbGUiOlsiZGF0YUV2ZW50UmVjb3Jkcy5hZG1pbiIsImRhdGFFdmVudFJlY29yZHMudXNlciJdLCJ1c2VybmFtZSI6ImZkYjEiLCJ1c2VySWRlbnRpdHkiOiJQWjVmbThzTStYZS9hbWE0cmlnMXBPOEE3TnI3RVRxSU5DWTNyZzJQc1I0PSIsInNjb3BlIjpbInByb2ZpbGUiLCJvcGVuaWQiLCJzd2dfZW50aXRsZW1lbnRzIiwib2ZmbGluZV9hY2Nlc3MiXSwiYW1yIjpbInB3ZCJdfQ.ml-Jy8wwwC4MtncH_PisVj2H7Ro6kiU8hOs2HfeoPNJ6ExNhHjRxGgXua2GoYPmqBNYBJLSzmiZGHHXVB4pToJ2ETL8nqWhU46hvtpPV1IS6aVjPm2yHcTj2ooDwTDt35xT8sLmvar96_dYPmjkiIWQt9QvI15XqYJ9XF3znudG7dMU7RmWfLo_v_S0U1tz4-90xNMEqxEyoGFkEeB9xes74hfu_Ptd_0k7jOxdYebd1tz2IX3XDDXbBjQyZzxn77Jr2Xs5MCgdCFspDUYCAjnBMpo0hj4I5TAADMGOI7zZFkxmmLArzzmxadcul-475QkmOpw-nmrnKRMs0vriTMg
The text was updated successfully, but these errors were encountered: