Decode ThinkTecture Identity Server JWT token

https://stackoverflow.com/questions/22981611

01-07-2023
|

質問

I have managed to get back a JWT token from Identity Server using OAuth2 and would like to extract the claims from the token.

When I use a token decoder such as https://developers.google.com/wallet/digital/docs/jwtdecoder, I can peek inside the token and it looks fine.

However I am not sure what decrypting to use in c# in order to use the Microsoft JwtSecurityTokenHandler.ValidateToken to get back a claims identity.

In identity server, I am using a symmetric key which I have pasted for reference in my code. The JWT token is also valid.

Would really appreciate some help:

string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vaWRlbnRpdHlzZXJ2ZXIudjIudGhpbmt0ZWN0dXJlLmNvbS90cnVzdC9jaGFuZ2V0aGlzIiwiYXVkIjoidXJuOndlYmFwaXNlY3VyaXR5IiwibmJmIjoxMzk3MTEzMDY5LCJleHAiOjEzOTcxNDkwNjksIm5hbWVpZCI6InN0ZWZhbiIsInVuaXF1ZV9uYW1lIjoic3RlZmFuIiwiYXV0aG1ldGhvZCI6Ik9BdXRoMiIsImF1dGhfdGltZSI6IjIwMTQtMDQtMTBUMDY6NTc6NDguODEyWiIsImh0dHA6Ly9pZGVudGl0eXNlcnZlci50aGlua3RlY3R1cmUuY29tL2NsYWltcy9jbGllbnQiOiJyZWx5aW5nIHBhcnR5IDMgdGVzdCBjbGllbnQgbmFtZSIsImh0dHA6Ly9pZGVudGl0eXNlcnZlci50aGlua3RlY3R1cmUuY29tL2NsYWltcy9zY29wZSI6InVybjp3ZWJhcGlzZWN1cml0eSJ9.cFnmgHxrpy2rMg8B6AupVrJwltu7RhBAeIx_D3pxJeI";

string key = "ZHfUES/6wG28LY+SaMtvaeek34t2PBrAiBxur6MAI/w=";

var validationParameters = new TokenValidationParameters()
{
    AllowedAudience = "urn:webapisecurity",
    SigningToken = new ????
    ValidIssuer = @"http://identityserver.v2.thinktecture.com/trust/changethis"
};

var tokenHandler = new JwtSecurityTokenHandler();
var principal = tokenHandler.ValidateToken(token, validationParameters);

What sort of SigningToken should I use for the validationParameters.SigningToken ??

解決 2

It's a BinarySecretSecurityToken - base64 decode the stringified key to use it.

他のヒント

You can use the following website to Decode the token

http://jwt.io/

or here is a code to Decode JWT Token using C#

 class Program
    {
        static void Main(string[] args)
        {

            string token ="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vaWRlbnRpdHlzZXJ2ZXIudjIudGhpbmt0ZWN0dXJlLmNvbS90cnVzdC9jaGFuZ2V0aGlzIiwiYXVkIjoidXJuOndlYmFwaXNlY3VyaXR5IiwibmJmIjoxMzk3MTEzMDY5LCJleHAiOjEzOTcxNDkwNjksIm5hbWVpZCI6InN0ZWZhbiIsInVuaXF1ZV9uYW1lIjoic3RlZmFuIiwiYXV0aG1ldGhvZCI6Ik9BdXRoMiIsImF1dGhfdGltZSI6IjIwMTQtMDQtMTBUMDY6NTc6NDguODEyWiIsImh0dHA6Ly9pZGVudGl0eXNlcnZlci50aGlua3RlY3R1cmUuY29tL2NsYWltcy9jbGllbnQiOiJyZWx5aW5nIHBhcnR5IDMgdGVzdCBjbGllbnQgbmFtZSIsImh0dHA6Ly9pZGVudGl0eXNlcnZlci50aGlua3RlY3R1cmUuY29tL2NsYWltcy9zY29wZSI6InVybjp3ZWJhcGlzZWN1cml0eSJ9.cFnmgHxrpy2rMg8B6AupVrJwltu7RhBAeIx_D3pxJeI";
            
                var parts = token.Split('.');
                string partToConvert = parts[1];
                var partAsBytes = Convert.FromBase64String(partToConvert);
                var partAsUTF8String = Encoding.UTF8.GetString(partAsBytes, 0, partAsBytes.Count());
           
                //JSON.net required
                var jwt = JObject.Parse(partAsUTF8String);

                 
                Console.Write(jwt.ToString());

            Console.ReadLine();

        }
        }

ライセンス： CC-BY-SA と帰属

所属していません StackOverflow