public
static
IDictionary<string, object> DecodeJWT(string jwttoken,string key)
{
var webClient =
new
WebClient();
var json = webClient.DownloadString(endpoint);
JObject metadata = JsonConvert.DeserializeObject<JObject>(json);
var jwksUri = metadata[``"jwks_uri"``].ToString();
json = webClient.DownloadString(jwksUri);
var keys = JsonConvert.DeserializeObject<CustomJWKs>(json);
string[] tokenParts = jwttoken.Split(``'.'``);
byte``[] bytes = FromBase64Url(tokenParts[``0``]);
string head= Encoding.UTF8.GetString(bytes);
string kid = JsonConvert.DeserializeObject<JObject>(head)[``"kid"``].ToString();
var defaultkey=keys.keys.Where(t => t.kid == kid).FirstOrDefault();
if``(defaultkey==``null``)
{
throw
new
Exception(``"未找到匹配的kid"``);
}
return
RS256Decode(jwttoken, key, defaultkey.e, defaultkey.n);
}
public
static
IDictionary<string, object> RS256Decode(string token, string secret, string exponent,string modulus)
{
try
{
IJsonSerializer serializer =
new
JsonNetSerializer();
IDateTimeProvider provider =
new
UtcDateTimeProvider();
IJwtValidator validator =
new
JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder =
new
JwtBase64UrlEncoder();
RSAlgorithmFactory rS256Algorithm =
new
RSAlgorithmFactory(() =>
{
RSACryptoServiceProvider rsa =
new
RSACryptoServiceProvider();
rsa.ImportParameters(
new
RSAParameters()
{
Modulus = FromBase64Url(modulus),
Exponent = FromBase64Url(exponent)
});
byte``[] rsaBytes = rsa.ExportCspBlob(``true``);
X509Certificate2 cert =
new
X509Certificate2(rsaBytes);
return
cert;
});
IJwtDecoder decoder =
new
JwtDecoder(serializer, validator, urlEncoder, rS256Algorithm);
var json = decoder.DecodeToObject(token, secret, verify:
false``);
return
json;
}
catch
(TokenExpiredException)
{
throw
new
Exception(``"token已过期"``);
}
catch
(SignatureVerificationException)
{
throw
new
Exception(``"token验证失败"``);
}
}
public
static
byte``[] FromBase64Url(string base64Url)
{
string padded = base64Url.Length %
4
==
0
? base64Url : base64Url +
"===="``.Substring(base64Url.Length %
4``);
string base64 = padded.Replace(``"_"``,
"/"``)
.Replace(``"-"``,
"+"``);
return
Convert.FromBase64String(base64);
}