在答案here之后,我创建了这些方法来验证令牌并提取uID:
public static async Task<string> GetUsernameFromTokenIfValID(string JsonWebToken) { const string FirebaseProjectID = "testapp-16ecd"; try { // 1. Get Google signing keys httpClIEnt clIEnt = new httpClIEnt(); clIEnt.BaseAddress = new Uri("https://www.GoogleAPIs.com/robot/v1/Metadata/"); httpResponseMessage response = await clIEnt.GetAsync("x509/securetoken@system.gserviceaccount.com"); if (!response.IsSuccessstatusCode) { return null; } var x509Data = await response.Content.ReadAsAsync<Dictionary<string,string>>(); SecurityKey[] keys = x509Data.Values.Select(CreateSecurityKeyFrompublicKey).ToArray(); // Use JwtSecurityTokenHandler to valIDate the JWT token JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); // Set the expected propertIEs of the JWT token in the TokenValIDationParameters TokenValIDationParameters valIDationParameters = new TokenValIDationParameters() { ValIDAudIEnce = FirebaseProjectID,Validissuer = "https://securetoken.Google.com/" + FirebaseProjectID,ValIDateIssuerSigningKey = true,IssuerSigningKeys = keys }; SecurityToken valIDatedToken; ClaimsPrincipal principal = tokenHandler.ValIDatetoken(JsonWebToken,valIDationParameters,out valIDatedToken); var jwt = (JwtSecurityToken)valIDatedToken; return jwt.Subject; } catch (Exception e) { return null; } } static SecurityKey CreateSecurityKeyFrompublicKey(string data) { return new X509SecurityKey(new X509Certificate2(EnCoding.UTF8.GetBytes(data))); } 当我运行代码时,我得到了响应:
{"IDX10501: Signature valIDation Failed. Unable to match 'kID': 'c2154b0435d58fc96a4480bd7655188fd4370b07',\ntoken: '{"alg":"RS256","typ":"JWT","kID":"c2154b0435d58fc96a4480bd7655188fd4370b07"}...... 调用https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com会返回具有匹配ID的证书:
{ "c2154b0435d58fc96a4480bd7655188fd4370b07": "-----BEGIN CERTIFICATE-----\nMIIDHDCCAgSgAwIBAgIIRZGQCmoKoNQwDQYJKoZIhvcNAQEFBQAwMTEvMC0GA1UE\nAxMmc2VjdXJldG9rZW4uc3lzdGVtLmdzZXJ2aWNlYWNjb3VudC5jb20wHhcNMTYx\nMtixMDA0NTI2WhcNMTYxMTI0MDExNTI2WjAxms8wLQYDVQQDEyZzZWN1cmV0b2tl\nbi5zeXN0ZW0uZ3NlcnZpY2VhY2NvDW50LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQocggEBAKHbxqFaNQyrrrv8gocpQjES+HCum8XRQYYLRqstJ12FGtDN\np32qagCbc0x94TaBZF7tCPMgyFU8pBQP7CvCxWxoy+Xdv+52lcR0sG/kskr23E3N\nJmWVHT3YwiMwdgsbWDipwEbvJdn3DPFaapvD9BJPwNoXuFCO2vA2rhi1LuNWsaHt\nBj5jTicGCnt2PGKUTXJ9q1hOFi90wxTVUVMfFqDa4g9iKqRoaNaLOo0w3VgsFPlr\nMBca1fw1ArZpEGm3XHaDOiCi+EZ2+GRvdF/aPNy1+RdnUPMEEuHErulSxXpYGIDt\n/Mo7QvtFXkIl6ZHvEp5pWkS8mlAJyfPrOs8RzXMCAwEAAaM4MDYwDAYDVR0TAQH/\nBAIwADAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDQYJ\nKoZIhvcNAQEFBQADggEBAJYXDQFIOC0W0ZwLO/5afSlqtMZ+lSiFJJnGx/IXI5Mi\n0sBI3QA7QXmiNH4tVyEiK+HsFPKAYovsbh7HDypEnBGsz9UmEU6Wn6Qu9/v38+bo\nLant6Ds9ME7QHhKJKtYkso0F2RVwu220xZQl1yrl4bjq+2ZDncYthILjw5t+8Z4c\nQW5UCr2wlVtkflGtIPR1UrvyU13eiI5SPkwOWPZvG2iTabnLfcRIkhQgIalkznMe\niz8Pzpk9eT8HFeZYiB61GpIWHG4oEb1/Z4Q//os+vWDQ+X0ARTYhTEbwLLQ0dcjW\nfg/tm7J+MGH5NH5MwjO+CI4fA3NoGOuEzF1vb7/hNdU=\n-----END CERTIFICATE-----\n" 我已经使用Java调用(在kotlin中制作)成功验证了此令牌
FirebaseAuth.getInstance().verifyIDToken(IDToken).addOnSuccessListener { decodedToken -> val uID = decodedToken.uID}解决方法 我相信你现在已经找到了解决方案,但对于未来遇到这个问题的人来说. 设置X509SecurityKey的KeyID
x509Data.Select(cert => new X509SecurityKey(new X509Certificate2(EnCoding.UTF8.GetBytes(cert.Value))) { KeyID = cert.Key }) .ToArray() 这将允许TokenValIDationParameters查找要验证的issuerKey.
总结以上是内存溢出为你收集整理的在c#.net中验证Firebase JWT全部内容,希望文章能够帮你解决在c#.net中验证Firebase JWT所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)