Trying to verify token does not work about jwt HOT 11 CLOSED

Google uses RS256 to encode JWT which is supported only in this branch: https://github.com/abatishchev/jwt/tree/rs256-1

from jwt.

Hi Alexander... Sorry for the delay and thanks for the reply. I downloaded the branch and I'm getting the same issue. I'm assuming I should be using the Google secret to decode the token. Is there a better forum for posting these types of questions on this library?

from jwt.

Alexander, can you please provide an example? I am getting error caling:

byte[] key = File.ReadAllBytes("C:\key.pub");
String secret = "xxxxxx";
string jsonPayload = JWT.JsonWebToken.Encode(payload, key, secret, JWT.JwtHashAlgorithm.RS256);

private static byte[] RS256(byte[] key, string secret, byte[] value)
{
var cert = new X509Certificate2(key, secret); <<<<<<<<<<<<<<<<<<<<

"An unhandled exception of type 'System.Security.Cryptography.CryptographicException' occurred in mscorlib.dll

Additional information: O objeto necessário não foi encontrado."

from jwt.

I'm sorry, missed your previous comment.

Are you sure you want to import a pub file not a pfx file? Pub contains the secret, doesn't it? Which usually goes as the second string paramter in plain string.

from jwt.

I was looking in JWT website (http://jwt.io/#debugger) and thought that the "key" parameter was the public or private key, but now I know that should be a pfx file. I create and now It worked, but I had to made some changes in the code.

• In the method GetHashAlgorithm [ private static JwtHashAlgorithm GetHashAlgorithm(string algorithm) ] I had to add the "RS256" case. [ case "RS256": return JwtHashAlgorithm.RS256; ]
• The Decode method doesn't have the 'secret' parameter, I override it.

Thanks.

from jwt.

Hi Alexander/xnog…

When I set up my Google+ account, they provided me with a secret. Shouldn’t this secret be used for signature verification?

From: xnog [mailto:[email protected]]
Sent: June 26, 2015 8:38 AM
To: jwt-dotnet/jwt
Cc: Simon Eisner
Subject: Re: [jwt] Trying to verify token does not work (#27)

I was looking in JWT website (http://jwt.io/#debugger) and thought that the "key" parameter was the public or private key, but now I know that should be a pfx file. I create and now It worked, but I have to made some changes in the code.

1 - In the method GetHashAlgorithm [ private static JwtHashAlgorithm GetHashAlgorithm(string algorithm) ] I had to add the "RS256" case. [ case "RS256": return JwtHashAlgorithm.RS256; ]

2 - The Decode method doesn't have the 'secret' parameter, I override it.

Thanks.
https://github.com/xnog

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/27#issuecomment-115664430.

from jwt.

Google+? Or do you mean Google+ API?

I think they assign keys at Dev Console.

from jwt.

That’s where I got the client and secret… at the Dev Console. I’m not sure what a certificate pfx or pub file would have to do with this? Do I just need to create a text file, and add the secret into there? That’s what I’m not following. I thought the secret from the Dev Console would be used to sign the tokens.

[cid:[email protected]]

From: Alexander Batishchev [mailto:[email protected]]
Sent: June 26, 2015 12:29 PM
To: jwt-dotnet/jwt
Cc: Simon Eisner
Subject: Re: [jwt] Trying to verify token does not work (#27)

Google+? Or do you mean Google+ API?

I think they assign keys at Dev Consolehttps://code.google.com/apis/console/.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/27#issuecomment-115746929.

from jwt.

You may want to convert your pfx into base64 string and keep it in Web.config for instance:

• You load pfx into X509Certificate2
• Don't forget to mark it exportable http://stackoverflow.com/questions/4198493/x509certificate2-has-private-key-not-exportable
• You export it to a string http://stackoverflow.com/questions/4739407/exporting-a-certificate-as-base-64-encoded-cer

Next time you need it you construct X509Certificate2 using its base64 representation and the secret:

var cert = new X509Certificate2(Convert.FromBase64String(key), secret);

from jwt.

Hey, how is going? Did you it get it working?

from jwt.

Hey there... no not yet. I haven't had a chance to try the converstion the way you're saying. I'm guessing I would use our domain PFX. I will try that today. Thanks for checking back.

from jwt.