From ebba584c2306f091f46b7e881d1d6a444ce31bfd Mon Sep 17 00:00:00 2001 From: "ARTECH\\sgrampone" Date: Wed, 7 Sep 2022 19:10:01 -0300 Subject: [PATCH] Create JWT from JSON payload implementation --- .../GeneXusJWT/JWT/JWTCreator.cs | 42 ++++++++++++++----- .../SecurityAPITestNetCore.csproj | 1 + .../Jwt/Features/TestCreateFromJSON.cs | 38 +++++++++++++++++ 3 files changed, 71 insertions(+), 10 deletions(-) create mode 100644 dotnet/src/extensions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs diff --git a/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs b/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs index a5e0b657a..e414fc9c8 100644 --- a/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs +++ b/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs @@ -42,7 +42,14 @@ public JWTCreator() : base() public string DoCreate(string algorithm, PrivateClaims privateClaims, JWTOptions options) { this.error.cleanError(); - return Create_Aux(algorithm, privateClaims, options); + return Create_Aux(algorithm, privateClaims, options, null, true); + } + + [SecuritySafeCritical] + public string DoCreateFromJSON(string algorithm, string json, JWTOptions options) + { + this.error.cleanError(); + return Create_Aux(algorithm, null, options, json, false); } [SecuritySafeCritical] @@ -123,11 +130,11 @@ public string GetTokenID(string token) /******** EXTERNAL OBJECT PUBLIC METHODS - END ********/ [SecuritySafeCritical] - private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOptions options) - { + private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOptions options, string payloadString, bool hasClaims) + { if (options == null) { - this.error.setError("JW004", "Options parameter is null"); + this.error.setError("JW000", "Options parameter is null"); return ""; } JWTAlgorithm alg = JWTAlgorithmUtils.getJWTAlgorithm(algorithm, this.error); @@ -147,12 +154,27 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES384"] = 112; /***Hack to support 192 ECDSA key lengths - END***/ JwtPayload payload = null; - if (privateClaims == null) + if (hasClaims) { - this.error.setError("JW005", "PrivateClaims parameter is null"); - return ""; + if (privateClaims == null) + { + this.error.setError("JW000", "PrivateClaims parameter is null"); + return ""; + } + payload = doBuildPayload(privateClaims, options); + } + else + { + try + { + payload = JwtPayload.Deserialize(payloadString); + } + catch (Exception ex) + { + this.error.setError("", ex.Message); + return ""; + } } - payload = doBuildPayload(privateClaims, options); SecurityKey genericKey = null; @@ -192,7 +214,7 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti } else { - this.error.setError("JW015", "Not recognized key algorithm"); + this.error.setError("JW012", "Not recognized key algorithm"); return ""; } if (genericKey == null) @@ -231,7 +253,7 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti catch (Exception e) { - this.error.setError("JW006", e.Message); + this.error.setError("JW003", "key size: " + /*genericKey.KeySize.ToString()*/e.Message + e.StackTrace); return ""; } diff --git a/dotnet/src/extensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj b/dotnet/src/extensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj index bfb50beb9..9b03d26a8 100644 --- a/dotnet/src/extensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj +++ b/dotnet/src/extensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj @@ -30,6 +30,7 @@ + diff --git a/dotnet/src/extensions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs b/dotnet/src/extensions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs new file mode 100644 index 000000000..c4b96c48e --- /dev/null +++ b/dotnet/src/extensions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs @@ -0,0 +1,38 @@ +using GeneXusJWT.GenexusComons; +using GeneXusJWT.GenexusJWT; +using NUnit.Framework; +using SecurityAPICommons.Keys; +using SecurityAPITest.SecurityAPICommons.commons; + +namespace SecurityAPITest.Jwt.Features +{ + [TestFixture] + public class TestCreateFromJSON : SecurityAPITestObject + { + protected static string payload; + protected static string key; + protected static SymmetricKeyGenerator keyGen; + protected static JWTCreator jwt; + protected static JWTOptions options; + + [SetUp] + public virtual void SetUp() + { + payload = "{\"sub\":\"subject1\",\"aud\":\"audience1\",\"nbf\":1594116920,\"hola1\":\"hola1\",\"iss\":\"GXSA\",\"hola2\":\"hola2\",\"exp\":1909649720,\"iat\":1596449720,\"jti\":\"0696bb20-6223-4a1c-9ebf-e15c74387b9c, 0696bb20-6223-4a1c-9ebf-e15c74387b9c\"}"; + SymmetricKeyGenerator keyGen = new SymmetricKeyGenerator(); + key = keyGen.doGenerateKey("GENERICRANDOM", 256); + jwt = new JWTCreator(); + options = new JWTOptions(); + + } + + [Test] + public void TestCreateFromJSONMetod() + { + options.SetSecret(key); + string token = jwt.DoCreateFromJSON("HS256", payload, options); + bool verifies = jwt.DoVerifyJustSignature(token, "HS256", options); + True(verifies, jwt); + } + } +}