如何使用带签名证书的C＃JWT包解码JWT

Question

我使用OAuth授权代码授权调用ADFS来获取访问令牌。 我正在以

的形式获得访问令牌

{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dC...."
 "token_type":"bearer",
 "expires":3600}

现在，我正在复制access_token值并将其粘贴到https://jwt.io 它完美解码但带有无效签名。

Jwt.io的标题返回：

{
"typ": "JWT",
"alg": "RS256",
"x5t": "eQKi04zWoOV3eLmNNBrI2_rbqSY"
}

我有pem令牌签名证书，如下所示：

-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIKUJvNQgAAAAANxTA...
BgNVBAcTBEtlbnQxJjAkBgNVBAoTHVR...
-----END CERTIFICATE-----

现在，如何使用System.IdentityModel.Tokens.Jwt或任何其他方法使用证书验证令牌。

请帮助。

Answer 1

经过大量研究，我找到了答案。将它发布在这里，这将对其他人有所帮助。

  string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1.."
  var tokenHandler = new JwtSecurityTokenHandler();
//Read Token for Getting the User Details
  var parsedJwt = tokenHandler.ReadToken(token) as JwtSecurityToken; 

//Create A Certificate Object that will read the .CER/.PEM/.CRT file as String
 X509Certificate2 clientCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(CertficationString));

 var certToken = new X509SecurityToken(clientCertificate);

 var validationParameters = new TokenValidationParameters()
    {   
        IssuerSigningToken = certToken,
        ValidAudience = audience,
        ValidIssuer = issuer,
        ValidateLifetime = true,
        ValidateAudience = true,
        ValidateIssuer = true,
        ValidateIssuerSigningKey = true
    };


    try
    {
       SecurityToken validatedToken;
       var principal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken);

    }
    catch (Exception err)
    {

        Console.WriteLine("{0}\n {1}", err.Message, err.StackTrace);
    }