using Common.Models.DigitalSignature; using JsonWebToken; using System; using System.Configuration; using System.IO; namespace DigitalSignature { public class Utlis { private string publicKeyLocation {get;set;} private string privateKeyLocation { get; set; } public Utlis() { publicKeyLocation = ReadWebConfig("brac_Publickey", ""); privateKeyLocation = ReadWebConfig("Jme_Privatekey", ""); } //public static string MapPath(string path) //{ // return Path.Combine(AppDomain.CurrentDomain.BaseDirectory, // path); //} public static string ReadWebConfig(string key, string defVal) { try { return ConfigurationManager.AppSettings[key].ToString() == null ? defVal : ConfigurationManager.AppSettings[key].ToString(); } catch { return defVal; } } public JwtResponse CreateToken(string payload) { JwtResponse jwtResponse = new JwtResponse(); try { // RSA key for signing string pem = File.ReadAllText(@"D:\Office\SourceCodes\git-repo\JME\apis\ThirdPartyAPI\ThirdPartyAPIs\Keys\Brac\Jme_private_uat.pem"); var signatureKey = Jwk.FromPem(pem); // RSA key for encryption //pem = File.ReadAllText(MapPath(publicKeyLocation)); var encryptionKey = Jwk.FromPem(pem); string issuer = "testissuer"; string subject = "testorgid"; var now = DateTime.Now; var unixTimeSeconds = new DateTimeOffset(now).ToUnixTimeSeconds(); var jws = new JwsDescriptor() { SigningKey = signatureKey, Algorithm = SignatureAlgorithm.RsaSha256, ExpirationTime = now.AddMinutes(1440), IssuedAt = now, Issuer = issuer, NotBefore = DateTime.Now, Subject = subject, Payload = new JwtObject() }; jws.Payload.Add("Payload", payload); jws.AddClaim("iss", issuer); // Creates a JWE descriptor with all its properties var descriptor = new JweDescriptor() { EncryptionKey = encryptionKey, EncryptionAlgorithm = EncryptionAlgorithm.Aes256CbcHmacSha512, Algorithm = KeyManagementAlgorithm.RsaOaep256, Payload = jws }; // Generates the UTF-8 string representation of the JWT var writer = new JwtWriter(); var token = writer.WriteTokenString(descriptor); jwtResponse.Token = token; jwtResponse.ExpiresAt = unixTimeSeconds; return jwtResponse; } catch (Exception ex) { // write exception logs to database return jwtResponse; } } public string ExtractPayloadFromToken(string token) { string jwtResponse = string.Empty; try { // RSA key for verification string pem = File.ReadAllText(publicKeyLocation); var signatureKey = Jwk.FromPem(pem); // RSA key for decryption pem = File.ReadAllText(privateKeyLocation); var decryptionKey = Jwk.FromPem(pem); string issuer = "testissuer"; var policy = new TokenValidationPolicyBuilder() .RequireSignature(signatureKey, SignatureAlgorithm.RsaSha256) .Build(); var reader = new JwtReader(decryptionKey); var result = reader.TryReadToken(token, policy); if (result.Succedeed) { JwtProperty jwtProp = new JwtProperty(); var hasPayload = result.Token?.Payload?.TryGetValue("Payload", out jwtProp); if (hasPayload != null && hasPayload.Value) { jwtResponse = jwtProp.Value.ToString(); } } return jwtResponse; } catch (Exception ex) { // write exception logs to database return jwtResponse; } } } }