Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
45 views6 pages

JWT and Cookie Management Guide

Uploaded by

poonam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
45 views6 pages

JWT and Cookie Management Guide

Uploaded by

poonam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

using DD4T.ContentModel.Contracts.

Configuration;
using DD4T.ContentModel.Contracts.Logging;
using DD4T.ContentModel.Factories;
using DD4T.Mvc.Controllers;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.OpenSsl;
using PKI.Corporate.Contracts.BLL;
using PKI.DD4T.Core.ActionResults;
using System;
using System.Collections.Generic;
using System.IO;
using System.Security.Cryptography;
using System.Web.Mvc;
using System.Web;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.IdentityModel.Tokens;
using JWT.Algorithms;
using JWT;
using JWT.Serializers;
using JWT.Builder;
using System.Security;

namespace PKI.Corporate.Web.Controllers
{
/// <summary>
/// Cookie controller for Handling Cookies consents.
/// </summary>
public sealed class CookiesController : TridionControllerBase
{
//Comment by Poonam Shukla on 20/07/2022
//Code is commented as we don't require anymore.
private readonly ICookieService _cs;
private const string HEADER_KEY = "Cookies.CookieConsent.Header";
private const string DESCRIPTION_KEY = "Cookies.CookieConsent.Description";
private const string CONFIRM_BUTTON_KEY =
"Cookies.CookieConsent.Button.Text";

public CookiesController(IPageFactory pageFactory,


IComponentPresentationFactory cpf, ILogger log, IDD4TConfiguration
dd4tConf,
ICookieService cs) : base(pageFactory, cpf, log, dd4tConf)
{
PageFactory = pageFactory;
ComponentPresentationFactory = cpf;
_cs = cs;
}

// public static string CreateToken()


// {

// var payload = new Dictionary<string, object>


//{
// { "iss", "http://www.perkinelmer.com" },
// { "aud", "http://www.perkinelmer.com" },
// { "iat", DateTime.UtcNow },
// { "exp", DateTime.UtcNow.AddHours(1) }
//};
// string jwt = string.Empty;
// RsaKeyParameters keyPair;
// const string cert = @"-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCiUuymg7+SGzyc4QN2Qg7/9SktATWtjAXU0uslb2QuPC+0t3R2FaKJd6yIwcioROpEIor
pj+NLpeoCZoDhcOrj5HkT/zxdbReG8qS84xodESaINOL+aKZz42w/tqNdzhz5n/
RiZBINOFc9bqTheJl+6EDbjY2+X2QH6K/
v4NLvXQIDAQABAoGAELxmA+EPjlvaiv40Iiw7aa54OVinlSYbr86zSd/
LP20bKhHEIyyl3nCFTHBWZOr+EFpTYjNgpvsLPoYdAaFnxj9EGoB76DrGPqFLa6NmOPM4qojk77UMQa+4jY
6jX4TsDdYMePqeIOaxfzSbxlbcFX9cXSdYV28b4jV/Ep8zwS0CQQDU1xd6Nz+
+ldpeYiGePvrcFCWi+pmOJehiS0KrUnuLV03taT/q9haOhLLYvS5fi4YrXHvB3QluxhDOBcnqfVC/
AkEAwz1xrkNWLsXRHotjqIDMc/ppe2Khn9Etgi48/Vai+p1BO2qNFSkDx2WVTbGjKVRtX7vt/sfTdZ//
xAuM48sq4wJBAMwY+mVzJ4hd8MoDNhOmdy6ljzXLM4bRKRdg7iyVau1CqfKYs/
dfRmAiNdKLDzYF+IIKLI7JpCr6edDmUiqvQscCQAs/
vw0LVCvdue7ImTVcNmt4QhuZ0zYiFz0o7Nqr4zgNV3TU7swJUO5sK+4ODhiThLm/
WjcTzFs6nMHu6G83hYECQG1i1GtCRz7/5uwtRmYcaJ7qdh9lsstiI/+OhzL7BovHrduaJCKBk/
pEiDiptfnZv/+7YekEzAf4L2YAPKG3KZA=";

// // var cert = ConfigurationManager.AppSettings["cert"];


// /// cert begins -----BEGIN PRIVATE KEY----- and ends with -
END PRIVATE KEY-----";
// using (var stringReader = new StringReader(cert))
// {
// var pemReader = new
Org.BouncyCastle.OpenSsl.PemReader(stringReader);
// keyPair =
(RsaPrivateCrtKeyParameters)pemReader.ReadObject();
// }

// RSAParameters rsaParams =
DotNetUtilities.ToRSAParameters(keyPair);

// using (RSACryptoServiceProvider rsa = new


RSACryptoServiceProvider())
// {
// rsa.ImportParameters(rsaParams);

// jwt = Jose.JWT.Encode(payload, rsa,


Jose.JwsAlgorithm.RS256);
// }

// return jwt;
//}

private const string privateKey = @"-----BEGIN RSA PRIVATE KEY-----


MIIEowIBAAKCAQEAtFYuC6oT5PARsqOINcITjMZK4xM+JB37BDwDUXkUaAFJU7ks
xope2Rj3UhvMxJ6av0CXLirws6e/HFFF6MPwn9zd+gXnmSyVfurdMX6KJKVRi1eE
1CbR/NkWF5Gg+TkP9wneYL4Ptb0NnIm60uqg9OfDlMlRaXdbPaUme49eCTOEwQKy
7pTu5L0RJ4W7gY4SWogPurWzeTIXTZXQ2UbWPnHCzS30VfpQpeW2dcTOelic0nHS
vjMeiIKeErQVudSPvt3+pbXC936/+K/IVpZoK0ScDHmdB1vy8I/jdSM+KfcKhB2S
OfkFe7+WTlTyBbRYPhlqtas8AmtpzeGF/TcxVwIDAQABAoIBAHZfIzZQ22IpGtTR
dvUigUakWj+XP/DhJQVwhxURjw192q30HKnt5bhHJQBmcxCUsyrasOGDGiAy+cUS
q/rPssCcb7BP8+edVjvK2opEb1UClvYJ6ox/NtLrhA7QboNoq0wS1D9YQmOexrJ7
zX/otuJKxxyA0MmTqPZb01jDkIwkhOh/8zA4wG2H57qGxLgFje3HNeedaTxyuePq
y6pU7vJfRkh7YADDiyDTiKeAErnmZvSGGHXs9SIlRqcLHJwXmylFOnTEYEvWBeGu
8W6UDGneO+Q03s6Vn5flw+L+Y8Cgf5yz4QQjhj6zCdhdyiv/44krq425xj12ix4j
h/agDuECgYEA2HnzJrvUe6PcHcM23v8FfHv3q06QalHkxvise61Xgss+legJAyyR
RdoSItLXVQ6aCdLvEyIbcVxk4olKgzZEfSeAz7HwdgzWBMdeUaKNnMdlCNjKYdFO
vtR4XjRkVDV4YBJmhiVgXu2Oypo44m61P2sY/FXdvFgFOJX+vk3N4akCgYEA1UMR
hnXhHgiRgmRIAqOhoKUI8AQaPFLyZHdN3AO25yVfFv8zJm8rrRbvnvL21v6Yr2D7
WHR8ccBCAU3qbOV9uWR7DBFIXuxPw/dWtLES58DJ0dDPYmtn2Rwkr3b7Q7Oy5vh4
8bq1juqvbgCwcJqvi/tLbubJiRi20BsaXJoeWv8CgYEAixdIOUIEk/DEFMeCsSOQ
5dxNVV+kgPvfkEzlno3RJbProaw2Zjizmvs0HfX076zzIo7KmDOZCGyCUeA+5THw
La49ILZHN8KlnOpw2ukkLnEbpOSOnO08uHaSZI0rTcQRdUE9aMIJOtVOozUWib7y
bC4nHrMZRtQTfrk5thMNzwkCgYAbOTqNfZLFMLbSfFas75J8XVTsvrlSpgwHQyuP
QHIiw6SF3QH8kAh1Sg5AridQfqOjD7BGNGiGZNKINBgO2qTX+7mxaqtgYq40B+jr
nAcbyoJ45Dz1BVz2XB9avseIdvIJhgJ6aSkwG0lVs4TSewyZw/R3LcLgW2VK34rX
81yYpQKBgDNyyOPwqcLH2CyagsJabYJb3jLCQCKPesouBy8YNd7+19YKmY5HE7e7
t6msHPp2TpMgJLDsl85xJaeR+n+Eh+M2ED6MWRDkWblXFUOf2ctlmoTKhCtyoXw7
ZJHs/9MY1+CWpKJCsfvFwFL9XS/yQgTa3dbSQQch/d8sHiZj2MUe
-----END RSA PRIVATE KEY-----";

private const string PublicKey = @"-----BEGIN PUBLIC KEY-----


MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFYuC6oT5PARsqOINcIT
jMZK4xM+JB37BDwDUXkUaAFJU7ksxope2Rj3UhvMxJ6av0CXLirws6e/HFFF6MPw
n9zd+gXnmSyVfurdMX6KJKVRi1eE1CbR/NkWF5Gg+TkP9wneYL4Ptb0NnIm60uqg
9OfDlMlRaXdbPaUme49eCTOEwQKy7pTu5L0RJ4W7gY4SWogPurWzeTIXTZXQ2UbW
PnHCzS30VfpQpeW2dcTOelic0nHSvjMeiIKeErQVudSPvt3+pbXC936/+K/IVpZo
K0ScDHmdB1vy8I/jdSM+KfcKhB2SOfkFe7+WTlTyBbRYPhlqtas8AmtpzeGF/Tcx
VwIDAQAB
-----END PUBLIC KEY-----
";

static string GetJwt(Dictionary<string, object> claims, string privateKey)


{
using (var rsa = GetRSACryptoServiceProvider(privateKey, true))
{
var jwt = Jose.JWT.Encode(claims, rsa, Jose.JwsAlgorithm.RS256);
return jwt;
}
}

static RSACryptoServiceProvider GetRSACryptoServiceProvider(string key,


bool isPrivate)
{
var rsaParams = GetRsaParams(key, isPrivate);
var rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(rsaParams);
return rsa;
}

static RSAParameters GetRsaParams(string key, bool isPrivate)


{
if (isPrivate)
{
AsymmetricCipherKeyPair keyPair;
using (var sr = new StringReader(key))
{
PemReader pr = new PemReader(sr);
keyPair = (AsymmetricCipherKeyPair)pr.ReadObject();
}
return
DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)keyPair.Private);
}
AsymmetricKeyParameter keyParam;
using (var sr = new StringReader(key))
{
PemReader pr = new PemReader(sr);
keyParam = (AsymmetricKeyParameter)pr.ReadObject();
}
return DotNetUtilities.ToRSAParameters((RsaKeyParameters)keyParam);
}

static Dictionary<string, object> GetClaims(string jwt, string publicKey)


{
using (var rsa = GetRSACryptoServiceProvider(publicKey, false))
{
var payload = Jose.JWT.Decode<Dictionary<string, object>>(jwt,
rsa);
return payload;
}
}
public string BuildJWTToken()
{

//uvar rsa = RSA.Create();


//rsa.ImportFromPem(rsaPrivateKey);
//var key = PrivateKey;
//var creds = new SigningCredentials(key,
SecurityAlgorithms.HmacSha256);
//var issuer = "http://www.perkinelmer.com"; ;
//var audience = "http://www.perkinelmer.com";
//var jwtValidity = DateTime.Now.AddMinutes(Convert.ToDouble(60));

//var token = new JwtSecurityToken(issuer,


// audience,
// expires: jwtValidity,
// signingCredentials: creds);

//return new JwtSecurityTokenHandler().WriteToken(token);

//var privateKey =privateKey;


//privateKey = privateKey.Replace("-----BEGIN PRIVATE KEY-----",
string.Empty).Replace("-----END PRIVATE KEY-----", string.Empty);
//privateKey = privateKey.Replace(Environment.NewLine, string.Empty);

// CHANGE CONVERSION TYPE


var privateKeyBytes = Convert.FromBase64String(PrivateKey);
string userid = string.Empty;
System.Web.HttpCookie cookie =
System.Web.HttpContext.Current.Request.Cookies["MSCSAuthCorp"];
if (cookie != null)
{
userid = cookie.Value;
}
// INITIALIZE RSA
var rsa1 = RSA.Create();
// Since the private key starts with "BEGIN PRIVATE KEY" it's PKCS8
encoded
rsa1.ImportPkcs8PrivateKey(privateKeyBytes, out _);
var tokenHandler = new JwtSecurityTokenHandler();
var token1 = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = userid,

// CREATE SIGNING CREDENTIALS WITH THE RSA INITIALIZED ABOVE


SigningCredentials = new SigningCredentials(new
RsaSecurityKey(rsa1), SecurityAlgorithms.RsaSha256)
});
// This probably contains typos somewhere
var publicKey = FetchKeyAndDoNotIncludeInSourceCode();
var byteArray = Convert.FromBase64String(publicKey);

// This is valid syntax for C#8+


var rsa = RSA.Create();

// The method you use from the rsa object will vary depending on the
encoding of the key
rsa.ImportSubjectPublicKeyInfo(byteArray, out _);

var rsaParameters = rsa.ExportParameters(false);


var jwt = tokenHandler.WriteToken(token1);
var token = JwtBuilder.Create()
.WithAlgorithm(new
RS256Algorithm(PublicKey,PrivateKey))
// .AddClaim("exp",
DateTimeOffset.UtcNow.AddHours(1).ToUnixTimeSeconds())
.AddClaim("claim1", 0)
.AddClaim("claim2", "claim2-value")
.Encode();

Console.WriteLine(token);
Console.WriteLine(token);
}

[HttpGet]
public ActionResult GenerateToken()
{
string userid = string.Empty;
System.Web.HttpCookie cookie =
System.Web.HttpContext.Current.Request.Cookies["MSCSAuthCorp"];
if (cookie != null)
{
userid = cookie.Value;
}

var payload = new Dictionary<string, object>


{
{ "sub", userid },
{ "name", "abc" },
{ "iat", DateTime.UtcNow } };

string jwt_token = GetJwt(payload, PrivateKey);


var claims2 = GetClaims(jwt_token, PublicKey);
//var a = JsonConvert.SerializeObject(claims2);
return new JsonConverterResult(new
{
jwt = jwt_token
});

}
}
}

You might also like