Plugin: JWT
Introduction
JSON Web Tokens (JWT) are an open, industry standard RFC 7519 method for representing claims securely between two parties. The plugin is developed to provide easy-to-use methods for working with JWT.
Features
Decode a token
Decode a JWT token.
Method Name: Decode
Input
- Token(required): The JWT string to decode.
- Audience(optional): When supplied, the plugin will validate the token against the given audience.
- Issuer(optional): When supplied, the plugin will validate the token against the given issuer.
Output
- Payload: the JSON string represents the JWT payload.
- IsValid:
trueorfalse. - Error: The error message in case token is not valid.
Example
var pluginApi = ctx.Use<IPluginApi>();
var parameters = new Dictionary<string, object>();
parameters.Add("Token", "eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg0ODM2QUE0NTdGQUY2NDJENzY4NTg1NTQ3MURBNURGOEY5NTU2NUUiLCJ4NXQiOiJoSU5xcEZmNjlrTFhhRmhWUngybDM0LVZWbDQiLCJ0eXAiOiJKV1QifQ.eyJzdWIiOiJhZG1pbnRodWUiLCJuYW1lIjoiYWRtaW50aHVlIiwidG9rZW5fdXNhZ2UiOiJhY2Nlc3NfdG9rZW4iLCJqdGkiOiI4NTQ5OGZhZS0wNmJjLTQzODAtODgyMC1mMWI3Y2QxMjM4ZDkiLCJzY29wZSI6ImlkZW50aWZ5KmVtcHR5IiwiYXVkIjoiaHR0cHM6Ly9naWFzLWRlbW8uY2FzZXdoZXJlLmNvbSIsImF6cCI6ImFkbWludGh1ZSIsImlhdCI6MTYxNzgzNTk2MCwibmJmIjoxNjE3ODM1OTYwLCJleHAiOjE2MTc4Mzk1NjAsImlzcyI6Imh0dHBzOi8vbG9naW4tZGVtby5jYXNld2hlcmUuY29tL3J1bnRpbWUvb2F1dGgyIn0.c6ob82U7Rcc8EhUQhKZBCiwpftbr_wGSL_85zPjGt-DCinZSzLj0fmva1Yp896hwdg5gT6812HU1hxG9rHuNYetkVCzh8wlgrDmxGfmAlvmXayBYvCzCDpnYXU1d0TuXO52o8buY0m4fn4DFcqkufkfszegvUzoql13N2CxdtJMieo8F1u0IUwVfZ6xIylNIWFX1cpeXcWZsbXzy2KCzchDlo4D9gjF0O9JlBXVfdPYya6Odb9orITPAndR8c1WKjtlkY8_ulLTzRS0MYSYuB1FKBJTqZp2Q_Yt3q6CoWCvwwAD9eTC22tp--n20TE9ermIYbE1LRLloszCmlNSXxg");
parameters.Add("Audience", "https://demo.casewhere.com");
parameters.Add("Issuer", "https://login-demo.casewhere.com/runtime/oauth2");
var result = pluginApi.Invoke("CwJWTPlugin", "Decode", parameters);
Installation
Requirements
- Casewhere v2.5 or later.
Configuration
You need to specify the default signing method for encoding/decoding the tokens.
No signing
{ SigningAlgorithmType: "None" }
HMAC
Plain text symmetric key
{
SigningAlgorithmType: "HMAC",
SigningKeyInformation: {
SymmetricKey: "12345678912345678901234567890123",
EnableBase64: false
}
}
Base64 symmetric key
{
SigningAlgorithmType: "HMAC",
SigningKeyInformation: {
SymmetricKey: "MTIzNDU2Nzg5MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM=",
EnableBase64: true
}
}
RSA
Certification store location
{
SigningAlgorithmType: "RSA",
SigningKeyInformation: {
Thumbprint: "84836aa457faf642d7685855471da5df8f95565e",
StoreName: "TrustedPeople",
StoreLocation: "LocalMachine"
}
}
Base64 certificate
{
SigningAlgorithmType: "RSA",
SigningKeyInformation: {
Base64Cert: "MIIDRzCCAi+gAwIBAgIQjLNmp7eE04FFKdfFg5UUJjANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDExhjYXNld2hlcmUtNjZkMWI2IFNpZ25pbmcwHhcNMTkwOTE0MjIwMDAwWhcNMjcwOTE0MjE1OTU5WjAjMSEwHwYDVQQDExhjYXNld2hlcmUtNjZkMWI2IFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmNXXcgVmu1cVD7vfIzl52Qvp68twLiEo92xe0sd4tcQaGMI86rviJMZtsIqqx7fGyyRTQBLuRzecyb9AZxIrjC7Ei4nHzz4iu/7lOGZvnCDHjrkV1rLDqjebJG1+MR67tQwzP/km+tdTXUVCCLAwTqYMHM/4hZopEA+r4foJ8Pvv1pWdHNxIuELFYmkDKkyFhQJbFzKEhG73m62W5+WYhMDxPF76iS3Damzv22XJAkZ/66LiLTkvfxijRT581DWqzJyIYBH4LJQnPNAW2R3ufPgvNFa4DecXlVnc8eUDAAZKIthkloJ3zsxOPyWkzCwwSufFnf7V3NoqpR3meSSkpAgMBAAGjdzB1MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBUBgNVHQEETTBLgBAyby8xQTwdz08EQv0Oo2EPoSUwIzEhMB8GA1UEAxMYY2FzZXdoZXJlLTY2ZDFiNiBTaWduaW5nghCMs2ant4TTgUUp18WDlRQmMA0GCSqGSIb3DQEBCwUAA4IBAQA1ldjnil03R4Ib4fswIV+OBjYYc+QmI+HDo5ZkHUUtEvNw7MclVUV2Ls/IsJGSiclIZOLt5vU4LIlplksyjSMBQcO3iYCteJKgEM3b0g/uNpTqdeV5HtYGusuS47/EbpZwYNPfvd0/Hxp5/mn134raPQ8fMKmFGWU9328wY7s4r6pbo2w+7YPurLhLjx3iJA7fSXhVnq6sJeytegyHocfbpNlNTpOcZ5mf3UhJ4Vywu5/HuZKjPkTkK7NU6XMLShr5Oq5DsIcDTxKO48z6stmuqI9JJlTDNOvZmKrLKv9NCqvR67GBuIt6FMpNNCCd8x3D0t446cK733AkaaEiu17X"
}
}
Releases
1.0.0 - 23/04/2021
Changelog
- Decode
Download (login required): jwt plugin v1.0.0