Skip to content

Instantly share code, notes, and snippets.

@Tanver-Hasan

Tanver-Hasan/Manually Validating JWT C sharp example

Last active July 27, 2024 11:56
Show Gist options
  • Save Tanver-Hasan/d4b116d4dad2a4899aa34bf2222bfaed to your computer and use it in GitHub Desktop.
Save Tanver-Hasan/d4b116d4dad2a4899aa34bf2222bfaed to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Manually Validating JWT C sharp example
Validating ID token
Audience : Audience should be client id
Issuer : auth0 domain
Sigining key : Retrieve form JWKS
https://auth0.com/docs/tokens/guides/id-token/validate-id-token
Validating Access token
Audience : Audience should be API identifier
Issuer: Auth0 Domain
Sigining Key: Retrieve from JWKS
https://auth0.com/docs/api-auth/tutorials/verify-access-token
@Tanver-Hasan
Copy link
Author

Validate ID Token

using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;

namespace CustomTokenValidation
{
    class Program
    {
       private static async Task  Main(string[] args)

        {
            const string auth0Domain = "[Auth0 domain]"; // Your Auth0 domain
            const string auth0Audience = "[Client ID]"; // Your Client/ Application ID

              const string testIdToken = "[ID Token]"; //ID token

         



            IConfigurationManager<OpenIdConnectConfiguration> configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>($"{auth0Domain}.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
            OpenIdConnectConfiguration openIdConfig = await configurationManager.GetConfigurationAsync(CancellationToken.None);



            TokenValidationParameters validationParameters =
                new TokenValidationParameters
                {

                    ValidIssuer = auth0Domain,
                    
                    ValidAudiences = new[] { auth0Audience },
                    IssuerSigningKeys = openIdConfig.SigningKeys
                    
                };

            SecurityToken validatedToken;

            JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
            var user = handler.ValidateToken(testIdToken, validationParameters, out validatedToken);

            // The ValidateToken method above will return a ClaimsPrincipal. Get the user ID from the NameIdentifier claim
            // (The sub claim from the JWT will be translated to the NameIdentifier claim)
            Console.WriteLine($"Token is validated. User Id {user.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value}");



            Console.WriteLine("Finished");
        }
    }
}

@Tanver-Hasan
Copy link
Author

Validate Access Token

using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;

namespace CustomTokenValidation
{
    class Program
    {
       private static async Task  Main(string[] args)

        {
            const string auth0Domain = "[Auth0 domain]"; // Your Auth0 domain
           const string auth0Audience = "[Custom API Identifier]"; // Your API Identifier
   

          //  const string testAccessToken = "[Access Token]"; //Access Token

            IConfigurationManager<OpenIdConnectConfiguration> configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>($"{auth0Domain}.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
            OpenIdConnectConfiguration openIdConfig = await configurationManager.GetConfigurationAsync(CancellationToken.None);



            TokenValidationParameters validationParameters =
                new TokenValidationParameters
                {

                    ValidIssuer = auth0Domain,
                    
                    ValidAudiences = new[] { auth0Audience },
                    IssuerSigningKeys = openIdConfig.SigningKeys
                    
                };

            SecurityToken validatedToken;

            JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
            var user = handler.ValidateToken(testAccessToken, validationParameters, out validatedToken);

            // The ValidateToken method above will return a ClaimsPrincipal. Get the user ID from the NameIdentifier claim
            // (The sub claim from the JWT will be translated to the NameIdentifier claim)
            Console.WriteLine($"Token is validated. User Id {user.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value}");



            Console.WriteLine("Finished");
        }
    }
}

@Tanver-Hasan
Copy link
Author

Build The Project

dotnet build

Run The Project

dotnet run

@Diaskhan
Copy link

Be aware that OpenIdConnectConfigurationRetriever.GetAsync() doesn't cache the retrieved configuration, while ConfigurationManager<>.GetConfigurationAsync() does so

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment