in Education by
I am learning about OAuth2 and OpenID Connect by experimenting with ASP.NET Core and IdentityServer4. So far I created a protected API server, an authorization server and a client by following a certain Udemy course. Things worked out well as client is able to get access token from the authorization server and use it to access protected API in the ASP.NET Core Web API project. However, I am curious how can I manually validate JWT I get from my authorization server. The token I get is this: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdiMjM1NzYyMTRlOTg3ZjE3NTdjMWYxNDE1ZTg4OGEyIiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NTMyNTYxNzMsImV4cCI6MTU1MzI1OTc3MywiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9yZXNvdXJjZXMiLCJiYW5rT2ZEb3ROZXRBcGkiXSwiY2xpZW50X2lkIjoiY2xpZW50Iiwic2NvcGUiOlsiYmFua09mRG90TmV0QXBpIl19.boION1QMOxuHxgIkBT0hZchkCEzINSpIS20Az5HkkkkrbH72IHqC2u9tOQobCsPt4okSPIuKGmgsGY2oyPMNcQpZPAOivmKXknhij_lhTv7pzaSXmFFSSpih-eigk4243VkGz8fTH9vA_IHmQ59o9zv0Wva_pKBt9lBSd39BDocNblJR092VHl66gAp79iEJctDzEKBBdN_E-RCrgPPsetU_sO0wqgOuxA0wECAo_jQhPu3LkuU9sKfj2HAFGLVxwz0Is3SAg1XIXeZylivAJdXThMkVypjrFBTeehso_9g26MVY4bKCfZ5Bx75NmYUbOfpX1gLPSo0CWvTfHhwaNg When I decode it on jwt.io website I get Header: { "alg": "RS256", "kid": "7b23576214e987f1757c1f1415e888a2", "typ": "JWT" } and Payload: { "nbf": 1553256173, "exp": 1553259773, "iss": "http://localhost:5000", "aud": [ "http://localhost:5000/resources", "bankOfDotNetApi" ], "client_id": "client", "scope": [ "bankOfDotNetApi" ] } Since I used RS256 algorithm for signing I need to add public key to the jwt.io to verify the token. But where do I get this public key? If I go to discovery endpoint of my auth server (eg. http://localhost:5000/.well-known/openid-configuration/jwks) I get following data: { keys: [ { kty: "RSA", use: "sig", kid: "7b23576214e987f1757c1f1415e888a2", e: "AQAB", n: "509tIiUvmKkjjGOwzKElduRqpRND7YO-Op-IlsAeNwTlxY9_t22XfCqmxUyNvuvmdIVYXz-utl5bee3Tjwp8e7ok-Vn2uX-nI0jBcjTIKL0arbd7Qo5XgvICU4x-UcINrHtqMnY4S_R0uMKgaJkl3105bh9svQh--65tknjiKqmefT4M5SLHStWTisy2e0YwiaqvLam-O_rtbEawMy5-4avZep33y9Wz_JlgWyQ4jKD1Kn8mNGybjRoW3FJRkqzVNUSrGzjqwdDPL1cZOzM2HnbBqwVSFNnJiRYxPxKL_N8Q4CS9e2OVRjTof_EdzTTGC5mkOPhBCjpmvYS5d0j6JQ", alg: "RS256" } ] } But which of these is public key? I tried pasting values for n, e and kid to jwt.io page under public key textfield in the "verify signature" section, but I always get "Invalid signature" error. So how do I get public key for RS256 token from discovery endpoint and how can I use it to validate token in manually in jwt.io website? JavaScript questions and answers, JavaScript questions pdf, JavaScript question bank, JavaScript questions and answers pdf, mcq on JavaScript pdf, JavaScript questions and solutions, JavaScript mcq Test , Interview JavaScript questions, JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)

1 Answer

0 votes
by
Put there the whole (first and only) keys object value, including curly brackets, at least the following: { "kty":"RSA", "kid":"7b23576214e987f1757c1f1415e888a2", "e":"AQAB", "n":"509tIiUvmKkjjGOwzKElduRqpRND7YO-Op-IlsAeNwTlxY9_t22XfCqmxUyNvuvmdIVYXz-utl5bee3Tjwp8e7ok-Vn2uX-nI0jBcjTIKL0arbd7Qo5XgvICU4x-UcINrHtqMnY4S_R0uMKgaJkl3105bh9svQh--65tknjiKqmefT4M5SLHStWTisy2e0YwiaqvLam-O_rtbEawMy5-4avZep33y9Wz_JlgWyQ4jKD1Kn8mNGybjRoW3FJRkqzVNUSrGzjqwdDPL1cZOzM2HnbBqwVSFNnJiRYxPxKL_N8Q4CS9e2OVRjTof_EdzTTGC5mkOPhBCjpmvYS5d0j6JQ" }

Related questions

0 votes
    I need to create JWT token authentication, but I don't know how, could you explain me how to do ... JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Apr 17, 2022 in Education by JackTerrance
0 votes
    I'm trying to write custom jwt login view for django rest api authentication. But it doesn't work, ... Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Jun 2, 2022 in Education by JackTerrance
0 votes
    When a user end a call from the CallKit UI the app ends the call and the actual VOIP call also ... JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked May 3, 2022 in Education by JackTerrance
0 votes
    The idea is to create server in master process, and handle requests in workers. I want to utilize all ... Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Jan 15, 2022 in Education by JackTerrance
0 votes
    In my app I'm using a spinners to let the user select an item from a list. Everything works fine ... JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Feb 12, 2022 in Education by JackTerrance
0 votes
    we're planning to use some robotics for copy and paste some routine information to our internal tool. ... machine learning concepts Select the correct answer from above options...
asked Feb 8, 2022 in Education by JackTerrance
0 votes
    we're planning to use some robotics for copy and paste some routine information to our internal tool. ... machine learning concepts Select the correct answer from above options...
asked Feb 5, 2022 in Education by JackTerrance
0 votes
    In the above DDL command the foreign key entries are got by using the keyword (a) References (b) ... Answers, Database Interview Questions and Answers for Freshers and Experience...
asked Oct 11, 2021 in Education by JackTerrance
0 votes
    On destruction of a restful resource, I want to guarantee a few things before I allow a destroy operation ... Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Mar 21, 2022 in Education by JackTerrance
0 votes
    On destruction of a restful resource, I want to guarantee a few things before I allow a destroy operation ... Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Mar 20, 2022 in Education by JackTerrance
0 votes
    On destruction of a restful resource, I want to guarantee a few things before I allow a destroy operation ... Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Mar 20, 2022 in Education by JackTerrance
0 votes
    I'm working with ASP.NET 3.5. I have a list box that users must add items to (I've written ... , JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Mar 12, 2022 in Education by JackTerrance
0 votes
    I am trying to pass a dataString to to an ajax call using JQuery. In the call, I construct the ... JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Mar 11, 2022 in Education by JackTerrance
0 votes
    I am using jersey, and I want to send (in a POST) a list of objects to the server. This is ... , JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)...
asked Feb 18, 2022 in Education by JackTerrance
0 votes
    Suppose, my license expires today. Can my users be able to view the dashboards or workbooks that I published in the server earlier?...
asked Oct 30, 2020 in Technology by JackTerrance
...