Trivial

OAuth

OAuth 2.0 client/server and JWT supports.

In Trivial.Security namespace of Trivial.dll library.

Authentication

You can use following additional models for OAuth and app key.

You can access the resources required access token authentication by using an instance of the OAuthClient class with the AppAccessingKey instance, scope and authorization URI. Following is an example for WNS.

// Inialize a new instance of OAuth client
// with client identifier, client secret, authorization URI and scope.
var oauth = new OAuthClient(
    "client_id",        // Client ID.
    "client_secret",    // Client secret.
    new Uri("https://login.live.com/accesstoken.srf"),
    "notify.windows.com");

// Get access token.
var token = await oauth.ResolveTokenAsync(new ClientTokenRequestBody());

// Then you can create the JSON HTTP web client when you need,
// And it will set the access token and its type into the authorization header of HTTP request.
var httpClient = oauth.Create<ResponseBody>();

// And, of course, you can get the access token cache by following property.
token = oauth.Token;

JWT

You can create a JSON web token to get an authorization header in HTTP request by initializing a new instance of the JsonWebToken class.

// Create a hash signature provider.
var sign = HashSignatureProvider.CreateHS512("a secret string");

// Create a payload.
// Supports any type. So you can define your customized model class to use.
// Or even use Trivial.Text.JsonObject or Newtonsoft.Json.Linq.JObject class.
var model = new JsonWebTokenPayload
{
    Id = Guid.NewGuid().ToString("n"),
    Subject = "user-or-other-subject-id",
    Issuer = "example"
};

// Create a JWT instance
// by plusing a JsonWebTokenPayload (or a JsonObjectNode)
// and the signature provider instance.
var jwt = model + sign;

// Get the JWT string encoded.
var jwtStr = jwt.ToEncodedString();

// Or get authenticiation header value for HttpClient class using.
var header = jwt.ToAuthenticationHeaderValue();

You can parse a JWT string as following way.

var jwtSame = JsonWebToken<JsonWebTokenPayload>.Parse(jwtStr, sign); // jwtSame.ToEncodedString() == jwtStr

Or use a parser to get details before sign validation.

var parser = new JsonWebToken<Model>.Parser(jwtStr);

// Verify.
var isVerified = parser.Verify(sign);

// Get payload model.
var payload = parser.GetPayload();

// Convert to a JWT instance.
var jwt = parser.ToToken(sign, true);

Following are the signature providers. You can call one of these function and pass the secret as a parameter.

Algorithm Name Function Name
HS512 HashSignatureProvider.CreateHS512
HS384 HashSignatureProvider.CreateHS384
HS256 HashSignatureProvider.CreateHS256
RS512 RSASignatureProvider.CreateRS512
RS384 RSASignatureProvider.CreateRS384
RS256 RSASignatureProvider.CreateRS256

You can also initialize a new instance of the KeyedSignatureProvider class for your own signature provider.

See JWT.IO to test JWT or get details.

Token request route

In server side, you can use or inherit class TokenRequestRoute<T> to parse and process the token info request.

// Create a route and register the handlers.
var route = new TokenRequestRoute<UserInfo>();
route.Register((PasswordTokenRequestBody req, CancellationToken cancellationToken)
    => UserManager.LoginByPasswordAsync(req.UserName, req.Password));
route.Register((RefreshTokenRequestBody req, CancellationToken cancellationToken)
    => UserManager.LoginByRefreshTokenAsync(req.RefreshToken));

// Then you can handle following login request.
var resp = await route.SignInAsync(tokenReq);