How to validate signature of JWT from jwks without x5c

by

Using x5c is just one way, but you can also retrieve the public key with the parameters e (public exponent) and n (modulus), which is also documented on the jose-jwt github page:

//If kid was found then load public key
if (jwkkey != null)
{
    RSACryptoServiceProvider key = new RSACryptoServiceProvider();
    key.ImportParameters(new RSAParameters
    {
        Modulus = Base64Url.Decode(jwkkey.n),
        Exponent = Base64Url.Decode(jwkkey.e)
    });
}

// get the public key in PEM format, e.g. to use it on jwt.io
var pubkey = Convert.ToBase64String(key.ExportSubjectPublicKeyInfo());
const string pemHeader = "-----BEGIN PUBLIC KEY-----";
const string pemFooter = "-----END PUBLIC KEY-----";
var publicKeyPem = pemHeader + Environment.NewLine + pubkey + Environment.NewLine + pemFooter;

var o = Jose.JWT.Decode(jsonToken.RawData, key);

You can also export the public key in PEM format again as shown in the code above, which will look like this:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIdJV4qWKyt3wkS66yBG5Ii9ew+eofuPU49TjlRIU5Iu5jX2mRMoHdcI7V78iKYSQHKYxz17cqzQyERxKnEiDgy/gwouStRgvPdm3H4rq//7p0t15SunsG2T1rEVf0sZEDnQ5qRkm7iqs6ZG1NqqIUtnOTd1Pd1MhbEqeENFtaPHvN37eZL82WmsQlJviFH4I9iZQVR/QT4GREQlRro8IjJTaloUyeDQTOQ+4ll1+4+g/ug2tZ+s9xleLzl5L9ZKSVJFhtMLn8WGaVldagarwa7kMLfuiVe8B5Lr7poQa4NCAR54ECPWoOHrABdPZKrkkxjVypTXUzL5cPzmzFC2xwIDAQAB
-----END PUBLIC KEY-----

and later use that key to manually verify your token on https://jwt.io

(key export corrected after a hint from @Topaco)

More Related Contents:

  1. Verifying JWT signed with the RS256 algorithm using public key in C#
  2. JWT on .NET Core 2.0
  3. How to read a PEM RSA private key from .NET
  4. Use multiple JWT Bearer Authentication
  5. C# Export Private/Public RSA key from RSACryptoServiceProvider to PEM string
  6. Get the serial number of USB storage devices in .Net Core 2.1
  7. How do I add assembly references in Visual Studio Code?
  8. System.Text.Json: How do I specify a custom name for an enum value?
  9. Convert Word doc and docx format to PDF in .NET Core without Microsoft.Office.Interop
  10. Filter all queries (trying to achieve soft delete)
  11. Using Razor outside of MVC in .NET Core
  12. Add a package with a local package file in ‘dotnet’
  13. Cascade deleting with EF Core
  14. The current .NET SDK does not support targeting .NET Core 2.2. (SDK 2.2.202)
  15. System.Text.Json – Deserialize nested object as string
  16. EF Core queries all columns in SQL when mapping to object in Select
  17. Killing gracefully a .NET Core daemon running on Linux
  18. Include ONLY .xml file of SPECIFIC nuget package in a different folder
  19. How do I reference a .NET Framework project in a .NET Core project?
  20. Unit testing with EF Core and in memory database
  21. Custom JSON serializer for optional property with System.Text.Json
  22. Refresh Token using Polly with Named Client
  23. Using a Scoped service in a Singleton in an Asp.Net Core app
  24. Cannot find command ‘dotnet ef’
  25. System.ServiceModel not found in .NET Core project
  26. Error occurred while decoding OAEP padding
  27. ASP.NET Core modify/substitute request body
  28. Getting nested properties with System.Text.Json
  29. Net Core: Execute All Dependency Injection in Xunit Test for AppService, Repository, etc
  30. ASP.NET Core configuration for .NET Core console application

Leave a Comment