JsonWebToken

The categories of algorithm.

No category.

Elliptic curve algorithm.

RSA algorithm.

AES algorithm

AES-GCM algorithm

HMAC algorithm

'none'

'HS256'

'HS384'

'HS512'

'RS256'

'RS384'

'RS512'

'ES256'

'ES384'

'ES512'

'PS256'

'PS384'

'PS512'

'dir'

'A128KW'

'A192KW'

'A256KW'

'A128GCMKW'

'A192GCMKW'

'A256GCMKW'

'RSA1_5'

'RSA-OAEP'

'RSA-OAEP-256'

'RSA-OAEP-512'

'ECDH-ES'

'ECDH-ES+A128KW'

'ECDH-ES+A192KW'

'ECDH-ES+A256KW'

Represents an asymmetric JSON Web Key as defined in https://tools.ietf.org/html/rfc7518#section-6.

Initializes a new instance of the class.

Gets or sets the 'd' (ECC - Private Key OR RSA - Private Exponent).

Gets a bool indicating if a private key exists.

true if it has a private key; otherwise, false.

Provides authenticated decryption.

Try to decrypt the .

The ciphertext to decrypt. The associated data used to encrypt. The nonce used to encrypt. The authentication tag The resulting plaintext. The bytes written in the .

Provides authenticated encryption and decryption.

Encrypts the .

The plaintext to encrypt. An arbitrary value to be used only once. The associated data. The resulting ciphertext. The resulting authentication tag.

Gets the size of the resulting ciphertext.

The plaintext size.

Gets the required size of the nonce.

Gets the size of the resulting authentication tag.

Gets the required size of the base64-URL nonce.

Gets the size of the base64-URL authentication tag.

Encodes and Decodes strings as Base64Url.

Issued from https://github.com/aspnet/.

Decodes a string of UTF-8 base64url-encoded text.

Decodes a span of UTF-8 base64url-encoded text.

Decodes a span of UTF-8 base64url-encoded text into a span of bytes.

The number of the bytes written to .

Decodes the span of UTF-8 base64url-encoded text into a span of bytes.

The number of the bytes written to .

Decodes the span of UTF-8 base64url-encoded text into binary data.

Encodes a span of UTF-8 text into a span of bytes.

The number of the bytes written to .

Encodes a span of UTF-8 text.

The base64-url encoded string.

Encodes a string of UTF-8 text.

The base64-url encoded string.

Gets the minimum buffer size required for decoding of characters.

The number of characters to decode. The minimum buffer size required for decoding of characters.

Gets the minimum output buffer size required for encoding bytes.

The number of characters to encode. The minimum output buffer size required for encoding s.

Defines an encrypted JWT with a binary payload.

Initializes a new instance of the class.

Defines compression algorithm.

Deflate

Gets the algorithm identifier.

Gets the name of the compression algorithm.

Gets the name of the signature algorithm.

Gets the .

Initializes a new instance of the class.

Determines whether this instance and a specified object, which must also be a object, have the same value.

Determines whether two specified objects have the same value.

Returns the hash code for this .

Determines whether two specified have the same value.

Determines whether two specified have different values.

Parse the current value of the into its representation.

Cast the into its representation.

Cast the array of s into its representation.

Cast the into its representation.

Cast the into its array representation.

Provides compression and decompression services.

Compresses the data.

Decompresses the compressed data.

The compressed data.

Provides compression and decompression services, based on .

Creates a decompression .

Creates a compression .

Provides authenticated encryption and decryption for AES CBC HMAC algorithm.

Initializes a new instance of the class.

Provides authenticated encryption and decryption for AES CBC HMAC algorithm.

Initializes a new instance of the class.

Provides authenticated decryption for AES GCM algorithm.

Provides authenticated encryption for AES GCM algorithm.

Provides AES key unwrapping services.

Provides AES key wrapping services.

Wrap a key using AES encryption.

the key to be wrapped. If null, a new will be generated.

Represent a store of cryptographics elements. It is a specialized implementation of the .

Inspired from https://github.com/dotnet/coreclr/pull/8216.

Gets the count of elements.

Tries to add the with as key.

Tries to get the withe the as key.

Provides RSA key key unwrapping services.

Provides RSA key wrapping and key unwrapping services.

List of registered claims from different sources http://tools.ietf.org/html/rfc7519#section-4 http://openid.net/specs/openid-connect-core-1_0.html#IDToken http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims http://openid.net/specs/openid-connect-frontchannel-1_0.html#OPLogout https://tools.ietf.org/html/draft-ietf-secevent-token-13#section-2.2

http://tools.ietf.org/html/rfc7519#section-4

Provides helper methods for UNIX-like time.

Per JWT spec: Gets the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the desired date/time.

The DateTime to convert to seconds. if dateTimeUtc less than UnixEpoch, return 0 the number of seconds since Unix Epoch.

Creates a DateTime from epoch time.

Number of seconds. The DateTime in UTC.

Creates a DateTime from epoch time.

Number of seconds. The DateTime in UTC.

Gets the current date and time on this computer expressed as the UTC time, in the Unix epoch time format (total of seconds since the 01/01/1970).

List of header parameter names see: http://tools.ietf.org/html/rfc7519#section-5.

see:https://tools.ietf.org/html/rfc7515#section-4.1.1

see:https://tools.ietf.org/html/rfc7515#section-4.1.10 also:https://tools.ietf.org/html/rfc7519#section-5.2

see:https://tools.ietf.org/html/rfc7516#section-4.1.2

see:https://tools.ietf.org/html/rfc7515#section-4.1.3

see:https://tools.ietf.org/html/rfc7515#section-4.1.4

see:https://tools.ietf.org/html/rfc7515#section-4.1.9 also:https://tools.ietf.org/html/rfc7519#section-5.1

see:https://tools.ietf.org/html/rfc7515#section-4.1.6

see:https://tools.ietf.org/html/rfc7515#page-12

see:https://tools.ietf.org/html/rfc7515#section-4.1.5

see:https://tools.ietf.org/html/rfc7516#section-4.1.3

see:https://tools.ietf.org/html/rfc7518#section-4.6.1

see:https://tools.ietf.org/html/rfc7518#section-4.7

Names for Json Web Key Values

Names for Json Web Key Set Values

Constants for JsonWebAlgorithms "kty" Key Type (sec 6.1) http://tools.ietf.org/html/rfc7518#section-6.1

Elliptic curve 'EC'.

RSA 'RSA'.

Octet 'oct';

Constants for JsonWebKeyUse (sec 4.2) http://tools.ietf.org/html/rfc7517#section-4

Gets the 'sig' (signature) value for the 'use' header parameter.

Gets the 'enc' (encryption) value for the 'use' header parameter.

Represent a poolable .

Initializes a new instance of .

Gets a from the pool.

Returns a to the pool.

Dispose the managed resources.

Represent a factory of a poolable .

Creates the poolabled .

Represents a verifying the JWT has a required claim.

Initializes an instance of .

Represents a verifying the JWT has a required claim.

Initializes an instance of .

Represents a verifying the JWT has a required claim.

Initializes an instance of .

Represents a verifying the JWT has a required claim.

Initializes an instance of .

Represents a verifying the JWT has a required claim.

Initializes an instance of .

Provides extension methods for .

Reports the first occurrence of the specified .

Provides signing and verifying operations using a and specifying an algorithm.

This is the minimum .KeySize when creating and verifying signatures.

Gets or sets the minimum .KeySize.

Provides AES decryption.

Try to decrypt the .

The ciphertext to decrypt. The nonce used to encrypt. The resulting plaintext. The bytes written in the .

Decrypt a .

Provides encryption.

Encrypts the .

The plaintext to encrypt. An arbitrary value to be used only once. The resulting ciphertext.

Encrypt a .

Computes a Hash-based Message Authentication Code (HMAC) using a SHA2 hash function.

The hash algorithm.

The inner & outer pad keys.

The inner pad key.

The outer pad key.

The block size.

The size of the resulting hash.

Initializes a new instance of the class.

Computes the hash of the key, used when key size is greater than the .

The original key. The derived key. The derived key length equals to .

Computes the hash value.

Clears the keys.

Computes a Hash-based Message Authentication Code (HMAC) using the SHA2-256 hash function.

Initializes a new instance of the class.

Computes a Hash-based Message Authentication Code (HMAC) using the SHA2-384 hash function.

Initializes a new instance of the class.

Computes a Hash-based Message Authentication Code (HMAC) using the SHA2-512 hash function.

Initializes a new instance of the class.

Represents the base class for SHA-2 algorithms.

Computes the hash value for the specified .

The data to hash. The destination . The data to hash before the source. Optionnal. Must be of the length of . The working set. Optionnal.

Computes the hash value for the specified .

The data to hash. The destination . The data to hash before the source. Optionnal. Must be of the length of . The working set. Optionnal.

The size of the resulting hash.

Computes SHA2-256 hash values.

Gets the default instance of the class.

Extensions methods for .

Computes the hash value for the specified .

The SHA-2 algorithm. The data to hash. The destination .

Computes the hash value for the specified .

The SHA-2 algorithm. The data to hash. The destination .

Computes the hash value for the specified .

The SHA-2 algorithm. The data to hash. The destination .

Computes the hash value for the specified .

The SHA-2 algorithm. The data to hash. The destination . The working set. Optionnal.

Computes the hash value for the specified .

The SHA-2 algorithm. The data to hash. The destination . The working set. Optionnal.

Computes SHA2-512 hash values.

Gets the default instance of the class.

Computes SHA2-512 hash values.

Gets the default instance of the class.

Represents an Elliptic Curve JSON Web Key as defined in https://tools.ietf.org/html/rfc7518#section-6.

Represents a static provider of keys.

Gets the list of .

Encapsulate the context required for a JWT encoding.

Initializes a new instance of the class.

Gets the JSON header cache.

Gets the token lifetime, in seconds.

Gets whether the issuance time must be generated.

Defines an encrypted JWT with a payload.

Initializes a new instance of .

Gets or sets the algorithm header.

Gets or sets the encryption algorithm.

Gets or sets the compression algorithm.

Gets the used.

Encrypt the token.

Defines encryption algorithm.

Empty

'A128CBC-HS256'

'A192CBC-HS384'

'A256CBC-HS512'

'A128GCM'

'A192GCM'

'A256GCM'

Gets the algorithm identifier.

Gets the algorithm category.

Gets the required key size, in bytes.

Gets the required key size, in bits.

Gets the wrapped key size, in bits.

Gets the .

Gets the name of the encryption algorithm.

Gets the name of the signature algorithm.

Initializes a new instance of .

Parse the current value of the into its representation.

Cast the into its representation.

Determines whether this instance and a specified object, which must also be a object, have the same value.

Determines whether two specified objects have the same value.

Returns the hash code for this .

Determines whether two specified have the same value.

Determines whether two specified have different values.

Cast the into its representation.

Cast the into its array representation.

Cast the array of s into its representation.

Cast the into its representation.

Computes a unique key for the combinaison of the and the .

Defines the algorithm encryption types.

Undefined encryption.

AES-HMAC encryption.

AES-GCM encryption.

Retrieves metadata information using .

Initializes a new instance of the class.

Initializes a new instance of the class with a specified httpClient.

Requires Https secure channel for sending requests.. This is turned ON by default for security reasons. It is RECOMMENDED that you do not allow retrieval from http addresses by default.

Returns a task which contains a string converted from remote document when completed, by using the provided address.

Location of document A cancellation token that can be used by other objects or threads to receive notice of cancellation. Document as a string

Release managed resources.

Defines a that gets the keys from and HTTP endpoint.

1 day is the default time interval that afterwards, will obtain new configuration.

30 seconds is the default time interval to obtain a new key set.

Time interval to obtain a new key set.

Time interval that afterwards, will obtain new configuration.

Initializes a new instance of .

Deserializes a JSON string representing a JWKS.

Disposes the managed resources.

Represents a cyrptographic algorithm.

Gets the UTF8 byte array of the name of the algorithm.

Gets the name of the algorithm.

Represents an extension point for handling the critical header parameter.

Tries to handle a 'crit' header parameter.

Represents a provider of .

Gets a list of .

Helper class for encoding text.

Gets the string representation of the .

Gets the bytes sequence of the .

Gets the char sequence of the .

Interface that defines a simple cache for tacking replaying of tokens.

Try to add a token.

the token to add. the time when token expires. true if the token was successfully added.

Represents a validation to apply to a .

Tries to validate a token.

Represents a that retrieve the key set with the 'jku' header parameter.

Initializes a new instance of .

Represents a cache for JWT Header in JSON.

The maximum size of the cache.

Try to get the header.

Adds a base64url encoded header to the cache.

Defines an encrypted JWT with a payload.

Initializes an new instance of .

Defines an encrypted JWT with a as payload.

Initializes an new instance of .

Represents a JSON Web Key as defined in http://tools.ietf.org/html/rfc7517.

An empty .

Initializes a new instance of the class.

Gets or sets the 'alg' (KeyType).

Gets the 'key_ops' (Key Operations).

Gets or sets the 'kid' (Key ID).

Gets or sets the 'kty' (Key Type).

Gets or sets the 'use' (Public Key Use).

Gets the 'x5c' collection (X.509 Certificate Chain).

Gets or sets the 'x5t' (X.509 Certificate SHA-1 thumbprint).

Gets or sets the 'x5t#S256' (X.509 Certificate SHA-256 thumbprint).

Gets or sets the 'x5u' (X.509 URL).

Gets the key size of .

Gets the X.509 certificate chain.

Determines if the supports the .

The to verify. true if the key support the algorithm; otherwise false

Determines if the supports the .

The to verify. true if the key support the algorithm; otherwise false

Determines if the supports the .

The to verify. true if the key support the algorithm; otherwise false

Returns a string that represents the in JSON.

Serializes the into its JSON representation.

Provides the binary representation of the key.

Creates a fresh new with the current as key.

The used for the signatures.

Tries to provide a with the current as key.

The used for the signatures. The created . true if the is available for the requested ; false otherwise.

Tries to provide a with the current as key.

The used for key wrapping. The used for key wrapping. The provided . null if return false

Tries to provide a with the current as key.

The used for key wrapping. The used for key wrapping. The provided . null if return false

Creates a fresh new with the current as key.

The used for key wrapping. The used for key wrapping.

Creates a fresh new with the current as key.

The used for key wrapping. The used for key unwrapping.

Creates a with the current as key.

The used for encryption. The provided . null if returns false.

Creates a with the current as key.

The used for encryption. The provided . null if returns false.

Creates a fresh new with the current as key.

The used for encryption.

Creates a fresh new with the current as key.

The used for encryption.

Returns a new in its normal form, as defined by https://tools.ietf.org/html/rfc7638#section-3.2

Compute a hash as defined by https://tools.ietf.org/html/rfc7638.

Returns a new instance of .

A that contains JSON Web Key parameters. Determines if the private key must be extracted from the certificate.

Returns a new instance of .

A string that contains JSON Web Key parameters in JSON format.

Writes the current into the .

Contains a collection of .

Initializes an new instance of .

Gets or sets the first with its 'kid'.

Adds the to the JWKS.

Removes the from the JWKS.

Gets the number of keys contained in the .

Gets the list of identified by the 'kid'.

Returns a new instance of .

a string that contains JSON Web Key parameters in JSON format.

Returns a new instance of .

a string that contains JSON Web Key parameters in JSON format.

Represents a that retrieve the key set with the 'jwk' header parameter.

Initializes a new instance of .

Defines a signed JWT with a JSON payload.

Initializes a new instance of .

Gets or sets the algorithm header.

Gets the used.

Gets or sets the value of the 'sub' claim.

Gets or sets the value of the 'jti' claim.

Gets or sets the value of the 'aud' claim.

Gets or sets the value of the 'exp' claim.

Gets or sets the value of the 'iss' claim.

Gets or sets the value of the 'iat' claim.

Gets or sets the value of the 'nbf' claim.

Adds a claim.

Gets a claim as .

Gets a claim as a list of .

Gets a claim as .

Add a claim as a list of .

Gets a claim as .

Validates the presence and the type of a required claim.

A JSON Web Token (JWT).

Initializes a new instance of .

Gets the list of 'aud' claim.

Gets the associated with this instance if the token is signed.

Gets the value of the 'jti' claim.

Gets the value of the 'iss' claim.

Gets the associated with this instance.

Gets the nested associated with this instance.

Gets the signature algorithm associated with this instance.

Gets the used for the signature of this token.

Gets the used for the encryption of this token.

Gets the value of the 'sub'.

Gets the'value of the 'nbf'.

Gets the value of the 'exp' claim.

Gets the value of the 'iat' claim.

If the 'expiration' claim is not found, then is returned.

Gets the plaintext of the JWE.

Gets the binary data of the JWE.

Represents a JSON array.

Initializes a new instance of the class.

Exports the use as back storage.

Gets the number of s contained in the .

Gets the at the specified index.

Adds an to the end of the .

Defines an abstract class for representing a JWT.

Initializes a new instance of .

Gets the parameters header.

Gets the used.

Called when the key is set.

Gets or sets the key identifier header parameter.

Gets or sets the JWKS URL header parameter.

Gets or sets the X509 URL header parameter.

Gets or sets the X509 certification chain header.

Gets or sets the X509 certificate SHA-1 thumbprint header parameter.

Gets or sets the JWT type 'typ' header parameter.

Gets or sets the content type header parameter.

Gets or sets the critical header parameter.

Encodes the current into it representation.

Gets the header parameter for a specified header name.

Sets the header parameter for a specified header name.

Gets the list of header parameters for a header name.

Validates the current .

Validates the presence and the type of a required header.

A builder of .

Adds a header parameter.

Defines the issuer.

Defines the expiration time.

Defines the sliding expiration time.

Defines the "not before" claim.

Defines the sliding "not before" claim.

Defines the issuance time claim.

Adds a claim.

Build the .

Defines the plaintext as payload.

Defines the binary data as payload.

Defines the JSON as payload.

Ignore the signature requirement.

Defines the key identifier.

Defines the JWKS URL.

Defines the 'jwk' header.

Defines the X509 URL.

Defines the 509 certificate chain.

Defines the X509 certificate SHA-1 thumbprint.

Defines the JWT type 'typ'.

Defines the content type 'cty'.

Defines the critical headers.

Defines the used as key for signature.

Defines the used as key for encryption.

Ignore the signature requirement. It is not recommended to use unsecure JWT.

Generates a new id ('jti' claim) for each new descriptor build.

Generate the issuance time for each new descriptor build.

Represents an caused by an error in the .

Initializes a new instance of .

Defines an JWT with a payload.

Initializes a new instance of .

Gets or sets the payload.

Represents the cryptographic operations applied to the JWT and optionally any additional properties of the JWT.

Initializes a new instance of the class.

Gets the signature algorithm that was used to create the signature.

Gets the signature algorithm (alg) that was used to create the signature.

Gets the key management algorithm (alg).

Gets the content type (Cty) of the token.

Gets the encryption algorithm (enc) of the token.

Gets the key identifier for the key used to sign the token.

Gets the mime type (Typ) of the token.

Gets the thumbprint of the certificate used to sign the token.

Gets the URL of the JWK used to sign the token.

Gets the URL of the certificate used to sign the token

Gets the algorithm used to compress the token.

Gets the compression algorithm (zip) of the token.

Gets the Initialization Vector used for AES GCM encryption.

Gets the Authentication Tag used for AES GCM encryption.

Gets the Crit header.

Gets the associated with the specified key.

Gets the claim for a specified key in the current .

Determines whether the contains the specified key.

Represents a cache for .

The maximum size of the cache.

The heade of the cache.

The tail of the cache.

Try to get the .

Adds the to the cache.

Validate the integrity of the cache.

Provides methods for converting JWT header JSON data into a

Parses the UTF-8 as JSON and returns a .

Represents a JSON object.

Initializes a new instance of the class.

Gets the number of .

Adds a to the end of the .

Adds a property to the end of the .

Adds a null property to the end of the .

Gets the at the specified index;

Gets or sets the at the specified key;

Gets the associated with the specified key.

Determines whether a is in the .

Replaces a

Serializes the into it JSON representation.

Provides methods for converting Base64Url JSON data into a

Parses the UTF-8 as JSON and returns a .

Use the as JSON input and returns a .

Consume a JSON array.

Represents the claims contained in the JWT.

Initializes a new instance of the class.

Gets the claim for a specified key in the current .

Gets the 'audience' claim as a list of strings.

Gets the 'expiration time' claim.

Gets the 'JWT ID' claim.

Gets the 'issued at' claim.

Gets the 'issuer' claim.

Gets the 'not before' claim.

Gets the 'subject' claim.

Determines whether the contains the specified key.

Gets the value associated with the specified key.

Provides methods for converting JWT header JSON data into a

Parses the UTF-8 as JSON and returns a .

Represents a JSON property.

Gets whether the is empty.

Gets the name of the in its UTF-8 representation.

Gets the of the .

Gets the value representing a well known property name.

Gets the value of the .

Initializes a new instance of the struct .

Initializes a new instance of the struct with a null value.

Initializes a new instance of the struct .

Initializes a new instance of the struct with a null value.

Initializes a new instance of the struct .

Initializes a new instance of the struct with a null value.

Initializes a new instance of the struct .

Gets or sets the at the specified key;

Gets whether the is present in the current at the specified key. Return always false if the is not a JSON object.

Reads and validates a JWT.

Initializes a new instance of .

Defines whether the header will be cached. Default is true.

Reads and validates a JWT encoded as a JWS or JWE in compact serialized format.

The JWT encoded as JWE or JWS The validation policy.

Reads and validates a JWT encoded as a JWS or JWE in compact serialized format.

The JWT encoded as JWE or JWS. The validation policy.

Reads and validates a JWT encoded as a JWS or JWE in compact serialized format.

The JWT encoded as JWE or JWS. The validation policy.

Specifies the type of token.

A null value.

A JSON object.

A JSON array.

An integer value.

A float value.

A string value.

A byte array representing a UTF8 string.

A boolean value.

A signature algorithm.

A key management algorithm.

A encryption algorithm.

A compression algorithm.

Represents a JSON value.

A with null value.

A with true value.

A with false value.

Gets the of the .

Gets the value of the .

Initializes a new instance of the class.

Writes a JWT.

Gets or sets the token lifetime in seconds.

Used by to set the default expiration ('exp'). 'value' less than 0.

Gets or sets whether the has to be validated. Default value is false.

Gets or sets whether the JWT header will be cached. Default value is true.

Gets or sets whether the issued time must be generated. Default value is false.

Writes a JWT in its compact serialization format.

The descriptor of the JWT. The array of representation of the JWT.

Writes a JWT in its compact serialization format.

The descriptor of the JWT. The used for writing the output. The array of representation of the JWT.

Writes a JWT in its compact serialization format and returns it a string.

The descriptor of the JWT. The retpresention of the JWT.

Defines key management algorithm.

Empty

'dir'

'A128KW'

'A192KW'

'A256KW'

'A128GCMKW'

'A192GCMKW'

'A256GCMKW'

'RSA1_5'

'RSA-OAEP'

'RSA-OAEP-128'

'RSA-OAEP-192'

'RSA-OAEP-256'

'ECDH-ES'

'ECDH-ES+A128KW'

'ECDH-ES+A192KW'

'ECDH-ES+A256KW'

Gets the algorithm identifier.

Gets the required key size, in bits.

Gets the algorithm category.

Gets the wrapped algorithm.

Gets the name of the key management algorithm.

Gets whether the algorithm produce an encryption key.

Initializes a new instance of .

Determines whether this instance and a specified object, which must also be a object, have the same value.

Determines whether two specified objects have the same value.

Returns the hash code for this .

Determines whether two specified have the same value.

Determines whether two specified have different values.

Cast the into its representation.

Cast the into its array representation.

Parse the current value of the into its representation.

Cast the into its representation.

Provides key unwrapping services.

Gets the that is being used.

Initializes a new instance of the class.

Calls and

Can be over written in descendants to dispose of internal components.

true, if called from Dispose(), false, if invoked inside a finalizer

Unwrap a key.

key to unwrap. Unwrapped key.

Gets the size of the unwrapped key.

Provides key wrapping services.

Gets the that is being used.

Initializes a new instance of the class.

Calls and

Can be over written in descendants to dispose of internal components.

true, if called from Dispose(), false, if invoked inside a finalizer

Wrap a key.

The key to be wrapped. If null, the key will be ephemeral and generated within this method. The key-values representing the JWT header. The destination span.

Gets the size of the wrapped key.

Creates a symmetric key based on the , excepts if the is defined.

Defines an encrypted JWT with a payload.

Initializes a new instance of .

Represents an implementation of where the memory owner is a of bytes.

Initializes a new instance of the class.

Gets the output as a .

Gets the bytes written.

Gets the capacity.

Clear the .

Advances the of the indicated.

Returns the rented buffer back to the pool.

Represents a RSA JSON Web Key as defined in https://tools.ietf.org/html/rfc7518#section-6.

Initializes a new instance of .

Exports the RSA parameters from the .

Gets or sets the 'dp' (First Factor CRT Exponent).

Gets or sets the 'dq' (Second Factor CRT Exponent).

Gets or sets the 'e' ( Exponent).

Gets or sets the 'n' (Modulus).

Gets or sets the 'p' (First Prime Factor).

Gets or sets the 'q' (Second Prime Factor).

Gets or sets the 'qi' (First CRT Coefficient).

Generates a new random private .

Generates a new random public .

Generates a new random private .

Generates a new RSA key.

The key size in bits.

Generates a new random .

Returns a new instance of .

A that contains the key parameters. Defines whether the thumbprint of the key should be computed

Returns a new instance of .

A that contains the key parameters.

Defines signature algorithm.

'none'

'HS256'

'HS384'

'HS512'

'RS256'

'RS384'

'RS512'

'ES256'

'ES384'

'ES512'

'PS256'

'PS384'

'PS512'

Gets the algorithm identifier.

Gets the name of the signature algorithm.

Gets the algorithm category.

Gets the required key size, in bits.

Gets the hash algorithm.

Initializes a new instance of .

Determines whether this instance and a specified object, which must also be a object, have the same value.

Determines whether two specified objects have the same value.

Returns the hash code for this .

Determines whether two specified have the same value.

Determines whether two specified have different values.

Cast the into its representation.

Reads the current value of the and converts into its representation.

Parses the into its representation.

Parse the current value of the into its representation.

Cast the into its representation.

Cast the into its array representation.

Validates a token signature.

Allows to support the unsecure 'none' algorithm that require no signature.

Allows to ignore the signature, whatever ther is an algorithm defined or not.

Try to validate the token signature.

Creates a new instance.

Initializes a new instance of the class.

Represents the result of a signature validation.

Initializes a new instance of the class.

Gets whether the token validation is successful.

Gets the status of the validation.

Gets the that caused the error.

Gets the used for the signature.

The signature is valid.

The signature is invalid.

The signature is not present.

The signature key is not found.

The signature is not base64url encoded.

Provides signature services, signing and verifying.

Defines a that do nothing.

Initializes a new instance of the class used to create and verify signatures.

The signature algorithm to apply.

Gets the signature algorithm.

Gets the hash size in bytes of the key.

Gets the base64-URL hash size in bits of the key.

This must be overridden to produce a signature over the 'input'.

bytes to sign. signed bytes

This must be overridden to verify a signature created over the 'input'.

bytes to verify. signature to compare against. true if the computed signature matches the signature parameter, false otherwise.

Calls and

Can be over written in descendants to dispose of internal components.

true, if called from Dispose(), false, if invoked inside a finalizer

Represents a static provider of keys.

Initializes a new instance of .

Gets the list of .

Converts a to .

Represents a symmetric JSON Web Key as defined in https://tools.ietf.org/html/rfc7518#section-6.

Initializes a new instance of .

Gets or sets the 'k' (Key Value).

Creates a new from the .

Returns a new instance of .

An array of that contains the key in binary.

Returns a new instance of .

Generates a new .

Error messages.

Represents a segment of token.

The start of the segment.

The end of the segment.

Initializes a new instance of .

Gets wether the segment is empty.

Represents the context for validating a token.

Initializes a new instance of .

The decoded JWT.

Defines the validations to apply to a JWT.

Represents an policy without any validation. Do not use it without consideration.

Gets the maximum token size in bytes.

Gets the signature validation parameters.

Gets whether the has validation.

Gets whether the issuer 'iss' is required.

Gets the required issuer, in UTF8 binary format.

Gets whether the audience 'aud' is required.

Gets the required audience array, in UTF8 binary format. At least one audience of this list is required.

Gets the validation control bits.

Gets whether the expiration time 'exp' is required.

Defines the clock skrew used for the token lifetime validation.

Gets the extension points used to handle the critical headers.

Try to validate the token, according to the .

Try to validate the token header, according to the .

Try to validate the token signature.

Represents a builder for .

Clear the defined policies.

Adds a .

Defines the maximum token size in bytes.

Ignores the signature validation.

Accepts secure token with the 'none' algorithm.

Requires a valid signature.

Requires the specified claim.

Adds lifetime validation.

Requires a specific audience.

Requires an audience contained in the .

Requires a specific issuer.

Adds token replay validation.

Adds a critical header handler validation.

Ignore the 'crit' header if present.

Requires a specific algorithm.

Builds the .

Convert the into a .

Represents the result of a token validation.

Gets whether the token validation is successful.

Gets of set the .

Gets the status of the validation.

Gets the claim that caused the error.

Gets the header parameter that cause the error.

Gets the that caused the error.

The token has expired, according to the 'nbf' claim.

The token was already validated previously.

The 'crit' header defines an unsupported header.

The signature is not present.

The signature is not base64url encoded.

The signature key is not found.

The signature is invalid.

The encryption key was not found.

The token is not a JWT in compact representation, is not base64url encoded, and is not a JSON UTF-8 encoded.

The 'enc' header parameter is missing.

The token is not yet valid, according to the 'nbf' claim.

The token is valid.

The token decryption has failed.

The token has an invalid claim.

The token has a missing claim.

The token has an invalid header.

The token has a missing header.

The token decompression has failed.

Defines the valitation status of a JWT.

The token is valid.

The token is not a JWT in compact representation, is not base64url encoded, and is not a JSON UTF-8 encoded.

The signature is invalid.

The signature key is not found.

The signature is not base64url encoded.

The signature is not present.

The token was already validated previously.

The token has expired, according to the 'nbf' claim.

The 'enc' header parameter is missing.

The token decryption has failed.

The token is not yet valid, according to the 'nbf' claim.

The token has an invalid claim.

The token has a missing claim.

The token has an invalid header.

The token has a missing header.

The token decompression has failed.

The encryption key was not found.

The 'crit' header defines a missing critical header.

The 'crit' header defines an unsupported header.

Defines the well known JWT properties.

None.

exp

aud

iat

iss

jti

nbf

kid

alg

enc

cty

typ

zip

sub

Represents a that retrieve key set with the 'x5u' header parameter.

Initializes a new instance of .

Applied to a method that will never return under any circumstance.

Specifies that when a method returns , the parameter will not be null even if the corresponding type allows it.

Initializes the attribute with the specified return value condition.

The return value condition. If the method returns this value, the associated parameter will not be null.

Gets the return value condition.