tactile/python-oauth2-proxy-k8s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add dotnet backend

Browse Source
This commit is contained in:
Egor Muratov
2025-10-02 15:19:15 +05:00
parent 67f292cd60
commit 109629c6f9
12 changed files with 347 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
backend-dotnet/JwtValidator.cs Normal file
View File

@ -0,0 +1,58 @@
using System.IdentityModel.Tokens.Jwt;
using Microsoft.IdentityModel.Protocols;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.IdentityModel.Tokens;
namespace DexDemoBackend;
public class JwtValidator
{
private readonly AppConfig _config;
private readonly HttpClient _httpClient;
private ConfigurationManager<OpenIdConnectConfiguration>? _configManager;
public JwtValidator(AppConfig config)
{
_config = config;
_httpClient = new HttpClient(new HttpClientHandler
{
ServerCertificateCustomValidationCallback = (_, _, _, _) => true
});
}
public async Task<IDictionary<string, object>> ValidateToken(string token)
{
try
{
// Lazy init OIDC configuration manager
_configManager ??= new ConfigurationManager<OpenIdConnectConfiguration>(
$"{_config.DexIssuer}.well-known/openid-configuration",
new OpenIdConnectConfigurationRetriever(),
new HttpDocumentRetriever(_httpClient) { RequireHttps = false }
);
var oidcConfig = await _configManager.GetConfigurationAsync(CancellationToken.None);
var validationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = _config.DexIssuer,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
IssuerSigningKeys = oidcConfig.SigningKeys
};
var handler = new JwtSecurityTokenHandler();
var principal = handler.ValidateToken(token, validationParameters, out _);
var jwtToken = handler.ReadJwtToken(token);
return jwtToken.Payload;
}
catch (Exception ex)
{
throw new UnauthorizedAccessException($"Token validation error: {ex.Message}", ex);
}
}
}