Skip to content

Commit 84f16cf

Browse files
pgermishuyspgermishuys
authored
Merge pull request #2248 from DuendeSoftware/jmdc/use-latest
Use latest IdentityModel and AccessTokenManagement packages in JwtBearer, BFF
2 parents dd3932f + 825c042 commit 84f16cf

File tree

9 files changed

+22
-20
lines changed

9 files changed

+22
-20
lines changed

Directory.Packages.props

Lines changed: 5 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -42,18 +42,14 @@
4242
<PackageVersion Include="coverlet.collector" Version="6.0.2" />
4343
<!-- Added aspire transitive package to resolve package vulnerability -->
4444
<PackageVersion Include="KubernetesClient" Version="17.0.14" />
45-
<PackageVersion Include="Duende.AccessTokenManagement" Version="3.2.0" Condition="'$(IsBffProject)' == 'true'" />
45+
<PackageVersion Include="Duende.AccessTokenManagement" Version="3.3.0-preview.1" Condition="'$(IsBffProject)' == 'true'" />
4646
<PackageVersion Include="Duende.AccessTokenManagement" Version="4.1.0-preview.2" Condition="'$(IsBffProject)' != 'true'" />
47-
<PackageVersion Include="Duende.AccessTokenManagement.OpenIdConnect" Version="3.2.0" Condition="'$(IsBffProject)' == 'true'" />
47+
<PackageVersion Include="Duende.AccessTokenManagement.OpenIdConnect" Version="3.3.0-preview.1" Condition="'$(IsBffProject)' == 'true'" />
4848
<PackageVersion Include="Duende.AccessTokenManagement.OpenIdConnect" Version="4.1.0-preview.2" Condition="'$(IsBffProject)' != 'true'" />
49-
<!-- <PackageVersion Include="Duende.AccessTokenManagement" Version="4.0.0" />
50-
<PackageVersion Include="Duende.AccessTokenManagement.OpenIdConnect" Version="4.0.0" /> -->
5149
<PackageVersion Include="Duende.AspNetCore.Authentication.JwtBearer" Version="0.1.3" />
52-
<PackageVersion Include="Duende.IdentityModel" Version="7.0.0" Condition="'$(IsBffProject)' == 'true'" />
53-
<PackageVersion Include="Duende.IdentityModel" Version="8.0.0-preview.1" Condition="'$(IsBffProject)' != 'true'" />
54-
<PackageVersion Include="Duende.IdentityModel.OidcClient" Version="6.0.1" Condition="'$(IsBffProject)' == 'true'"/>
55-
<PackageVersion Include="Duende.IdentityModel.OidcClient" Version="7.0.0-preview.2" Condition="'$(IsBffProject)' != 'true'"/>
56-
<PackageVersion Include="Duende.IdentityServer" Version="7.1.0" />
50+
<PackageVersion Include="Duende.IdentityModel" Version="8.0.0-preview.1" />
51+
<PackageVersion Include="Duende.IdentityModel.OidcClient" Version="7.0.0-preview.2" />
52+
<PackageVersion Include="Duende.IdentityServer" Version="7.4.0-preview.2" />
5753
<PackageVersion Include="Duende.Private.Licensing" Version="1.0.0" />
5854
<PackageVersion Include="IdentityModel.AspNetCore.OAuth2Introspection" Version="6.2.0" />
5955
<PackageVersion Include="Meziantou.Extensions.Logging.Xunit" Version="1.0.8" />

aspnetcore-authentication-jwtbearer/src/AspNetCore.Authentication.JwtBearer/AspNetCore.Authentication.JwtBearer.csproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88

99
<ItemGroup>
1010
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" />
11-
<PackageReference Include="Duende.IdentityModel" VersionOverride="7.1.0" />
11+
<PackageReference Include="Duende.IdentityModel" />
1212
</ItemGroup>
1313

1414
<ItemGroup>

aspnetcore-authentication-jwtbearer/src/AspNetCore.Authentication.JwtBearer/DPoP/DPoPExtensions.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
using System.Buffers.Text;
45
using System.Text.Json;
56
using Duende.IdentityModel;
67
using Microsoft.AspNetCore.Authentication;
@@ -44,5 +45,5 @@ public static string CreateThumbprintCnf(this JsonWebKey jwk)
4445
/// <summary>
4546
/// Create the value of a thumbprint
4647
/// </summary>
47-
public static string CreateThumbprint(this JsonWebKey jwk) => Base64Url.Encode(jwk.ComputeJwkThumbprint());
48+
public static string CreateThumbprint(this JsonWebKey jwk) => Base64Url.EncodeToString(jwk.ComputeJwkThumbprint());
4849
}

aspnetcore-authentication-jwtbearer/src/AspNetCore.Authentication.JwtBearer/DPoP/DPoPProofValidator.cs

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
using System.Buffers.Text;
45
using System.Security.Cryptography;
56
using System.Text;
67
using System.Text.Json;
@@ -263,7 +264,7 @@ internal void ValidatePayload(DPoPProofValidationContext context, DPoPProofValid
263264
var bytes = Encoding.UTF8.GetBytes(context.AccessToken);
264265
var hash = SHA256.HashData(bytes);
265266

266-
var accessTokenHash = Base64Url.Encode(hash);
267+
var accessTokenHash = Base64Url.EncodeToString(hash);
267268
if (accessTokenHash != result.AccessTokenHash)
268269
{
269270
result.SetError("Invalid 'ath' value.");
@@ -278,7 +279,7 @@ internal void ValidatePayload(DPoPProofValidationContext context, DPoPProofValid
278279
return;
279280
}
280281
var jtiBytes = Encoding.UTF8.GetBytes(jtiString);
281-
result.TokenIdHash = Base64Url.Encode(SHA256.HashData(jtiBytes));
282+
result.TokenIdHash = Base64Url.EncodeToString(SHA256.HashData(jtiBytes));
282283
}
283284

284285
if (string.IsNullOrEmpty(result.TokenIdHash))

aspnetcore-authentication-jwtbearer/test/AspNetCore.Authentication.JwtBearer.Tests/AspNetCore.Authentication.JwtBearer.Tests.csproj

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,8 @@
1010

1111
<ItemGroup>
1212
<PackageReference Include="AngleSharp" />
13-
<PackageReference Include="Duende.AccessTokenManagement.OpenIdConnect" VersionOverride="4.0.0"/>
14-
<PackageReference Include="Duende.IdentityModel" VersionOverride="7.1.0" />
13+
<PackageReference Include="Duende.AccessTokenManagement.OpenIdConnect" />
14+
<PackageReference Include="Duende.IdentityModel" />
1515
<PackageReference Include="Duende.IdentityServer" />
1616
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" />
1717
<PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" />

aspnetcore-authentication-jwtbearer/test/AspNetCore.Authentication.JwtBearer.Tests/DPoP/DPoPProofValidatorTestBase.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
using System.Buffers.Text;
45
using System.Security.Claims;
56
using System.Security.Cryptography;
67
using System.Text;
@@ -19,7 +20,7 @@ public DPoPProofValidatorTestBase()
1920
{
2021
ProofValidator = CreateProofValidator();
2122
var jtiBytes = Encoding.UTF8.GetBytes(TokenId);
22-
TokenIdHash = Base64Url.Encode(SHA256.HashData(jtiBytes));
23+
TokenIdHash = Base64Url.EncodeToString(SHA256.HashData(jtiBytes));
2324
Context = new()
2425
{
2526
Options = Options,

bff/hosts/Hosts.IdentityServer/Pages/Diagnostics/ViewModel.cs

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
5+
using System.Buffers.Text;
46
using System.Text;
57
using System.Text.Json;
6-
using Duende.IdentityModel;
78
using Microsoft.AspNetCore.Authentication;
89

910
namespace IdentityServerHost.Pages.Diagnostics;
@@ -17,7 +18,7 @@ public ViewModel(AuthenticateResult result)
1718
if (result.Properties.Items.ContainsKey("client_list"))
1819
{
1920
var encoded = result.Properties.Items["client_list"];
20-
var bytes = Base64Url.Decode(encoded);
21+
var bytes = Base64Url.DecodeFromChars(encoded);
2122
var value = Encoding.UTF8.GetString(bytes);
2223

2324
Clients = JsonSerializer.Deserialize<string[]>(value);

bff/hosts/RemoteApis/Hosts.RemoteApi.DPoP/DPoP/DPoPExtensions.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
using System.Buffers.Text;
45
using System.Text.Json;
56
using Duende.IdentityModel;
67
using Microsoft.AspNetCore.Authentication;
@@ -66,7 +67,7 @@ public static string CreateThumbprintCnf(this JsonWebKey jwk)
6667
/// </summary>
6768
public static string CreateThumbprint(this JsonWebKey jwk)
6869
{
69-
var jkt = Base64Url.Encode(jwk.ComputeJwkThumbprint());
70+
var jkt = Base64Url.EncodeToString(jwk.ComputeJwkThumbprint());
7071
return jkt;
7172
}
7273
}

bff/hosts/RemoteApis/Hosts.RemoteApi.DPoP/DPoP/DPoPProofValidator.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
// Copyright (c) Duende Software. All rights reserved.
22
// See LICENSE in the project root for license information.
33

4+
using System.Buffers.Text;
45
using System.Security.Cryptography;
56
using System.Text;
67
using System.Text.Json;
@@ -226,7 +227,7 @@ protected virtual async Task ValidatePayloadAsync(DPoPProofValidatonContext cont
226227
var bytes = Encoding.UTF8.GetBytes(context.AccessToken);
227228
var hash = sha.ComputeHash(bytes);
228229

229-
var accessTokenHash = Base64Url.Encode(hash);
230+
var accessTokenHash = Base64Url.EncodeToString(hash);
230231
if (accessTokenHash != result.AccessTokenHash)
231232
{
232233
result.IsError = true;

0 commit comments

Comments
 (0)