TrivialJwt.Bearer 0.3.0

Install-Package TrivialJwt.Bearer -Version 0.3.0
dotnet add package TrivialJwt.Bearer --version 0.3.0
<PackageReference Include="TrivialJwt.Bearer" Version="0.3.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add TrivialJwt.Bearer --version 0.3.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: TrivialJwt.Bearer, 0.3.0"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install TrivialJwt.Bearer as a Cake Addin
#addin nuget:?package=TrivialJwt.Bearer&version=0.3.0

// Install TrivialJwt.Bearer as a Cake Tool
#tool nuget:?package=TrivialJwt.Bearer&version=0.3.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

TrivialJWT

TrivialJWT is a set of libraries to ease:

  • The creation of JWT tokens
  • The validation of JWT tokens

TrivialJWT exposes an end point to generate JWT token. It relies on Microsoft's libraries for JWT generation.

TrivialJWT.Bearer helps configure the Microsoft.AspNetCore.Authentication.JwtBearer library based on TrivialJWT configuration.

TrivialJWT.AspNetIdentity implements the required interfaces to bridge TrivialJWT with Microsoft.AspNetCore.Identity.

2 samples are provided:

How to use TrivialJWT with AspNetIdentity

Install dependencies

With .NET CLI

dotnet add package TrivialJwt.Bearer
dotnet add package TrivialJwt.AspNetIdentity

or with Package Manager:

Install-Package TrivialJwt.Bearer
Install-Package TrivialJwt.AspNetIdentity

Update Startup.cs

In the example below, a HMAC-SHA265 signature

(...)
using TrivialJwt;
using TrivialJwt.AspNetIdentity;
using TrivialJwt.Bearer;
(...)

public void ConfigureServices(IServiceCollection services)
{
    (...)

    services.AddTrivialJwtAspNetIdentity<AppUser>(options =>
            {
                options.Secret = "<Base64Secret>"
            });

    services.AddTrivialJwtAuthentication();
    
    (...)
}

public void Configure(IApplicationBuilder app, 
                IWebHostEnvironment env)
{
    (...)

    app.UseAuthentication();
    app.UseAuthorization();

    (...)
}

How to use TrivialJWT without AspNetIdentity

Install dependencies

With .NET CLI

dotnet add package TrivialJwt.Bearer

or with Package Manager:

Install-Package TrivialJwt.Bearer

Update Startup.cs

In the example below, a HMAC-SHA265 signature

(...)
using TrivialJwt;
using TrivialJwt.Bearer;
(...)

public void ConfigureServices(IServiceCollection services)
{
    (...)

    services.AddTrivialJwt(options =>
            {
                options.Secret = "<Base64Secret>"
            });

    services.AddTrivialJwtAuthentication();

    services.AddScoped<IPasswordValidator, PasswordValidator>();
    services.AddScoped<IClaimsIdentityProvider, ClaimsIdentityProvider>();

    (...)
}

public void Configure(IApplicationBuilder app, 
                IWebHostEnvironment env)
{
    (...)

    app.UseAuthentication();
    app.UseAuthorization();

    (...)
}

An implementation for IPasswordValidator and IClaimsIdentityProvider must be provided.

Configuration

Configuration can be done by using options as shown above or by binding:

services.AddTrivialJwtAspNetIdentity<IdentityUser>(
    Configuration.GetSection(TrivialJwtOptions.Section));

For instance, the appsettings.json can contain the configuration:

{
    "TrivialJwt": {
        "Secret": "U3VwZXJfU2VjcmV0X1Bhc3N3b3JkIQ=="
    }
}

Endpoints

Token generation endpoint

The endpoint is /auth/login.

The payload is a JSON with username and password.

Example:

{
    "username": "bob",
    "password": "bob"
}

The response would be:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW...k_Riw4RSK7g",
    "refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW...k_Riw4RSK7g",
    "expires_in": 3600,
    "token_type": "bearer"
}

Refresh token endpoint

The endpoint is /auth/refresh_token.

The payload is a JSON file with refresh_token.

Example:

{
    "refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW...k_Riw4RSK7g"
}

The response would be:

{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW...k_Riw4RSK7g",
    "refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW...k_Riw4RSK7g",
    "expires_in": 3600,
    "token_type": "bearer"
}

Refresh Token endpoint

The endpoint is /auth/refreshtoken.

The payload is a JSON file with username and password.

Example:

{
    "username": "bob",
    "password": "bob"
}

TODO

  • support .Net 5.0
  • Implement elliptic curves
  • Enhance asymmetric key management

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
0.3.0 158 12/9/2020
0.2.0 156 12/7/2020