JWT TOKEN Generate Client_Assertion

Question

I am newbie in JWT access Token generation. I have Public Key, Private key and ClientID. I need to generate Client_Assertion.

client_assertion: JWT (signed by client ID, public certificate and private key using RS256 as the signature algorithm).

I have found some Node.JS code but I want to do it using .Net Framework (Not .Net Core) Node.Js code can be seen on this link

I need to do it in C#. From where to start and how to achieve it?

Answer 1

I used the .NET libraries

• System.IdentityModel.Tokens.Jwt
• Microsoft.IdentityModel.Tokens
• Microsoft.IdentityModel.JsonWebTokens

I'm also assuming that, as you said you have a private key, and that you've loaded that into an RSACryptoServiceProvider

Here's my sample code

First create your claims. This is your JWT payload

var claims = new Claim[]
{
    new Claim(MicrosoftJwt.JwtRegisteredClaimNames.Sub, "your subject"),
    new Claim(MicrosoftJwt.JwtRegisteredClaimNames.Iat, DateTime.Now.ToEpochSeconds().ToString(), ClaimValueTypes.Integer),
    new Claim(MicrosoftJwt.JwtRegisteredClaimNames.Exp, DateTime.Now.AddMinutes(60).ToEpochSeconds().ToString(), ClaimValueTypes.Integer),
};

Then you need to configure your signing credentials using your private key.

// Assuming you already have your key loaded into an RSACryptoServiceProvider
var signingKey = new MicrosoftTokens.RsaSecurityKey(csp)
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.RsaSha256);

Now you can create your token

var jwt = new JwtSecurityToken(
    issuer            : issuer,
    audience          : audience,
    claims            : claims,
    signingCredentials: signingCredentials
);
// You can add extra items to your Header if necessary
jwt.Header.Add("kid", deviceId);

You can then write your token to a string

var assertion = new JwtSecurityTokenHandler().WriteToken(jwt);

I think the value of assertion is what you're trying to get