Fix JWT deserialization

amphasis · Mar 20, 2024 · 6f4b0fa · 6f4b0fa
1 parent b9a333f
commit 6f4b0fa
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 6 deletions.
diff --git a/Amphasis.Azure.WebPortal/Helpers/JwtHelper.cs b/Amphasis.Azure.WebPortal/Helpers/JwtHelper.cs
@@ -0,0 +1,40 @@
+using System;
+using System.Text.Json;
+using Microsoft.AspNetCore.WebUtilities;
+
+namespace Amphasis.Azure.WebPortal.Helpers;
+
+public static class JwtHelper
+{
+	public static DateTime GetValidTo(string encodedJsonWebToken)
+	{
+		var destination = new Span<Range>(new Range[3]);
+		var partsCount = encodedJsonWebToken.AsSpan().Split(destination, '.');
+
+		if (partsCount < 3)
+			throw new JwtHelperException("Could not extract payload");
+
+		var payloadRange = destination[1];
+		var (offset, count) = payloadRange.GetOffsetAndLength(encodedJsonWebToken.Length);
+		var bytes = WebEncoders.Base64UrlDecode(encodedJsonWebToken, offset, count);
+		var payload = JsonSerializer.Deserialize<JwtPayload>(bytes, _jsonSerializerOptions);
+
+		return DateTime.UnixEpoch.AddSeconds(payload.Exp);
+	}
+
+	static JwtHelper()
+	{
+		_jsonSerializerOptions = new JsonSerializerOptions {PropertyNamingPolicy = JsonNamingPolicy.CamelCase};
+	}
+
+	private static readonly JsonSerializerOptions _jsonSerializerOptions;
+
+	private sealed class JwtHelperException : Exception
+	{
+		public JwtHelperException(string message) : base(message)
+		{
+		}
+	}
+
+	private sealed record JwtPayload(int Exp);
+}
diff --git a/Amphasis.Azure.WebPortal/SimaLand/Services/SimaLandService.cs b/Amphasis.Azure.WebPortal/SimaLand/Services/SimaLandService.cs
@@ -1,11 +1,11 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel;
-using System.IdentityModel.Tokens.Jwt;
 using System.IO;
 using System.Net.Http;
 using System.Threading.Tasks;
 using Amphasis.Azure.WebPortal.Extensions;
+using Amphasis.Azure.WebPortal.Helpers;
 using Amphasis.Azure.WebPortal.SimaLand.Models;
 using Amphasis.Azure.WebPortal.SimaLand.Models.Enums;
 using Amphasis.SimaLand;
@@ -15,7 +15,7 @@
 
 namespace Amphasis.Azure.WebPortal.SimaLand.Services
 {
-    public class SimaLandService
+	public class SimaLandService
     {
         private const string ApiClientAccessTokenKey = nameof(ApiClientAccessTokenKey);
         private static readonly TimeSpan TokenExpirationSkew = TimeSpan.FromSeconds(30);
@@ -74,10 +74,10 @@ private async ValueTask AuthorizeAsync()
         }
 
         private async Task<string> TokenFactoryAsync(ICacheEntry cacheEntry)
-        {
-            string token = await _apiClient.GetAccessTokenAsync(_configuration.Email, _configuration.Password);
-            var jwtSecurityToken = new JwtSecurityToken(token);
-            cacheEntry.AbsoluteExpiration = jwtSecurityToken.ValidTo - TokenExpirationSkew;
+        { 
+            var token = await _apiClient.GetAccessTokenAsync(_configuration.Email, _configuration.Password);
+            var validTo = JwtHelper.GetValidTo(token);
+            cacheEntry.AbsoluteExpiration = validTo - TokenExpirationSkew;
 
             return token;
         }