Remove usage of "legacy" System.IdentityModel.Tokens.Jwt

Platform/Dnn.AuthServices.Jwt/Components/Common/Controllers/JwtController.cs

DNN Platform/Dnn.AuthServices.Jwt/Components/Common/Controllers/JwtController.cs

@@ -6,7 +6,6 @@ namespace Dnn.AuthServices.Jwt.Components.Common.Controllers
 {
     using System;
     using System.Collections.Generic;
-    using System.IdentityModel.Tokens.Jwt;
     using System.Linq;
     using System.Net.Http;
     using System.Net.Http.Headers;
@@ -25,10 +24,9 @@ namespace Dnn.AuthServices.Jwt.Components.Common.Controllers
     using DotNetNuke.Security.Membership;
     using DotNetNuke.Web.Api;
 
+    using Microsoft.IdentityModel.JsonWebTokens;
     using Microsoft.IdentityModel.Tokens;
 
-    using Newtonsoft.Json;
-
     /// <summary>Controls JWT features.</summary>
     internal class JwtController : ServiceLocator<IJwtController, JwtController>, IJwtController
     {
@@ -83,7 +81,7 @@ public bool LogoutUser(HttpRequestMessage request)
                 return false;
             }
 
-            var jwt = new JwtSecurityToken(rawToken);
+            var jwt = new JsonWebToken(rawToken);
             var sessionId = GetJwtSessionValue(jwt);
             if (string.IsNullOrEmpty(sessionId))
             {
@@ -155,7 +153,7 @@ public LoginResultData LoginUser(HttpRequestMessage request, LoginData loginData
             // save hash values in DB so no one with access can create JWT header from existing data
             var sessionId = NewSessionId;
             var now = DateTime.UtcNow;
-            string renewalToken = string.Empty;
+            string renewalToken;
             lock (hasherLock)
             {
                 renewalToken = EncodeBase64(Hasher.ComputeHash(Guid.NewGuid().ToByteArray()));
@@ -318,17 +316,16 @@ private static string CreateJwtToken(byte[] symmetricKey, string issuer, Persist
                 Subject = subject,
                 SigningCredentials = signingCredentials,
             };
-            var tokenHandler = new JwtSecurityTokenHandler();
-            var securityToken = tokenHandler.CreateToken(tokenDescriptor);
-            return tokenHandler.WriteToken(securityToken);
+            var tokenHandler = new JsonWebTokenHandler();
+            return tokenHandler.CreateToken(tokenDescriptor);
         }
 
-        private static JwtSecurityToken GetAndValidateJwt(string rawToken, bool checkExpiry)
+        private static JsonWebToken GetAndValidateJwt(string rawToken, bool checkExpiry)
         {
-            JwtSecurityToken jwt;
+            JsonWebToken jwt;
             try
             {
-                jwt = new JwtSecurityToken(rawToken);
+                jwt = new JsonWebToken(rawToken);
             }
             catch (Exception ex)
             {
@@ -364,7 +361,7 @@ private static JwtSecurityToken GetAndValidateJwt(string rawToken, bool checkExp
             return jwt;
         }
 
-        private static string GetJwtSessionValue(JwtSecurityToken jwt)
+        private static string GetJwtSessionValue(JsonWebToken jwt)
         {
             var sessionClaim = jwt?.Claims?.FirstOrDefault(claim => SessionClaimType.Equals(claim.Type));
             return sessionClaim?.Value;
@@ -396,7 +393,7 @@ private static string EncodeBase64(byte[] data)
 
         private static string GetHashedStr(string data)
         {
-            string hash = string.Empty;
+            string hash;
             lock (hasherLock)
             {
                 hash = EncodeBase64(Hasher.ComputeHash(TextEncoder.GetBytes(data)));
@@ -496,14 +493,13 @@ private string ValidateAuthorizationValue(string authorization)
                 return null;
             }
 
-            var header = JsonConvert.DeserializeObject<JwtHeader>(decoded);
-            if (!this.IsValidSchemeType(header))
+            var jwt = GetAndValidateJwt(authorization, true);
+            if (jwt == null)
             {
                 return null;
             }
 
-            var jwt = GetAndValidateJwt(authorization, true);
-            if (jwt == null)
+            if (!this.IsValidSchemeType(jwt))
             {
                 return null;
             }
@@ -512,13 +508,13 @@ private string ValidateAuthorizationValue(string authorization)
             return userInfo?.Username;
         }
 
-        private bool IsValidSchemeType(JwtHeader header)
+        private bool IsValidSchemeType(JsonWebToken token)
         {
-            if (!this.SchemeType.Equals(header["typ"] as string, StringComparison.OrdinalIgnoreCase))
+            if (!this.SchemeType.Equals(token.Typ, StringComparison.OrdinalIgnoreCase))
             {
                 if (Logger.IsTraceEnabled)
                 {
-                    Logger.Trace("Unsupported authentication scheme type " + header.Typ);
+                    Logger.Trace("Unsupported authentication scheme type " + token.Typ);
                 }
 
                 return false;
@@ -527,7 +523,7 @@ private bool IsValidSchemeType(JwtHeader header)
             return true;
         }
 
-        private UserInfo TryGetUser(JwtSecurityToken jwt, bool checkExpiry)
+        private UserInfo TryGetUser(JsonWebToken jwt, bool checkExpiry)
         {
             // validate against DB saved data
             var sessionId = GetJwtSessionValue(jwt);
@@ -556,7 +552,7 @@ private UserInfo TryGetUser(JwtSecurityToken jwt, bool checkExpiry)
                 }
             }
 
-            if (persistedToken.TokenHash != GetHashedStr(jwt.RawData))
+            if (persistedToken.TokenHash != GetHashedStr(jwt.EncodedToken))
             {
                 if (Logger.IsTraceEnabled)
                 {

DNN Platform/Dnn.AuthServices.Jwt/Dnn.AuthServices.Jwt.csproj

@@ -83,9 +83,6 @@
     <Reference Include="System.Core" />
     <Reference Include="System.Data" />
     <Reference Include="System.IdentityModel" />
-    <Reference Include="System.IdentityModel.Tokens.Jwt, Version=8.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <HintPath>..\..\packages\System.IdentityModel.Tokens.Jwt.8.3.1\lib\net472\System.IdentityModel.Tokens.Jwt.dll</HintPath>
-    </Reference>
     <Reference Include="System.IO.Pipelines, Version=9.0.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
       <HintPath>..\..\packages\System.IO.Pipelines.9.0.1\lib\net462\System.IO.Pipelines.dll</HintPath>
     </Reference>

DNN Platform/Dnn.AuthServices.Jwt/Dnn.Jwt.dnn

@@ -23,10 +23,6 @@
               <path>bin</path>
               <name>Dnn.AuthServices.Jwt.dll</name>
             </assembly>
-            <assembly>
-              <path>bin</path>
-              <name>System.IdentityModel.Tokens.Jwt.dll</name>
-            </assembly>
             <assembly>
               <path>bin</path>
               <name>Microsoft.IdentityModel.Abstractions.dll</name>
@@ -135,6 +131,14 @@
             </uninstall>
           </config>
         </component>
+        <component type="Cleanup">
+          <files>
+            <file>
+              <path>bin</path>
+              <name>System.IdentityModel.Tokens.Jwt.dll</name>
+            </file>
+          </files>
+        </component>
       </components>
     </package>
   </packages>

DNN Platform/Dnn.AuthServices.Jwt/Library.build

@@ -16,7 +16,6 @@
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\$(AssemblyName).dll" DestinationFolder="$(WebsitePath)/bin" />
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\$(AssemblyName).pdb" DestinationFolder="$(WebsitePath)/bin" />
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\$(AssemblyName).xml" DestinationFolder="$(WebsitePath)/bin" />
-    <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\System.IdentityModel.Tokens.Jwt.dll" DestinationFolder="$(WebsitePath)/bin" />
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\Microsoft.IdentityModel.Tokens.dll" DestinationFolder="$(WebsitePath)/bin" />
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\Microsoft.IdentityModel.JsonWebTokens.dll" DestinationFolder="$(WebsitePath)/bin" />
     <Copy SourceFiles="$(MSBuildProjectDirectory)\bin\Microsoft.IdentityModel.Logging.dll" DestinationFolder="$(WebsitePath)/bin" />

DNN Platform/Dnn.AuthServices.Jwt/packages.config

@@ -17,7 +17,6 @@
   <package id="Newtonsoft.Json.Bson" version="1.0.2" targetFramework="net48" />
   <package id="StyleCop.Analyzers" version="1.1.118" targetFramework="net48" developmentDependency="true" />
   <package id="System.Buffers" version="4.6.0" targetFramework="net48" />
-  <package id="System.IdentityModel.Tokens.Jwt" version="8.3.1" targetFramework="net48" />
   <package id="System.IO.Pipelines" version="9.0.1" targetFramework="net48" />
   <package id="System.Memory" version="4.6.0" targetFramework="net48" />
   <package id="System.Numerics.Vectors" version="4.6.0" targetFramework="net48" />

DNN Platform/Tests/DotNetNuke.Tests.Web/App.config

@@ -68,7 +68,7 @@
             </dependentAssembly>
             <dependentAssembly>
                 <assemblyIdentity name="System.Text.Json" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
-                <bindingRedirect oldVersion="0.0.0.0-9.0.0.1" newVersion="9.0.0.1" />
+                <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
             </dependentAssembly>
             <dependentAssembly>
                 <assemblyIdentity name="nunit.framework" publicKeyToken="2638cd05610744eb" culture="neutral" />