Comments (4)
So you are saying that that the JWT token only supports ASCII characters. Can't you encode/decode your Unicode chars to ASCII characters?
from authpermissions.aspnetcore.
The problem is the key for signing and validating the token. if you use a key that only has ASCII characters in it then all is fine because you can reversibly encode between a string and a byte[]. However if you are starting with a byte array that has been generated by a cryptographic algorithm you get bytes that aren't encoded into an ASCII string and therefore not reversible to the original byte[].
from authpermissions.aspnetcore.
Of course you can:
- Encoding.UTF8.GetBytes(stringValue);
- Encoding.UTF8.GetString(value)
from authpermissions.aspnetcore.
Those Methods are not reversible when you provide a a completely random byte[]. Using the following to create a key
PS C:\Users\Pyros> $keygen = [System.Security.Cryptography.AesManaged]::Create()
PS C:\Users\Pyros> $keygen.GenerateKey()
PS C:\Users\Pyros> $keygen.Key
188
12
225
208
221
196
251
128
164
82
160
192
154
131
137
86
223
171
123
38
2
81
70
207
144
205
133
114
45
72
218
71
Feeding that key into any of the following method calls produces a string that is not equivalent to the input byte[].
PS C:\Users\Pyros> [System.Text.Encoding]::ASCII.GetBytes([System.Text.Encoding]::ASCII.GetString($keygen.Key))
63
12
63
63
63
63
63
63
63
82
63
63
63
63
63
86
63
63
123
38
2
81
70
63
63
63
63
114
45
72
63
71
PS C:\Users\Pyros> [System.Text.Encoding]::ASCII.GetBytes([System.Text.Encoding]::UTF8.GetString($keygen.Key))
63
12
63
63
63
63
63
63
63
82
63
63
63
63
63
86
63
123
38
2
81
70
63
63
114
45
72
63
71
PS C:\Users\Pyros> [System.Text.Encoding]::UTF8.GetBytes([System.Text.Encoding]::UTF8.GetString($keygen.Key))
239
191
189
12
239
191
189
239
191
189
239
191
189
239
191
189
239
191
189
239
191
189
239
191
189
82
239
191
189
239
191
189
239
191
189
239
191
189
239
191
189
86
223
171
123
38
2
81
70
207
144
205
133
114
45
72
239
191
189
71
Therefore requiring providing a string for the signing key does not allow for using keys that have been generated from the crypto classes in .NET and for that matter keys from certificates.
from authpermissions.aspnetcore.
Related Issues (20)
- Each Created Tenant should have Admin Role HOT 1
- Extend UsingEfCoreSqlServer to be able to influence DbContextOptionsBuilder HOT 2
- Startup failing with EF Core 7 HOT 3
- User who has rights in several tenants HOT 3
- Invite user that already invited on another tenant by same email Id. HOT 1
- AddSingleTenantReadWriteQueryFilter for Entity type hierarchy HOT 6
- Potential error in Wiki for Setup Authentication HOT 1
- SQLite and GRPC HOT 14
- .net 7 Error Sharding Example HOT 1
- AuthP support for UserNames? HOT 4
- API using AuthP and AzureAd Token HOT 1
- Some claim changes ignored until logout/login HOT 3
- Enable Audit functionality on Tenant HOT 4
- ShardingServices - value cannot be null due to update to 5.0.1 HOT 6
- User access in multiple tenants HOT 4
- Support .NET 8 HOT 4
- The name of the database date can't be null HOT 15
- Soft Delete HOT 1
- Create admin user with tenant admin role HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authpermissions.aspnetcore.