I'm trying to construct a JWT token manually by building the three components and then combining them. According to this: https://jwt.io/ there are three parts to this token; a JWT header, a payload and a signature. The follwoing code seems to successfully generate the first two. but the signature is not correct :
public async Task<string> GetJWTToken(string user) { var now = DateTime.UtcNow; //constructing part 1: header.Encode() JwtHeader jwtHeader = new JwtHeader(); jwtHeader.Add("alg", JwtAlgorithms.HMAC_SHA512); var partOne = jwtHeader.Base64UrlEncode(); //constructing part 2: payload.Encode JwtPayload payload = new JwtPayload(); payload.Add("sub", user); payload.Add("nbf",ConvertToUnixTimestamp(now.AddMinutes(-10))); var partTwo = payload.Base64UrlEncode(); //constructing part 3: HS512(part1 + "." + part2, key) var tobeHashed = partOne + "." + partTwo; var sha = new HMACSHA512(Encoding.UTF8.GetBytes(ConfigurationHelper.AppSettings("JWTOfferKey"))); var hashedByteArray = sha.ComputeHash(Encoding.UTF8.GetBytes(tobeHashed)); StringBuilder partThree = new StringBuilder(); foreach (var hashedByte in hashedByteArray) { partThree.Append(hashedByte.ToString("X2")); } //token = part1 + "." + part2 + "." + part3 var tokenString = partOne + "." + partTwo + "." + Base64Encode(partThree.ToString()); return tokenString; } public static double ConvertToUnixTimestamp(DateTime date) { DateTime origin = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); TimeSpan diff = date.ToUniversalTime() - origin; return Math.Floor(diff.TotalSeconds); } public static string Base64Encode(string plainText) { var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText); return System.Convert.ToBase64String(plainTextBytes); } Does anyone know what is wrong with the last part's construction?
