WCF/WIF: JWT Token Validator


Issue:

Client > JWT Token -> REST Service -> SOAP Service

Steps:
========
1. User call the REST Web Service (Web API Service)
2. Web API service redirect the client to STS (Token Manager), after presenting the correct credentials. User Get the JWT token.
3. Now Web API makes the call to WCF SOAP Service and presents the token.
4. Web API and WCF SOAP service can be on different machine.
5. User wants to send the received claims via Web API to SOAP service.
6. We want WCF SOAP service to validate the JWT token and authorize as well.
Like validity of token and claims associated.

Capture

Get JWT Token Assembly:

https://msdn.microsoft.com/en-us/library/dn205064(v=vs.110).aspx

Run following command to install the package with VS:
PM> Install-Package System.IdentityModel.Tokens.Jwt

Client Side:

All my client does is create a hard coded JWT token via code and send it to server.

Server side:

WCF service is implemented with a "IDispatchMessageInspector" which will provide me access to "AfterReceiveRequest" method to parse the incoming token.

Finally we can see and set the received claims:

var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken validatedToken;

var claimsPrincipal = tokenHandler.ValidateToken(myEncryptedToken, tokenValidationParameters, out validatedToken);

// Parse the Security Token and set the claims.
Service1.CustomClaimsIdentity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;

Please get the complete sample:

https://1drv.ms/u/s!ArgnWb8iHXB6gpcWMJQ7aeM4u3YLKA

Hope this help!

Saurabh Somani

Comments (0)

Skip to main content