TextEncodings.Base64Url.Decode 与 Convert.FromBase64String [英] TextEncodings.Base64Url.Decode vs Convert.FromBase64String

问题描述

我正在努力创建一种可以生成 JWT 令牌的方法.该方法的一部分从我的 web.config 中读取一个值，该值作为秘密"服务，用于生成用于为 JWT 令牌创建签名的哈希.

I was working on creating a method that would generate a JWT token. Part of the method reads a value from my web.config that services as the "secret" used to generate the hash used to create the signature for the JWT token.

<add key="MySecret" value="j39djak49H893hsk297353jG73gs72HJ3tdM37Vk397" />

最初我尝试使用以下方法将秘密"值转换为字节数组.

Initially I tried using the following to convert the "secret" value to a byte array.

byte[] key = Convert.FromBase64String(ConfigurationManager.AppSettings["MySecret"]);

但是，当到达这一行时抛出了异常......

However, an exception was thrown when this line was reached ...

输入不是有效的 Base-64 字符串，因为它包含非 base-64 字符、两个以上的填充字符或填充字符中的非法字符.

所以我查看了 OAuth 代码，并使用了另一种方法将 base64 字符串更改为字节数组

So I looked into the OAuth code and so another method being used to change a base64 string into a byte array

byte[] key = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["MySecret"]);

此方法没有问题.在我看来，他们似乎在做同样的事情.将 Base64 文本值更改为字节数组.但是，我一定错过了什么.为什么 Convert.FromBase64String 失败而 TextEncodings.Base64Url.Decode 工作?

This method worked without issue. To me it looks like they are doing the same thing. Changing a Base64 text value into an array of bytes. However, I must be missing something. Why does Convert.FromBase64String fail and TextEncodings.Base64Url.Decode work?

推荐答案

我在将身份验证服务迁移到 .NET Core 时遇到了同样的问题.我查看了我们在之前的实现中使用的库的源代码，不同之处实际上在于名称本身.

I came across the same thing when I migrated our authentication service to .NET Core. I had a look at the source code for the libraries we used in our previous implementation, and the difference is actually in the name itself.

TextEncodings 类有两种类型的文本编码器，Base64TextEncoder 和 Base64UrlEncoder.后者稍微修改了字符串，因此可以在 url 中使用 base64 字符串.

The TextEncodings class has two types of text encoders, Base64TextEncoder and Base64UrlEncoder. The latter one modifies the string slightly so the base64 string can be used in an url.

我的理解是，相当普遍将 + 和/替换为 - 和 _.事实上，我们一直在用我们的握手令牌做同样的事情.此外，还可以删除末尾的填充字符.这给我们留下了以下实现(这是来自源代码):

My understanding is that it is quite common to replace + and / with - and _. As a matter of fact we have been doing the same with our handshake tokens. Additionally the padding character(s) at the end can also be removed. This leaves us with the following implementation (this is from the source code):

public class Base64UrlTextEncoder : ITextEncoder
{
    public string Encode(byte[] data)
    {
        if (data == null)
        {
            throw new ArgumentNullException("data");
        }

        return Convert.ToBase64String(data).TrimEnd('=').Replace('+', '-').Replace('/', '_');
    }

    public byte[] Decode(string text)
    {
        if (text == null)
        {
            throw new ArgumentNullException("text");
        }

        return Convert.FromBase64String(Pad(text.Replace('-', '+').Replace('_', '/')));
    }

    private static string Pad(string text)
    {
        var padding = 3 - ((text.Length + 3) % 4);
        if (padding == 0)
        {
            return text;
        }
        return text + new string('=', padding);
    }
}

这篇关于TextEncodings.Base64Url.Decode 与 Convert.FromBase64String的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！