Phoesion.DevJwt 1.1.0

Prefix Reserved
dotnet add package Phoesion.DevJwt --version 1.1.0                
NuGet\Install-Package Phoesion.DevJwt -Version 1.1.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Phoesion.DevJwt" Version="1.1.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Phoesion.DevJwt --version 1.1.0                
#r "nuget: Phoesion.DevJwt, 1.1.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Phoesion.DevJwt as a Cake Addin
#addin nuget:?package=Phoesion.DevJwt&version=1.1.0

// Install Phoesion.DevJwt as a Cake Tool
#tool nuget:?package=Phoesion.DevJwt&version=1.1.0                

Phoesion.DevJwt

Library and dotnet-tool for developing and testing JWT-protected web API services. Create and validate custom tokens that can be used locally, without an external authority.

How to use in your service

  1. Install the dotnet tool
dotnet tool install --global phoesion.devjwt.cli
  1. Generate token using
dotnet devjwt create myApi --email user@mail.com

console screenshot

  1. Configure in appsetting.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt",
         "SigningKeys": [
          {
             "Issuer": "phoesion.devjwt",
             "Value": "c29tZV9kZWZhdWx0X2tleV9mb3JfZGV2c18yNTZiaXQ="
          }
         ]
      }
   }
}
  1. You can now use the token for your requests.
curl -i -H "Authorization: Bearer {token}" https://localhost:{port}/secret

postman screenshot

Samples

The repository contains the following samples projects in the Samples folder :

  • SampleWebApi : an ASP.Net core web API application (net7.0 and above)
  • SampleWebApi_Older : an ASP.Net core web API application (net6.0 and net5.0)
  • SampleGlowMicroservice : a Phoesion Glow microservice
  • TokenGeneratorSample : a console application that demonstrates how to generate token programmatically

Custom signing key

By default, the generator and validator use a predefined key for signing/verifying the token. This way it will pass validation and you don't need to care about where/how the token was generated (doesn't use UserSecrets store), which is fine since it's for local development and testing.

You can however generate/validate tokens using a custom key like so :

  • In the tool specify a key to be used for signing the token using the --signkey parameter :
dotnet devjwt create myApi --email user@mail.com --sub 42 --signkey thiskeyisverylargetobreak
  • Encode the key in base64 format (so you can add it in your appsettings.Development.json)
dotnet devjwt encode-key thiskeyisverylargetobreak
  • Add the key in your appsettings.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt"
         "SigningKeys": [
          {
             "Issuer": "phoesion.devjwt",
             "Value": "dGhpc2tleWlzdmVyeWxhcmdldG9icmVhaw==" // <-- Set your new encoded key here
          }
         ]
      }
   }
}

Generate tokens programmatically

You can also generate tokens programmatically using the TokenGenerator

  1. Add the Phoesion.DevJwt NuGet package to your project
dotnet add package Phoesion.DevJwt
  1. Use TokenGenerator
string userId = new Guid().ToString();
string email = "john.doe@example.com";
string audience = "myApi";

var token = TokenGenerator.Create(audience, email, userId)
                          .AddScope("openid", "profile")
                          .AddRole("admin")
                          .AddClaim("username", "johndoe")
                          .ExpiresIn(TimeSpan.FromDays(365))
                          .Build();

How to use in net6.0 and net5.0 projects

  1. Add the Phoesion.DevJwt NuGet package to your web API project
dotnet add package Phoesion.DevJwt
  1. Enable dev-jwt on your JWT authorization services using the UseDevJwt() extension
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(o => o.UseDevJwt(builder.Environment));

Notes : it only enables in 'Development' and 'Testing' environments

  1. Configure in appsetting.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt"
      }
   }
}
Product Compatible and additional computed target framework versions.
.NET net5.0 is compatible.  net5.0-windows was computed.  net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 is compatible.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 is compatible. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.1.0 479 11/19/2024
1.0.1 9,779 11/24/2023
0.2.1 374 4/27/2023
0.2.0 165 4/27/2023
0.1.9 288 4/27/2023
0.1.8 172 4/27/2023
0.1.7 262 4/26/2023
0.1.6 154 4/26/2023
0.1.5 172 4/26/2023
0.1.4 186 4/26/2023
0.1.3 176 4/26/2023
0.1.2 173 4/25/2023