2

I have a .PEM file which contain my private key. I also do know my header's and payload to be passed.

But I cannot find a method which can be used to encode jwt using these payload , header, key .

I found python code for the same.

    import jwt
import datetime as dt

client_id = 'SEARCHADS.27478e71-3bb0-4588-998c-182e2b405577'
team_id = 'SEARCHADS.27478e71-3bb0-4588-998c-182e2b405577' 
key_id = 'bacaebda-e219-41ee-a907-e2c25b24d1b2' 
audience = 'https://appleid.apple.com'
alg = 'ES256'

# Define issue timestamp.
issued_at_timestamp = int(dt.datetime.utcnow().timestamp())
# Define expiration timestamp. May not exceed 180 days from issue timestamp.
expiration_timestamp = issued_at_timestamp + 86400*180 

# Define JWT headers.
headers = dict()
headers['alg'] = alg
headers['kid'] = key_id

# Define JWT payload.
payload = dict()
payload['sub'] = client_id
payload['aud'] = audience
payload['iat'] = issued_at_timestamp
payload['exp'] = expiration_timestamp
payload['iss'] = team_id 

# Path to signed private key.
KEY_FILE = 'private-key.pem' 

with open(KEY_FILE,'r') as key_file:
     key = ''.join(key_file.readlines())

client_secret = jwt.encode(
payload=payload,  
headers=headers,
algorithm=alg,  
key=key
)

with open('client_secret.txt', 'w') as output: 
     output.write(client_secret.decode("utf-8"))
Sreekumar
  • 33
  • 1
  • 6
  • The Python code does not encrypt. The token is only signed (JWS). This is possible with JOSE packages (which are also available for C#). – Topaco Jul 16 '21 at 07:27
  • @user9014097 Thanks for the reply, I have gone through the jose package , but not able to find a relevant solution corresponding to this python code – Sreekumar Jul 16 '21 at 09:01
  • Which package did you use? This is actually basic functionality, s. [jose-jwt](https://github.com/dvsekhvalnov/jose-jwt/blob/master/UnitTests/TestSuite.cs#L495). It may be that the key needs to be converted to a format that the library in question supports, but that would be a secondary issue. – Topaco Jul 16 '21 at 09:59
  • I have a .pem file of my private key . I want to know how can I use it to encode jwt. something similar to jwt.encode( payload=payload, headers=headers, algorithm=alg, key=key //.pem file ) Jose do have some great implementation. but nothing satisfies my requirement. I am getting a PEM file which need to be signed using jwt – Sreekumar Jul 16 '21 at 10:15
  • You need to find a library that supports JWT and PEM keys. Next best option is a library that supports JWT and you convert your PEM key to the format that the library supports. Please note, that library recommendations are off-topic on SO. – Topaco Jul 16 '21 at 10:24
  • Also check this post: [how-to-sign-encrypt-jwt-in-c-sharp-with-pem-key](https://stackoverflow.com/q/50799516/9014097). – Topaco Jul 16 '21 at 10:42
  • @user9014097 : I went through many solutions, but cant find a reliable solution which satisfies my requirement. Can you let me know , which format i should convert my .pem file to run in c# code . – Sreekumar Jul 19 '21 at 13:52

0 Answers0