Adding ASP.NET Core, OWIN intergration packages (#231)

* Added JWT.Extensions.AspNetCore: JwtAuthenticationMiddleware (stub), JwtAuthenticationHandler
* Added JWT.Extensions.AspNetCore.Tests (unit and integration)
* Added JWT.Extensions.Owin: JwtAuthenticationMiddleware (stub)
* Updated README, LICENSE

JWT.sln

@@ -26,6 +26,14 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".pipelines", ".pipelines",
 		.pipelines\build.yml = .pipelines\build.yml
 	EndProjectSection
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "JWT.Extensions.AspNetCore", "src\JWT.Extensions.AspNetCore\JWT.Extensions.AspNetCore.csproj", "{3AC25D69-9863-45ED-A767-2809C46CB5A1}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "JWT.Extensions.AspNetCore.Tests", "tests\JWT.Extensions.AspNetCore.Tests\JWT.Extensions.AspNetCore.Tests.csproj", "{319388E9-1529-46B2-A230-2B978BAC4649}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "JWT.Extensions.Owin", "src\JWT.Extensions.Owin\JWT.Extensions.Owin.csproj", "{D3001A7C-5C10-4393-8713-F8C899F91A4A}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "JWT.Extensions.Owin.Tests", "tests\JWT.Extensions.Owin.Tests\JWT.Extensions.Owin.Tests.csproj", "{4B65AB99-C173-4B8E-B535-95008F4B4328}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -48,6 +56,22 @@ Global
 		{5D0282D5-9CC4-4D42-A3F0-E18270F92184}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{5D0282D5-9CC4-4D42-A3F0-E18270F92184}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{5D0282D5-9CC4-4D42-A3F0-E18270F92184}.Release|Any CPU.Build.0 = Release|Any CPU
+		{3AC25D69-9863-45ED-A767-2809C46CB5A1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{3AC25D69-9863-45ED-A767-2809C46CB5A1}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{3AC25D69-9863-45ED-A767-2809C46CB5A1}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{3AC25D69-9863-45ED-A767-2809C46CB5A1}.Release|Any CPU.Build.0 = Release|Any CPU
+		{319388E9-1529-46B2-A230-2B978BAC4649}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{319388E9-1529-46B2-A230-2B978BAC4649}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{319388E9-1529-46B2-A230-2B978BAC4649}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{319388E9-1529-46B2-A230-2B978BAC4649}.Release|Any CPU.Build.0 = Release|Any CPU
+		{D3001A7C-5C10-4393-8713-F8C899F91A4A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{D3001A7C-5C10-4393-8713-F8C899F91A4A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{D3001A7C-5C10-4393-8713-F8C899F91A4A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{D3001A7C-5C10-4393-8713-F8C899F91A4A}.Release|Any CPU.Build.0 = Release|Any CPU
+		{4B65AB99-C173-4B8E-B535-95008F4B4328}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{4B65AB99-C173-4B8E-B535-95008F4B4328}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{4B65AB99-C173-4B8E-B535-95008F4B4328}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{4B65AB99-C173-4B8E-B535-95008F4B4328}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

LICENSE.md

@@ -0,0 +1,21 @@
+# Public Domain
+
+Written by John Sheehan (http://john-sheehan.com)
+
+This work is public domain.
+
+The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
+
+For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/
+
+# MIT
+
+Copyright (c) 2019 Jwt.Net Maintainers and Contributors.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please visit: https://opensource.org/licenses/MIT

README.md

@@ -1,29 +1,43 @@
-[![NuGet](https://img.shields.io/nuget/v/jwt.svg)](https://www.nuget.org/packages/JWT)
-[![NuGet Pre](https://img.shields.io/nuget/vpre/jwt.svg)](https://www.nuget.org/packages/JWT)
-[![Build status](https://abatishchev.visualstudio.com/OpenSource/_apis/build/status/Jwt.Net-CI)](https://abatishchev.visualstudio.com/OpenSource/_build/latest?definitionId=7)
+[![Build status](https://abatishchev.visualstudio.com/OpenSource/_apis/build/status/Jwt.Net-CI)](https://abatishchev.visualstudio.com/OpenSource/_build/latest?definitionId=7)
 [![Release status](https://abatishchev.vsrm.visualstudio.com/_apis/public/Release/badge/b7fc2610-91d5-4968-814c-97a9d76b03c4/2/2)](https://abatishchev.visualstudio.com/OpenSource/_release?_a=releases&view=mine&definitionId=2)
 
 # Jwt.Net, a JWT (JSON Web Token) implementation for .NET
 
 This library supports generating and decoding [JSON Web Tokens](https://tools.ietf.org/html/rfc7519).
 
-## Installation
-Package is avaliable via [NuGet](https://nuget.org/packages/JWT). Or you can download and compile it yourself.
+## Avaliable packages
+
+1. [Jwt.Net](#JwtNet)
+2. [Jwt.Net for ASP.NET Core](#JwtNet-ASPNET-Core)
+3. [Jwt.Net for Owin](#JwtNet-OWIN)
 
 ## Supported .NET versions:
+
 - .NET Framework 4.6.0
 - .NET Framework 4.7.2
 - .NET Standard 1.3
 - .NET Standard 2.0
 
 ## License
 
-This project is licensed under Public Domain, see the [LICENSE](LICENSE.txt) file.
+The following projects and their resulting packages are licensed under Public Domain, see the [LICENSE#Public-Domain](LICENSE.md#MIT) file.
+
+- JWT 
+
+The following projects and their resulting packages are licensed under the MIT License, see the [LICENSE#MIT](LICENSE.md#MIT) file.
+
+- JWT.Extensions.AspNetCore
 
-However, the maintainer ([@abatishchev](https://github.com/abatishchev)) shares the values of [Hippocratic License](https://firstdonoharm.dev/version/1/1/license.txt).
+In addition the maintainer ([@abatishchev](https://github.com/abatishchev)) of this repository also shares the values of the [Hippocratic License](https://firstdonoharm.dev/version/1/1/license.txt).
 
-## Usage
-### Creating (encoding) token
+### Jwt.NET
+
+#### NuGet
+
+[![NuGet](https://img.shields.io/nuget/v/JWT.svg)](https://www.nuget.org/packages/JWT)
+[![NuGet Pre](https://img.shields.io/nuget/vpre/JWT.svg)](https://www.nuget.org/packages/JWT)
+
+#### Creating (encoding) token
 
 ```c#
 var payload = new Dictionary<string, object>
@@ -42,7 +56,7 @@ var token = encoder.Encode(payload, secret);
 Console.WriteLine(token);
 ```
 
-### Or using the fluent builder API
+#### Or using the fluent builder API
 
 ```c#
   var token = new JwtBuilder()
@@ -59,7 +73,7 @@ The output would be:
 
 >eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGFpbTEiOjAsImNsYWltMiI6ImNsYWltMi12YWx1ZSJ9.8pwBI_HtXqI3UgQHQ_rDRnSQRxFL1SR8fbQoS-5kM5s
 
-### Parsing (decoding) and verifying token
+#### Parsing (decoding) and verifying token
 
 ```c#
 const string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGFpbTEiOjAsImNsYWltMiI6ImNsYWltMi12YWx1ZSJ9.8pwBI_HtXqI3UgQHQ_rDRnSQRxFL1SR8fbQoS-5kM5s";
@@ -86,7 +100,7 @@ catch (SignatureVerificationException)
 }
 ```
 
-### Or using the fluent builder API
+#### Or using the fluent builder API
 
 ```c#
 try
@@ -118,7 +132,7 @@ var payload = decoder.DecodeToObject<IDictionary<string, object>>(token, secret)
 Console.WriteLine(payload["claim2"]);
  ```
 
-### Or using the fluent builder API
+#### Or using the fluent builder API
 
 ```c#
 var payload = new JwtBuilder()
@@ -132,7 +146,7 @@ The output would be:
 
 >claim2-value
 
-### Set and validate token expiration
+#### Set and validate token expiration
 
 As described in the [JWT RFC](https://tools.ietf.org/html/rfc7519#section-4.1.4), the `exp` "claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing." If an `exp` claim is present and is prior to the current time the token will fail verification. The exp (expiry) value must be specified as the number of seconds since 1/1/1970 UTC.
 
@@ -152,7 +166,7 @@ var token = encoder.Encode(payload, secret);
 var json = decoder.Decode(token, secret); // throws TokenExpiredException
 ```
 
-### Custom JSON serializer
+#### Custom JSON serializer
 
 By default JSON serialization is performed by JsonNetSerializer implemented using [Json.Net](https://www.json.net). To use a different one, implement the `IJsonSerializer` interface:
 
@@ -180,7 +194,7 @@ IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
 IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
 ```
 
-### Custom JSON serialization settings with the default JsonNetSerializer
+#### Custom JSON serialization settings with the default JsonNetSerializer
 
 As mentioned above, the default JSON serialization is done by `JsonNetSerializer`. You can define your own custom serialization settings as follows:
 
@@ -204,3 +218,72 @@ JsonSerializer customJsonSerializer = new JsonSerializer
 };
 IJsonSerializer serializer = new JsonNetSerializer(customJsonSerializer);
 ```
+
+### Jwt.Net ASP.NET Core
+
+#### NuGet
+
+[![NuGet](https://img.shields.io/nuget/v/JWT.Extensions.AspNetCore.svg)](https://www.nuget.org/packages/JWT.Extensions.AspNetCore)
+[![NuGet Pre](https://img.shields.io/nuget/vpre/JWT.Extensions.AspNetCore.svg)](https://www.nuget.org/packages/JWT.Extensions.AspNetCore)
+
+#### Register authentication handler to validate JWT
+
+```c#
+public void ConfigureServices(IServiceCollection services)
+{
+    services.AddAuthentication(options =>
+                 {
+                     options.DefaultAuthenticateScheme = JwtAuthenticationDefaults.AuthenticationScheme;
+                     options.DefaultChallengeScheme = JwtAuthenticationDefaults.AuthenticationScheme;
+                 })
+            .AddJwt(options =>
+                 {
+                     // secrets
+                     options.Keys = new[] { "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk" };
+
+                     // force JwtDecoder to throw exception if JWT signature is invalid
+                     options.VerifySignature = true;
+                 });
+}
+
+public void Configure(IApplicationBuilder app)
+{
+    app.UseAuthentication();
+}
+```
+
+#### Custom factories to produce Identity or AuthneticationTicket
+
+```c#
+options.IdentityFactory = dic => new ClaimsIdentity(
+    dic.Select(p => new Claim(p.Key, p.Value)));
+
+options.TicketFactory = (identity, scheme) => new AuthenticationTicket(
+    new ClaimsPrincipal(identity),
+    new AuthenticationProperties(),
+    scheme.Name);
+```
+
+#### Register middleware to validate JWT
+
+```c#
+app.UseJwtMiddleware();
+```
+
+**Note:** work in progress as the scenario/usage is not designed yet. The registered will do nothing but throw an exception.
+
+
+### Jwt.Net OWIN
+
+#### NuGet
+
+[![NuGet](https://img.shields.io/nuget/v/JWT.Extensions.Owin.svg)](https://www.nuget.org/packages/JWT.Extensions.Owin)
+[![NuGet Pre](https://img.shields.io/nuget/vpre/JWT.Extensions.Owin.svg)](https://www.nuget.org/packages/JWT.Extensions.Owin)
+
+#### Register middleware to validate JWT
+
+```c#
+app.UseJwtMiddleware();
+```
+
+**Note:** work in progress as the scenario/usage is not designed yet. The registered will do nothing but throw an exception.

src/Directory.Build.props

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <PackageProjectUrl>https://github.com/jwt-dotnet/jwt</PackageProjectUrl>
+    <PackageReleaseNotes>https://github.com/jwt-dotnet/jwt/releases</PackageReleaseNotes>
+    <RepositoryUrl>https://github.com/jwt-dotnet/jwt</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+
+    <EnableSourceControlManagerQueries>$(EnableSourceLink)</EnableSourceControlManagerQueries>
+    <PublishRepositoryUrl>true</PublishRepositoryUrl>
+    <EmbedUntrackedSources>true</EmbedUntrackedSources>
+    <AllowedOutputExtensionsInPackageBuildOutputFolder>$(AllowedOutputExtensionsInPackageBuildOutputFolder);.pdb</AllowedOutputExtensionsInPackageBuildOutputFolder>
+  </PropertyGroup>
+</Project>

src/JWT.Extensions.AspNetCore/ApplicationBuilderExtensions.cs

@@ -0,0 +1,25 @@
+using System;
+using Microsoft.AspNetCore.Builder;
+
+namespace JWT
+{
+    /// <summary>
+    /// Extension methods for <see cref="IApplicationBuilder"/> to add the JWT authentication/authorization to the pipeline.
+    /// </summary>
+    public static class ApplicationBuilderExtensions
+    {
+        /// <summary>
+        /// Adds the <see cref="JwtAuthenticationMiddleware" /> to the specified <see cref="IApplicationBuilder" />, which enables authentication/authorization using JWT.
+        /// </summary>
+        /// <returns>
+        /// The <see cref="IApplicationBuilder" />.
+        /// </returns>
+        public static IApplicationBuilder UseJwtMiddleware(this IApplicationBuilder app)
+        {
+            if (app == null)
+                throw new ArgumentNullException(nameof(app));
+
+            return app.UseMiddleware<JwtAuthenticationMiddleware>();
+        }
+    }
+}

src/JWT.Extensions.AspNetCore/AuthenticationAppBuilderExtensions.cs

@@ -0,0 +1,31 @@
+using System;
+using JWT.Internal;
+using JWT.Serializers;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+
+namespace JWT
+{
+    public static class AuthenticationAppBuilderExtensions
+    {
+        public static AuthenticationBuilder AddJwt(this AuthenticationBuilder builder) =>
+            builder.AddJwt(JwtAuthenticationDefaults.AuthenticationScheme);
+
+        public static AuthenticationBuilder AddJwt(this AuthenticationBuilder builder, string authenticationScheme) =>
+            builder.AddJwt(authenticationScheme, null);
+
+        public static AuthenticationBuilder AddJwt(this AuthenticationBuilder builder, Action<JwtAuthenticationOptions> configureOptions) =>
+            builder.AddJwt(JwtAuthenticationDefaults.AuthenticationScheme, configureOptions);
+
+        public static AuthenticationBuilder AddJwt(this AuthenticationBuilder builder, string authenticationScheme, Action<JwtAuthenticationOptions> configureOptions)
+        {
+            builder.Services.TryAddSingleton<IJwtDecoder, JwtDecoder>();
+            builder.Services.TryAddSingleton<IJsonSerializer, JsonNetSerializer>();
+            builder.Services.TryAddSingleton<IJwtValidator, JwtValidator>();
+            builder.Services.TryAddSingleton<IBase64UrlEncoder, JwtBase64UrlEncoder>();
+            builder.Services.TryAddSingleton<IDateTimeProvider, SystemClockDatetimeProvider>();
+
+            return builder.AddScheme<JwtAuthenticationOptions, JwtAuthenticationHandler>(authenticationScheme, configureOptions);
+        }
+    }
+}

src/JWT.Extensions.AspNetCore/CertificateAuthenticationDefaults.cs

@@ -0,0 +1,13 @@
+namespace JWT
+{
+    /// <summary>
+    /// Default values related to Jwt authentication/authorization
+    /// </summary>
+    public static class JwtAuthenticationDefaults
+    {
+        /// <summary>
+        /// The default value used for <see cref="JwtAuthenticationOptions" />.
+        /// </summary>
+        public const string AuthenticationScheme = "Bearer";
+    }
+}

src/JWT.Extensions.AspNetCore/Internal/DefaultIdentityFactory.cs

@@ -0,0 +1,21 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Security.Principal;
+
+namespace JWT.Internal
+{
+    internal static class DefaultIdentityFactory
+    {
+        /// <summary>
+        /// Creates user's identity from user's claims
+        /// </summary>
+        /// <param name="dic"><see cref="IDictionary{String,String}" /> of user's claims</param>
+        /// <returns><see cref="ClaimsIdentity" /></returns>
+        public static IIdentity CreateIdentity(IDictionary<string, string> dic)
+        {
+            var claims = dic.Select(p => new Claim(p.Key, p.Value));
+            return new ClaimsIdentity(claims);
+        }
+    }
+}

src/JWT.Extensions.AspNetCore/Internal/DefaultTicketFactory.cs

@@ -0,0 +1,18 @@
+using System.Security.Claims;
+using System.Security.Principal;
+using Microsoft.AspNetCore.Authentication;
+
+namespace JWT.Internal
+{
+    internal static class DefaultTicketFactory
+    {
+        /// <summary>
+        /// Creates user's <see cref="AuthenticationTicket" /> from user's <see cref="IIdentity" /> and current <see cref="AuthenticationScheme" />
+        /// </summary>
+        public static AuthenticationTicket CreateTicket(IIdentity identity, AuthenticationScheme scheme) =>
+            new AuthenticationTicket(
+                new ClaimsPrincipal(identity),
+                new AuthenticationProperties(),
+                scheme.Name);
+    }
+}