I'm having trouble verifying the signature of ID tokens obtained during authentication in Azure Active Directory B2C.
I'm looking at this set of instructions: [ https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-reference-tokens/#token-validation ][Azure AD B2C preview: Token reference > Token validation]
So, I'm trying different Python 3 packages to try to verify the signature, and all of them seem to need the JWT, which is the ID token, and the 'key' or 'secret' which is the public key to verify the signature.
To be clear, Azure Active Directory B2C ID Tokens are signed using RS256:
{'alg': 'RS256'} // Found in header of ID token
I'm using this link to fetch the keys:
https://login.microsoftonline.com/<b2c_directory>.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_sign_in
This link returns a JSON string, which contains the following keys: "kid", "use", "kty", "n", "e"
From what I read, the "n" and "e" keys are related to the public key needed to verify the signature. I have tried both individually and concatenated (n+e and e+n), and I am not able to verify that signature.
I am using PyJWT, but I don't mind using other Python 3 packages as long as it verifies the signature successfully, even with adal if anyone has figured out how to get that to work to authenticate using OpenID.