This is my first implementation of using JWT in MVC. I have created the following token in my controller to pass to the front end when they hit my endpoint . I have used the tool on JWT.io but I am uncertain if it's worked and what I put in the signature section 'secret'. It says invalid token signature but I can see the payload. Here is the code:
Any help or pointing in the right direction to see how it works would be great.
var payload = new Dictionary<string, object>()
{
{ "id", "example123" },
{ "Name", "John Doe" }
};
X509Certificate2 certX509 = new X509Certificate2(pfxFile, password);
byte[] privateKey = certX509.Export(X509ContentType.Cert, password);
string token = Jose.JWT.Encode(payload, privateKey, JwsAlgorithm.HS256);
//string[] getSecret = token.Split(".".ToCharArray());
//secret = getSecret[2];
return token;
The result, which seems to look like a JWT token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImV4YW1wbGUxMjMiLCJOYW1lIjoiSm9obiBEb2UifQ.j4Ub0iWU-6xTbc3pvwfBy0v0o-Y2Ds6C5_ez3NIRnIk
but it doesn't validate on https://jwt.io/. Thank you in advance :)
Edit
After playing around more I found if I create a string then convert it to a byte array then use the text in the signature box it verifies!!. Because my current byte array is populated from a pfx, the value to enter is unknown.