{"id":19407600,"url":"https://github.com/engineering87/jwt-inspector","last_synced_at":"2025-04-14T09:51:25.967Z","repository":{"id":261400373,"uuid":"884200421","full_name":"engineering87/jwt-inspector","owner":"engineering87","description":"Effortlessly decode, inspect, and validate JWTs","archived":false,"fork":false,"pushed_at":"2025-04-09T22:30:01.000Z","size":87,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-09T23:28:25.261Z","etag":null,"topics":["decoding","dotnet","jsonwebtoken","jwt","security","token","validation"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/engineering87.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-06T10:29:57.000Z","updated_at":"2025-04-09T22:30:05.000Z","dependencies_parsed_at":"2024-12-23T13:21:17.315Z","dependency_job_id":"50cae654-c51d-40fa-b624-40450bd52124","html_url":"https://github.com/engineering87/jwt-inspector","commit_stats":null,"previous_names":["engineering87/open-jwt-inspector","engineering87/jwt-inspector"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/engineering87%2Fjwt-inspector","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/engineering87%2Fjwt-inspector/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/engineering87%2Fjwt-inspector/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/engineering87%2Fjwt-inspector/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/engineering87","download_url":"https://codeload.github.com/engineering87/jwt-inspector/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248131027,"owners_count":21052816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["decoding","dotnet","jsonwebtoken","jwt","security","token","validation"],"created_at":"2024-11-10T12:03:07.893Z","updated_at":"2025-04-14T09:51:25.941Z","avatar_url":"https://github.com/engineering87.png","language":"C#","readme":"# JwtInspector - A Library for Decoding and Validating JWT Tokens\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![issues - jwt-inspector](https://img.shields.io/github/issues/engineering87/jwt-inspector)](https://github.com/engineering87/jwt-inspector/issues)\n[![Nuget](https://img.shields.io/nuget/v/JwtInspector.Core?style=plastic)](https://www.nuget.org/packages/JwtInspector.Core)\n![NuGet Downloads](https://img.shields.io/nuget/dt/JwtInspector.Core)\n[![Build](https://github.com/engineering87/jwt-inspector/actions/workflows/dotnet.yml/badge.svg)](https://github.com/engineering87/jwt-inspector/actions/workflows/dotnet.yml)\n[![stars - jwt-inspector](https://img.shields.io/github/stars/engineering87/jwt-inspector?style=social)](https://github.com/engineering87/jwt-inspector)\n\nJwtInspector is a C# library that provides utilities for decoding, validating, and inspecting JWT (JSON Web Tokens). This library simplifies working with JWTs by providing easy-to-use methods for extracting data, validating tokens, and more. \n\nThe library supports various use cases, such as decoding JWT payloads, validating token expiration, and verifying the authenticity of tokens using HMAC-SHA algorithms.\n\n## Features\n\n- Decode JWT tokens to extract claims and payload.\n- Validate JWT token authenticity and expiration.\n- Support for handling `iat` (issued at), `exp` (expiration), and `sub` (subject) claims.\n- Provides a simple interface for inspecting JWT headers, payloads, and signatures.\n- Easy-to-use methods for handling base64 URL encoding and decoding.\n- JWT validation against a symmetric key (HMAC-SHA256) and token verification.\n\n## Installation\n\nYou can install the library via the NuGet package manager with the following command:\n\n```bash\ndotnet add package JwtInspector.Core\n```\n\n## Usage\n\n### Decoding JWT Payload\n\nTo decode the payload of a JWT token and get a dictionary of claims:\n\n```csharp\nusing JwtInspector.Core.Services;\n\nvar jwtInspector = new JwtInspectorService();\nstring token = \"\u003cyour-jwt-token\u003e\";\nvar claims = jwtInspector.DecodePayloadAsJson(token);\nConsole.WriteLine(claims);\n```\n\n### Validating JWT Token\n\nTo validate a JWT token using a secret key:\n\n```csharp\nusing JwtInspector.Core.Services;\n\nvar jwtInspector = new JwtInspectorService();\nstring token = \"\u003cyour-jwt-token\u003e\";\nstring secretKey = \"\u003cyour-secret-key\u003e\";\nbool isValid = jwtInspector.ValidateToken(token, secretKey);\nConsole.WriteLine($\"Token valid: {isValid}\");\n```\n\n### Extracting JWT Parts\n\nYou can extract the header, payload, and signature from a JWT token:\n\n```csharp\nusing JwtInspector.Core.Services;\n\nvar jwtInspector = new JwtInspectorService();\nstring token = \"\u003cyour-jwt-token\u003e\";\nvar (header, payload, signature) = jwtInspector.ExtractJwtParts(token);\nConsole.WriteLine($\"Header: {header}\");\nConsole.WriteLine($\"Payload: {payload}\");\nConsole.WriteLine($\"Signature: {signature}\");\n```\n\n### Checking Token Expiration\n\nTo check if a JWT token is expired:\n\n```csharp\nusing JwtInspector.Core.Services;\n\nvar jwtInspector = new JwtInspectorService();\nstring token = \"\u003cyour-jwt-token\u003e\";\nbool isExpired = jwtInspector.IsExpired(token);\nConsole.WriteLine($\"Token expired: {isExpired}\");\n```\n\n### Extracting JWT Claims\n\nTo get the claims from a JWT token:\n\n```csharp\nusing JwtInspector.Core.Services;\n\nvar jwtInspector = new JwtInspectorService();\nstring token = \"\u003cyour-jwt-token\u003e\";\nvar claims = jwtInspector.GetClaims(token);\nforeach (var claim in claims)\n{\n    Console.WriteLine($\"{claim.Key}: {claim.Value}\");\n}\n```\n\n### Example Usage: Validating a Token with HMAC-SHA256\n\n```csharp\nusing JwtInspector.Core.Services;\nusing Microsoft.IdentityModel.Tokens;\n\nvar jwtInspector = new JwtInspectorService();\nstring secretKey = \"my_secret_key_123456789123456789\"; // 32 bytes key\nstring token = \"\u003cyour-jwt-token\u003e\";\nbool isValid = jwtInspector.ValidateToken(token, secretKey);\nConsole.WriteLine($\"Is token valid: {isValid}\");\n```\n\n## Methods Overview\n\n### Decoding methods\n\n- `DecodeBase64Url(string input)`: Decodes a Base64Url encoded string.\n- `DecodePayload(string token)`: Decodes the payload of a JWT token.\n- `DecodePayloadAsJson(string token)`: Returns the decoded JWT payload as a JSON string.\n- `ExtractJwtParts(string token)`: Extracts the header, payload, and signature from a JWT token.\n- `GetAudience(string token)`: Extracts the audience (`aud`) from the JWT token.\n- `GetClaims(string token)`: Extracts all claims from the JWT token.\n- `GetExpirationDate(string token)`: Extracts the expiration date (`exp`) of the JWT token.\n- `GetIssuedAt(string token)`: Extracts the issued date (`iat`) of the JWT token.\n- `GetJwtId(string token)`: Extracts the JWT ID (`jti`) of the JWT token.\n- `GetSigningAlgorithm(string token)`: Extracts the signing algorithm used in the JWT.\n- `IsExpired(string token)`: Checks if the JWT token is expired.\n- `IsValidFormat(string token)`: Checks if the JWT token has a valid format (three parts separated by dots).\n- `GetIssuer(string token)`: Retrieves the issuer claim from the JWT token.\n- `GetCustomClaim(string token, string claimKey)`: Retrieves a specific custom claim from the JWT token.\n- `IDictionary\u003cstring, object\u003e GetAllHeaders(string token)`: Retrieves all headers from the JWT token.\n- `DecodePayloadAs\u003cT\u003e(string token)`: Deserializes the JWT payload into a strongly-typed object.\n- `GetTokenSummary(string token)`: Generates a human-readable summary of the JWT token contents.\n\n### Validation methods\n\n- `ValidateToken(string token, string secretKey)`: Validates the JWT token using the provided secret key for HMAC-SHA256 verification.\n- `VerifyIssuer(string token, string expectedIssuer)`: Verifies that the issuer of the token matches the expected issuer.\n- `ValidateIssuerAndAudience(string token, string expectedIssuer, string expectedAudience)`: Verifies that the issuer and audience of the token match the expected values.\n- `ValidateLifetime(string token)`: Validates the token's lifetime based on the expiration date.\n- `ValidateAlgorithm(string token, string expectedAlgorithm)`: Verifies that the algorithm used to sign the token matches the expected algorithm.\n- `ValidateIssuerSigningKey(string token, string signingKey)`: Ensures that the token was signed using the correct signing key.\n- `ValidateClaims(string token, IDictionary\u003cstring, string\u003e requiredClaims)`: Validates specific claims in the token (e.g., roles, permissions).\n- `ValidateNotBefore(string token)`: Validates that the token is not used before the specified 'Not Before' time (nbf claim).\n\n## JWT Format\n\nA valid JWT token consists of three parts:\n\n- **Header**: Contains metadata such as the signing algorithm (`alg`) and token type (`typ`).\n- **Payload**: Contains the claims, which can be public, private, or registered claims such as `sub`, `iat`, `exp`, `aud`.\n- **Signature**: A cryptographic signature used to verify the integrity of the token.\n\nA JWT token is typically represented in the following format: `header.payload.signature`\n\n## Example JWT\n\nA typical JWT might look like this:\n\n`eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJzdWIiOiAiMTIzNDU2Nzg5MCIsICJuYW1lIjogIkpvaG4gRG9lIiwgImlhdCI6IDE1MTYyMzkwMjJ9.MD8fpgF7N0XWhQGGVm9lA_EvVoHkcmrr74xhL2y7H3U`\n\n## Contributing\nThank you for considering to help out with the source code!\nIf you'd like to contribute, please fork, fix, commit and send a pull request for the maintainers to review and merge into the main code base.\n\n * [Setting up Git](https://docs.github.com/en/get-started/getting-started-with-git/set-up-git)\n * [Fork the repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo)\n * [Open an issue](https://github.com/engineering87/jwt-inspector/issues) if you encounter a bug or have a suggestion for improvements/features\n\n## Licensee\nJwtInspector source code is available under MIT License, see license in the source.\n\n## Contact\nPlease contact at francesco.delre.87[at]gmail.com for any details.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fengineering87%2Fjwt-inspector","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fengineering87%2Fjwt-inspector","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fengineering87%2Fjwt-inspector/lists"}