Phoesion.DevJwt.CLI 1.0.1

Prefix Reserved
There is a newer version of this package available.
See the version list below for details.
dotnet tool install --global Phoesion.DevJwt.CLI --version 1.0.1                
This package contains a .NET tool you can call from the shell/command line.
dotnet new tool-manifest # if you are setting up this repo
dotnet tool install --local Phoesion.DevJwt.CLI --version 1.0.1                
This package contains a .NET tool you can call from the shell/command line.
#tool dotnet:?package=Phoesion.DevJwt.CLI&version=1.0.1                
nuke :add-package Phoesion.DevJwt.CLI --version 1.0.1                

Phoesion.DevJwt

Library and dotnet-tool for developing and testing JWT-protected web API services. Create and validate custom tokens that can be used locally, without an external authority.

How to use in your service

  1. Install the dotnet tool
dotnet tool install --global phoesion.devjwt.cli
  1. Generate token using
dotnet devjwt create myApi --email user@mail.com

console screenshot

  1. Configure in appsetting.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt",
         "SigningKeys": [
          {
             "Issuer": "phoesion.devjwt",
             "Value": "c29tZV9kZWZhdWx0X2tleV9mb3JfZGV2c18yNTZiaXQ="
          }
         ]
      }
   }
}
  1. You can now use the token for your requests.
curl -i -H "Authorization: Bearer {token}" https://localhost:{port}/secret

postman screenshot

Samples

The repository contains the following samples projects in the Samples folder :

  • SampleWebApi : an ASP.Net core web API application (net7.0 and above)
  • SampleWebApi_Older : an ASP.Net core web API application (net6.0 and net5.0)
  • SampleGlowMicroservice : a Phoesion Glow microservice
  • TokenGeneratorSample : a console application that demonstrates how to generate token programmatically

Custom signing key

By default, the generator and validator use a predefined key for signing/verifying the token. This way it will pass validation and you don't need to care about where/how the token was generated (doesn't use UserSecrets store), which is fine since it's for local development and testing.

You can however generate/validate tokens using a custom key like so :

  • In the tool specify a key to be used for signing the token using the --signkey parameter :
dotnet devjwt create myApi --email user@mail.com --sub 42 --signkey thiskeyisverylargetobreak
  • Encode the key in base64 format (so you can add it in your appsettings.Development.json)
dotnet devjwt encode-key thiskeyisverylargetobreak
  • Add the key in your appsettings.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt"
         "SigningKeys": [
          {
             "Issuer": "phoesion.devjwt",
             "Value": "dGhpc2tleWlzdmVyeWxhcmdldG9icmVhaw==" // <-- Set your new encoded key here
          }
         ]
      }
   }
}

Generate tokens programmatically

You can also generate tokens programmatically using the TokenGenerator

  1. Add the Phoesion.DevJwt NuGet package to your project
dotnet add package Phoesion.DevJwt
  1. Use TokenGenerator
string userId = new Guid().ToString();
string email = "john.doe@example.com";
string audience = "myApi";

var token = TokenGenerator.Create(audience, email, userId)
                          .AddScope("openid", "profile")
                          .AddRole("admin")
                          .AddClaim("username", "johndoe")
                          .ExpiresIn(TimeSpan.FromDays(365))
                          .Build();

How to use in net6.0 and net5.0 projects

  1. Add the Phoesion.DevJwt NuGet package to your web API project
dotnet add package Phoesion.DevJwt
  1. Enable dev-jwt on your JWT authorization services using the UseDevJwt() extension
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddJwtBearer(o => o.UseDevJwt(builder.Environment));

Notes : it only enables in 'Development' and 'Testing' environments

  1. Configure in appsetting.Development.json
"Authentication": {
   "Schemes": {
      "Bearer": {
         "ValidAudience": "myApi",
         "ValidIssuer": "phoesion.devjwt"
      }
   }
}
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

This package has no dependencies.

Version Downloads Last updated
1.1.0 59 11/19/2024
1.0.1 422 11/24/2023
0.2.1 268 4/27/2023
0.2.0 195 4/27/2023
0.1.9 196 4/27/2023
0.1.8 171 4/27/2023
0.1.7 204 4/26/2023
0.1.6 192 4/26/2023
0.1.5 191 4/26/2023
0.1.4 206 4/26/2023
0.1.3 223 4/26/2023
0.1.2 207 4/25/2023