Skip to content

Fix up user-jwts interactions#42125

Merged
captainsafia merged 7 commits intodotnet:mainfrom
captainsafia:user-jwts-fix-print
Jun 16, 2022
Merged

Fix up user-jwts interactions#42125
captainsafia merged 7 commits intodotnet:mainfrom
captainsafia:user-jwts-fix-print

Conversation

@captainsafia
Copy link
Copy Markdown
Contributor

@captainsafia captainsafia commented Jun 10, 2022
edited
Loading

Closes #42113
Closes #41973

(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll create
New JWT saved with ID 'd85b7664'.
Name: safia
Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiJkODViNzY2NCIsImF1ZCI6WyJodHRwczovL2xvY2FsaG9zdDo3MjU5IiwiaHR0cDovL2xvY2FsaG9zdDo1MjU5Il0sIm5iZiI6MTY1NDg0Mzg5OCwiZXhwIjoxNjYyNzkyNjk4LCJpYXQiOjE2NTQ4NDM4OTksImlzcyI6ImRvdG5ldC11c2VyLWp3dHMifQ.sMPjubPIpOpOsa1eynTSsTdd_PSJaMU_SW-cOva38Zc
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll print d85b7664
Found JWT with ID 'd85b7664'.
ID: d85b7664
Name: safia
Scheme: Bearer
Audience(s): https://localhost:7259, http://localhost:5259
Not Before: 2022-06-10T06:51:38.0000000+00:00
Expires On: 2022-09-10T06:51:38.0000000+00:00
Issued On: 2022-06-10T06:51:39.0000000+00:00
Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiJkODViNzY2NCIsImF1ZCI6WyJodHRwczovL2xvY2FsaG9zdDo3MjU5IiwiaHR0cDovL2xvY2FsaG9zdDo1MjU5Il0sIm5iZiI6MTY1NDg0Mzg5OCwiZXhwIjoxNjYyNzkyNjk4LCJpYXQiOjE2NTQ4NDM4OTksImlzcyI6ImRvdG5ldC11c2VyLWp3dHMifQ.sMPjubPIpOpOsa1eynTSsTdd_PSJaMU_SW-cOva38Zc
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll create --claim foo=bar --role baz
New JWT saved with ID '19ce6a19'.
Name: safiaRoles: bazCustom Claims: foo=bar
Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIxOWNlNmExOSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDM5NzQsImV4cCI6MTY2Mjc5Mjc3NCwiaWF0IjoxNjU0ODQzOTc1LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.nb44lODUzA4KHVqIDHJCKg71yGxD-kX1pADtXaUGcHo
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll create --claims foo=bar --roles baz
Specify --help for a list of available options and commands.
Unrecognized option '--claims'


Usage: dotnet user-jwts [options] [command]

Options:
  -p|--project  The path of the project to operate on. Defaults to the project in the current directory.
  -h|--help     Show help information

Commands:
  clear   Remove all issued JWTs for a project
  create  Issue a new JSON Web Token
  key     Display or reset the signing key used to issue JWTs
  list    Lists the JWTs issued for the project
  print   Print the details of a given JWT
  remove  Remove a given JWT

Use "dotnet user-jwts [command] --help" for more information about a command.
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll create --claim foo=bar --role baz
New JWT saved with ID '35ed49ea'.
Name: safia
Roles: baz
Custom Claims: foo=bar

Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIzNWVkNDllYSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDQxMTMsImV4cCI6MTY2Mjc5MjkxMywiaWF0IjoxNjU0ODQ0MTE0LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.S9Edhjcw26uc1KKnQdrIHkBsSMLj8m_Z6K3QV3XjaHg
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll print 35ed49ea
Found JWT with ID '35ed49ea'.
ID: 35ed49ea
Name: safia
Scheme: Bearer
Audience(s): https://localhost:7259, http://localhost:5259
Not Before: 2022-06-10T06:55:13.0000000+00:00
Expires On: 2022-09-10T06:55:13.0000000+00:00
Issued On: 2022-06-10T06:55:14.0000000+00:00
Roles: [baz]
Custom Claims: [foo=bar]
Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIzNWVkNDllYSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDQxMTMsImV4cCI6MTY2Mjc5MjkxMywiaWF0IjoxNjU0ODQ0MTE0LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.S9Edhjcw26uc1KKnQdrIHkBsSMLj8m_Z6K3QV3XjaHg
(aspnetcore) PS C:\Users\safia\user-jwts-cli-work\aspnetcore\src\Security\Authentication\JwtBearer\samples\MinimalJwtBearerSample> dotnet ..\..\..\..\..\..\artifacts\bin\dotnet-user-jwts\Debug\net7.0\dotnet-user-jwts.dll print 35ed49ea --show-all
Found JWT with ID '35ed49ea'.
ID: 35ed49ea
Name: safia
Scheme: Bearer
Audience(s): https://localhost:7259, http://localhost:5259
Not Before: 2022-06-10T06:55:13.0000000+00:00
Expires On: 2022-09-10T06:55:13.0000000+00:00
Issued On: 2022-06-10T06:55:14.0000000+00:00
Scopes: none
Roles: [baz]
Custom Claims: [foo=bar]
Token Header: {"alg":"HS256","typ":"JWT"}
Token Payload: {"unique_name":"safia","sub":"safia","jti":"35ed49ea","role":"baz","foo":"bar","aud":["https://localhost:7259","http://localhost:5259"],"nbf":1654844113,"exp":1662792913,"iat":1654844114,"iss":"dotnet-user-jwts"}
Compact Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIzNWVkNDllYSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDQxMTMsImV4cCI6MTY2Mjc5MjkxMywiaWF0IjoxNjU0ODQ0MTE0LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.S9Edhjcw26uc1KKnQdrIHkBsSMLj8m_Z6K3QV3XjaHg

@captainsafia captainsafia added area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI old-area-web-frameworks-do-not-use *DEPRECATED* This label is deprecated in favor of the area-mvc and area-minimal labels feature-userjwts The `dotnet user-jwts` CLI tool labels Jun 10, 2022
@captainsafia captainsafia requested a review from a team June 10, 2022 07:04
@captainsafia captainsafia requested a review from Pilchie as a code owner June 10, 2022 07:04
@captainsafia captainsafia force-pushed the user-jwts-fix-print branch from 64d2c70 to 060ba2e Compare June 10, 2022 07:16
@DamianEdwards
Copy link
Copy Markdown
Member

DamianEdwards commented Jun 10, 2022

Is this just a copy/pasta error (all on the same line):

Name: safiaRoles: bazCustom Claims: foo=bar

@DamianEdwards
Copy link
Copy Markdown
Member

DamianEdwards commented Jun 10, 2022

Can we have it so that the values for Roles and Claims are formatted the same when displaying after creating and printing? Right now it seems there's square brackets around the values when printing but not when creating.

@DamianEdwards
Copy link
Copy Markdown
Member

DamianEdwards commented Jun 10, 2022

We can do this in a later change, but it would be nice if we left-padded the values so they all left-aligned when printing the details, e.g.:

Name:   safia
Roles:  bazCustom
Claims: foo=bar

@captainsafia
Copy link
Copy Markdown
Contributor Author

captainsafia commented Jun 10, 2022

Is this just a copy/pasta error (all on the same line):

Ish. Found this bug and fixed it after running through the CLI scenario.

Can we have it so that the values for Roles and Claims are formatted the same when displaying after creating and printing?

Doable!

We can do this in a later change, but it would be nice if we left-padded the values so they all left-aligned when printing the details, e.g.:

Sure.

@martincostello martincostello mentioned this pull request Jun 11, 2022
Closed
1 task
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
captainsafia
captainsafia commented Jun 15, 2022
View reviewed changes
@captainsafia @DamianEdwards
Apply suggestions from code review
16d55b6 
Co-authored-by: Damian Edwards <damian@damianedwards.com>
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
DamianEdwards
DamianEdwards reviewed Jun 15, 2022
View reviewed changes
@DamianEdwards DamianEdwards requested a review from a team June 15, 2022 19:29
captainsafia and others added 2 commits June 15, 2022 13:00
@captainsafia @DamianEdwards
Apply suggestions from code review
9108364 
Co-authored-by: Damian Edwards <damian@damianedwards.com>
@captainsafia @DamianEdwards
Update src/Tools/dotnet-user-jwts/src/Commands/CreateCommand.cs
cf90596 
Co-authored-by: Damian Edwards <damian@damianedwards.com>
@Rick-Anderson Rick-Anderson mentioned this pull request Jun 15, 2022
Closed
@captainsafia
Copy link
Copy Markdown
Contributor Author

captainsafia commented Jun 16, 2022

@BrennanConroy Can I get a review on this?

BrennanConroy
BrennanConroy reviewed Jun 16, 2022
View reviewed changes
src/Tools/dotnet-user-jwts/src/Commands/CreateCommand.cs Outdated
reporter.Error(Resources.FormatCreateCommand_InvalidPeriod_Error("--valid-for"));
}
expiresOn = notBefore.Add(validForValue);
optionsString += $"{Resources.JwtPrint_ExpiresOn}: {expiresOn:O}{Environment.NewLine}";
Copy link
Copy Markdown
Member

@BrennanConroy BrennanConroy Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

expiresOnOption and validForOption conflict, is there a warning/error for this? Should we only print one of them?

Copy link
Copy Markdown
Contributor Author

@captainsafia captainsafia Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call! I think we probably want to throw an error and treat the input arguments as invalid in this case.

Copy link
Copy Markdown
Member

@DamianEdwards DamianEdwards Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, I think that's what I did in the original prototype, you have to specify either/or.

src/Tools/dotnet-user-jwts/src/Helpers/DevJwtCliHelpers.cs
reporter.Output($"{Resources.JwtPrint_TokenPayload}: {fullToken.Payload.SerializeToJson()}");
}

var tokenValueFieldName = showAll ? Resources.JwtPrint_CompactToken : Resources.JwtPrint_Token;
Copy link
Copy Markdown
Member

@BrennanConroy BrennanConroy Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this backward?

Copy link
Copy Markdown
Contributor Author

@captainsafia captainsafia Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's intentional. When the user provides the showAll flag, we'll print the full token with the header and payload, when that happens we're printing "Compact" token to make it clear that the value is the encoded token. Same doesn't need to be done if we never print the full token.

captainsafia and others added 2 commits June 16, 2022 11:25
BrennanConroy
BrennanConroy approved these changes Jun 16, 2022
View reviewed changes
src/Tools/dotnet-user-jwts/src/Commands/ListCommand.cs
{
var table = new ConsoleTable(reporter);
table.AddColumns("Id", "Scheme Name", "Audience", "Issued", "Expires");
table.AddColumns(Resources.JwtPrint_Id, Resources.JwtPrint_Scheme, Resources.JwtPrint_Audiences, Resources.JwtPrint_IssuedOn, Resources.JwtPrint_ExpiresOn);
Copy link
Copy Markdown
Member

@BrennanConroy BrennanConroy Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Idk if you saw my question, should audience and name both be here? I think the issue mentioned including both.

Copy link
Copy Markdown
Contributor Author

@captainsafia captainsafia Jun 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, so the issue refers to showing the name in the print command. For list, I figured it would make sense to limit it to the properties that impact the JWT's behavior at runtime. Also, I wanted to be a little cautious about having too many columns in the table since our ConsoleTable implementation is pretty rudimentary.

@captainsafia captainsafia merged commit b0a348c into dotnet:main Jun 16, 2022
@ghost ghost added this to the 7.0-preview6 milestone Jun 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DamianEdwards DamianEdwards DamianEdwards left review comments

@BrennanConroy BrennanConroy BrennanConroy approved these changes

@Pilchie Pilchie Awaiting requested review from Pilchie

Assignees

No one assigned

Labels

area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI feature-userjwts The `dotnet user-jwts` CLI tool old-area-web-frameworks-do-not-use *DEPRECATED* This label is deprecated in favor of the area-mvc and area-minimal labels

Projects

None yet

Milestone

7.0-preview6

Development

Successfully merging this pull request may close these issues.

user-jwts issues Support O DateTime(Offset) format in dotnet user-jwts tool

3 participants

@captainsafia @DamianEdwards @BrennanConroy