Extract Azure Ad B2C Public Key from Modulus and Exponent only?

Question

I want to verify the signature of the id_token, that I receive from Azure Ad B2C.

When I go to the metadata endpoint to find the keys, I'm only given n and e.

kid is as far as I understand the "key-id" which is matching the one contained in my id_token

{
"keys": [
    {
        "kid": "X5eXk4xyojNFum1kl2Ytv8dlNP4-c57dO6QGTVBwaNk",
        "nbf": 1493763266,
        "use": "sig",
        "kty": "RSA",
        "e": "AQAB",
        "n": "tVKUtcx_n9rt5afY_2WFNvU6PlFMggCatsZ3l4RjKxH0jgdLq6CScb0P3ZGXYbPzXvmmLiWZizpb-h0qup5jznOvOr-Dhw9908584BSgC83YacjWNqEK3urxhyE2jWjwRm2N95WGgb5mzE5XmZIvkvyXnn7X8dvgFPF5QwIngGsDG8LyHuJWlaDhr_EPLMW4wHvH0zZCuRMARIJmmqiMy3VD4ftq4nS5s8vJL0pVSrkuNojtokp84AtkADCDU_BUhrc2sIgfnvZ03koCQRoZmWiHu86SuJZYkDFstVTVSR0hiXudFlfQ2rOhPlpObmku68lXw-7V-P7jwrQRFfQVXw"
    }
]
}

Microsoft says that you can generate the public key from these two parameters, but I have absolutely no clue about how to do so. And every time I find a guide online it is not in C# (my coding language).

Source: Web sign-in with OpenID Connect in Azure Active Directory B2C

I've found libraries to verify the signature, but I also want to see the public key itself, if thats possible, and test it on JWT.IO:

I really hope someone can help me out on this.

I just modified the linked answer to cover your question about verification on jwt.io — jps, Oct 30 '20 at 11:22
You can follow https://play.golang.org/p/7wWMBOp10R and replace the variable 'js' with the value you obtain from your discovery url. Run the snippet and copy the entire output to https://jwt.io along with your jwt token to be verified and see if the signature is valid. — vJ- tHe tiMe bOmB, Sep 22 '21 at 15:04

Extract Azure Ad B2C Public Key from Modulus and Exponent only?

0 Answers0