First cut at OpenIdConnectConfiguration and SignedHttpRequest

src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs

@@ -85,6 +85,7 @@ public static string CreateEncodedSignature(string input, SigningCredentials sig
         /// <exception cref="ArgumentNullException"><paramref name="input"/> or <paramref name="signingCredentials"/> is null.</exception>
         public static string CreateEncodedSignature(string input, SigningCredentials signingCredentials, bool cacheProvider)
         {
+            // TODO create overload that takes a Span<byte> for the input
             if (input == null)
                 throw LogHelper.LogArgumentNullException(nameof(input));
 

src/Microsoft.IdentityModel.Protocols.OpenIdConnect/Configuration/OpenIdConnectConfigurationRetriever.cs

@@ -7,7 +7,6 @@
 using Microsoft.IdentityModel.Abstractions;
 using Microsoft.IdentityModel.Logging;
 using Microsoft.IdentityModel.Tokens;
-using Newtonsoft.Json;
 
 namespace Microsoft.IdentityModel.Protocols.OpenIdConnect
 {
@@ -68,7 +67,7 @@ public static async Task<OpenIdConnectConfiguration> GetAsync(string address, ID
             if (LogHelper.IsEnabled(EventLogLevel.Verbose))
                 LogHelper.LogVerbose(LogMessages.IDX21811, doc);
 
-            OpenIdConnectConfiguration openIdConnectConfiguration = JsonConvert.DeserializeObject<OpenIdConnectConfiguration>(doc);
+            OpenIdConnectConfiguration openIdConnectConfiguration = OpenIdConnectConfigurationSerializer.Read(doc);
             if (!string.IsNullOrEmpty(openIdConnectConfiguration.JwksUri))
             {
                 if (LogHelper.IsEnabled(EventLogLevel.Verbose))

src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdConnectMessage.cs

@@ -5,8 +5,10 @@
 using System.Collections.Generic;
 using System.Collections.Specialized;
 using System.Reflection;
+using System.Text;
+using System.Text.Json;
 using Microsoft.IdentityModel.Logging;
-using Newtonsoft.Json.Linq;
+using JsonPrimitives = Microsoft.IdentityModel.Tokens.Json.JsonSerializerPrimitives;
 
 namespace Microsoft.IdentityModel.Protocols.OpenIdConnect
 {
@@ -15,6 +17,8 @@ namespace Microsoft.IdentityModel.Protocols.OpenIdConnect
     /// </summary>
     public class OpenIdConnectMessage : AuthenticationProtocolMessage
     {
+        internal const string ClassName = "Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage";
+
         /// <summary>
         /// Initializes a new instance of the <see cref="OpenIdConnectMessage"/> class.
         /// </summary>
@@ -30,7 +34,7 @@ public OpenIdConnectMessage(string json)
 
             try
             {
-                SetJsonParameters(JObject.Parse(json));
+                SetJsonParameters(json);
             }
             catch
             {
@@ -82,7 +86,7 @@ public OpenIdConnectMessage(NameValueCollection nameValueCollection)
         /// <summary>
         /// Initializes a new instance of the <see cref="OpenIdConnectMessage"/> class.
         /// </summary>
-        /// <param name="parameters">Enumeration of key value pairs.</param>        
+        /// <param name="parameters">Enumeration of key value pairs.</param>
         public OpenIdConnectMessage(IEnumerable<KeyValuePair<string, string[]>> parameters)
         {
             if (parameters == null)
@@ -104,30 +108,20 @@ public OpenIdConnectMessage(IEnumerable<KeyValuePair<string, string[]>> paramete
             }
         }
 
-        /// <summary>
-        /// Initializes a new instance of the <see cref="OpenIdConnectMessage"/> class.
-        /// </summary>
-        /// <param name="json">The JSON object from which the instance is created.</param>
-        [Obsolete("The 'OpenIdConnectMessage(object json)' constructor is obsolete. Please use 'OpenIdConnectMessage(string json)' instead.")]
-        public OpenIdConnectMessage(object json)
-        {
-            if (json == null)
-                throw LogHelper.LogArgumentNullException(nameof(json));
-
-            var jObject = JObject.Parse(json.ToString());
-            SetJsonParameters(jObject);
-        }
-
-        private void SetJsonParameters(JObject json)
+        private void SetJsonParameters(string json)
         {
-            if (json == null)
-                throw LogHelper.LogArgumentNullException("json");
+            Utf8JsonReader reader = new(Encoding.UTF8.GetBytes(json).AsSpan());
 
-            foreach (var pair in json)
+            while (JsonPrimitives.ReaderRead(ref reader))
             {
-                if (json.TryGetValue(pair.Key, out JToken value))
+                if (reader.TokenType == JsonTokenType.PropertyName)
                 {
-                    SetParameter(pair.Key, value.ToString());
+                    string propertyName = JsonPrimitives.GetPropertyName(ref reader, ClassName, true);
+                    string propertyValue = null;
+                    if (reader.TokenType == JsonTokenType.String)
+                        propertyValue = JsonPrimitives.ReadString(ref reader, propertyName, ClassName);
+
+                    SetParameter(propertyName, propertyValue);
                 }
             }
         }

src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdConnectParameterNames.cs

@@ -1,6 +1,8 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using System.Text;
+
 namespace Microsoft.IdentityModel.Protocols.OpenIdConnect
 {
     /// <summary>
@@ -51,6 +53,56 @@ public static class OpenIdConnectParameterNames
         public const string UserId = "user_id";
         public const string Username = "username";
         public const string VersionTelemetry = "x-client-ver";
-#pragma warning restore 1591
     }
+
+    /// <summary>
+    /// Parameter names for OpenIdConnect UTF8 bytes.
+    /// </summary>
+    public static class OpenIdConnectParameterUtf8Bytes
+    {
+        public static readonly byte[] AccessToken = Encoding.UTF8.GetBytes("access_token");
+        public static readonly byte[] AcrValues = Encoding.UTF8.GetBytes("acr_values");
+        public static readonly byte[] ClaimsLocales = Encoding.UTF8.GetBytes("claims_locales");
+        public static readonly byte[] ClientAssertion = Encoding.UTF8.GetBytes("client_assertion");
+        public static readonly byte[] ClientAssertionType = Encoding.UTF8.GetBytes("client_assertion_type");
+        public static readonly byte[] ClientId = Encoding.UTF8.GetBytes("client_id");
+        public static readonly byte[] ClientSecret = Encoding.UTF8.GetBytes("client_secret");
+        public static readonly byte[] Code = Encoding.UTF8.GetBytes("code");
+        public static readonly byte[] Display = Encoding.UTF8.GetBytes("display");
+        public static readonly byte[] DomainHint = Encoding.UTF8.GetBytes("domain_hint");
+        public static readonly byte[] Error = Encoding.UTF8.GetBytes("error");
+        public static readonly byte[] ErrorDescription = Encoding.UTF8.GetBytes("error_description");
+        public static readonly byte[] ErrorUri = Encoding.UTF8.GetBytes("error_uri");
+        public static readonly byte[] ExpiresIn = Encoding.UTF8.GetBytes("expires_in");
+        public static readonly byte[] GrantType = Encoding.UTF8.GetBytes("grant_type");
+        public static readonly byte[] Iss = Encoding.UTF8.GetBytes("iss");
+        public static readonly byte[] IdToken = Encoding.UTF8.GetBytes("id_token");
+        public static readonly byte[] IdTokenHint = Encoding.UTF8.GetBytes("id_token_hint");
+        public static readonly byte[] IdentityProvider = Encoding.UTF8.GetBytes("identity_provider");
+        public static readonly byte[] LoginHint = Encoding.UTF8.GetBytes("login_hint");
+        public static readonly byte[] MaxAge = Encoding.UTF8.GetBytes("max_age");
+        public static readonly byte[] Nonce = Encoding.UTF8.GetBytes("nonce");
+        public static readonly byte[] Password = Encoding.UTF8.GetBytes("password");
+        public static readonly byte[] PostLogoutRedirectUri = Encoding.UTF8.GetBytes("post_logout_redirect_uri");
+        public static readonly byte[] Prompt = Encoding.UTF8.GetBytes("prompt");
+        public static readonly byte[] RedirectUri = Encoding.UTF8.GetBytes("redirect_uri");
+        public static readonly byte[] RefreshToken = Encoding.UTF8.GetBytes("refresh_token");
+        public static readonly byte[] RequestUri = Encoding.UTF8.GetBytes("request_uri");
+        public static readonly byte[] Resource = Encoding.UTF8.GetBytes("resource");
+        public static readonly byte[] ResponseMode = Encoding.UTF8.GetBytes("response_mode");
+        public static readonly byte[] ResponseType = Encoding.UTF8.GetBytes("response_type");
+        public static readonly byte[] Scope = Encoding.UTF8.GetBytes("scope");
+        public static readonly byte[] SkuTelemetry = Encoding.UTF8.GetBytes("x-client-SKU");
+        public static readonly byte[] SessionState = Encoding.UTF8.GetBytes("session_state");
+        public static readonly byte[] Sid = Encoding.UTF8.GetBytes("sid");
+        public static readonly byte[] State = Encoding.UTF8.GetBytes("state");
+        public static readonly byte[] TargetLinkUri = Encoding.UTF8.GetBytes("target_link_uri");
+        public static readonly byte[] TokenType = Encoding.UTF8.GetBytes("token_type");
+        public static readonly byte[] UiLocales = Encoding.UTF8.GetBytes("ui_locales");
+        public static readonly byte[] UserId = Encoding.UTF8.GetBytes("user_id");
+        public static readonly byte[] Username = Encoding.UTF8.GetBytes("username");
+        public static readonly byte[] VersionTelemetry = Encoding.UTF8.GetBytes("x-client-ver");
+    }
+#pragma warning restore 1591
+
 }

src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdProviderMetadataNames.cs

@@ -1,10 +1,12 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using System.Text;
+
 namespace Microsoft.IdentityModel.Protocols.OpenIdConnect
 {
     /// <summary>
-    /// OpenIdProviderConfiguration Names
+    /// OpenIdProviderConfiguration MetadataName
     /// http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata 
     /// </summary>
     public static class OpenIdProviderMetadataNames
@@ -56,6 +58,60 @@ public static class OpenIdProviderMetadataNames
         public const string UserInfoEncryptionAlgValuesSupported = "userinfo_encryption_alg_values_supported";
         public const string UserInfoEncryptionEncValuesSupported = "userinfo_encryption_enc_values_supported";
         public const string UserInfoSigningAlgValuesSupported = "userinfo_signing_alg_values_supported";
+    }
 #pragma warning restore 1591
+
+    /// <summary>
+    /// OpenIdProviderConfiguration MetadataName - UTF8Bytes
+    /// http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
+    /// </summary>
+    internal static class OpenIdProviderMetadataUtf8Bytes
+    {
+        public static readonly byte[] AcrValuesSupported = Encoding.UTF8.GetBytes("acr_values_supported");
+        public static readonly byte[] AuthorizationEndpoint = Encoding.UTF8.GetBytes("authorization_endpoint");
+        public static readonly byte[] CheckSessionIframe = Encoding.UTF8.GetBytes("check_session_iframe");
+        public static readonly byte[] ClaimsLocalesSupported = Encoding.UTF8.GetBytes("claims_locales_supported");
+        public static readonly byte[] ClaimsParameterSupported = Encoding.UTF8.GetBytes("claims_parameter_supported");
+        public static readonly byte[] ClaimsSupported = Encoding.UTF8.GetBytes("claims_supported");
+        public static readonly byte[] ClaimTypesSupported = Encoding.UTF8.GetBytes("claim_types_supported");
+        public static readonly byte[] Discovery = Encoding.UTF8.GetBytes(".well-known/openid-configuration");
+        public static readonly byte[] DisplayValuesSupported = Encoding.UTF8.GetBytes("display_values_supported");
+        public static readonly byte[] EndSessionEndpoint = Encoding.UTF8.GetBytes("end_session_endpoint");
+        public static readonly byte[] FrontchannelLogoutSessionSupported = Encoding.UTF8.GetBytes("frontchannel_logout_session_supported");
+        public static readonly byte[] FrontchannelLogoutSupported = Encoding.UTF8.GetBytes("frontchannel_logout_supported");
+        public static readonly byte[] HttpLogoutSupported = Encoding.UTF8.GetBytes("http_logout_supported");
+        public static readonly byte[] GrantTypesSupported = Encoding.UTF8.GetBytes("grant_types_supported");
+        public static readonly byte[] IdTokenEncryptionAlgValuesSupported = Encoding.UTF8.GetBytes("id_token_encryption_alg_values_supported");
+        public static readonly byte[] IdTokenEncryptionEncValuesSupported = Encoding.UTF8.GetBytes("id_token_encryption_enc_values_supported");
+        public static readonly byte[] IdTokenSigningAlgValuesSupported = Encoding.UTF8.GetBytes("id_token_signing_alg_values_supported");
+        public static readonly byte[] IntrospectionEndpoint = Encoding.UTF8.GetBytes("introspection_endpoint");
+        public static readonly byte[] IntrospectionEndpointAuthMethodsSupported = Encoding.UTF8.GetBytes("introspection_endpoint_auth_methods_supported");
+        public static readonly byte[] IntrospectionEndpointAuthSigningAlgValuesSupported = Encoding.UTF8.GetBytes("introspection_endpoint_auth_signing_alg_values_supported");
+        public static readonly byte[] JwksUri = Encoding.UTF8.GetBytes("jwks_uri");
+        public static readonly byte[] Issuer = Encoding.UTF8.GetBytes("issuer");
+        public static readonly byte[] LogoutSessionSupported = Encoding.UTF8.GetBytes("logout_session_supported");
+        public static readonly byte[] MicrosoftMultiRefreshToken = Encoding.UTF8.GetBytes("microsoft_multi_refresh_token");
+        public static readonly byte[] OpPolicyUri = Encoding.UTF8.GetBytes("op_policy_uri");
+        public static readonly byte[] OpTosUri = Encoding.UTF8.GetBytes("op_tos_uri");
+        public static readonly byte[] RegistrationEndpoint = Encoding.UTF8.GetBytes("registration_endpoint");
+        public static readonly byte[] RequestObjectEncryptionAlgValuesSupported = Encoding.UTF8.GetBytes("request_object_encryption_alg_values_supported");
+        public static readonly byte[] RequestObjectEncryptionEncValuesSupported = Encoding.UTF8.GetBytes("request_object_encryption_enc_values_supported");
+        public static readonly byte[] RequestObjectSigningAlgValuesSupported = Encoding.UTF8.GetBytes("request_object_signing_alg_values_supported");
+        public static readonly byte[] RequestParameterSupported = Encoding.UTF8.GetBytes("request_parameter_supported");
+        public static readonly byte[] RequestUriParameterSupported = Encoding.UTF8.GetBytes("request_uri_parameter_supported");
+        public static readonly byte[] RequireRequestUriRegistration = Encoding.UTF8.GetBytes("require_request_uri_registration");
+        public static readonly byte[] ResponseModesSupported = Encoding.UTF8.GetBytes("response_modes_supported");
+        public static readonly byte[] ResponseTypesSupported = Encoding.UTF8.GetBytes("response_types_supported");
+        public static readonly byte[] ServiceDocumentation = Encoding.UTF8.GetBytes("service_documentation");
+        public static readonly byte[] ScopesSupported = Encoding.UTF8.GetBytes("scopes_supported");
+        public static readonly byte[] SubjectTypesSupported = Encoding.UTF8.GetBytes("subject_types_supported");
+        public static readonly byte[] TokenEndpoint = Encoding.UTF8.GetBytes("token_endpoint");
+        public static readonly byte[] TokenEndpointAuthMethodsSupported = Encoding.UTF8.GetBytes("token_endpoint_auth_methods_supported");
+        public static readonly byte[] TokenEndpointAuthSigningAlgValuesSupported = Encoding.UTF8.GetBytes("token_endpoint_auth_signing_alg_values_supported");
+        public static readonly byte[] UILocalesSupported = Encoding.UTF8.GetBytes("ui_locales_supported");
+        public static readonly byte[] UserInfoEndpoint = Encoding.UTF8.GetBytes("userinfo_endpoint");
+        public static readonly byte[] UserInfoEncryptionAlgValuesSupported = Encoding.UTF8.GetBytes("userinfo_encryption_alg_values_supported");
+        public static readonly byte[] UserInfoEncryptionEncValuesSupported = Encoding.UTF8.GetBytes("userinfo_encryption_enc_values_supported");
+        public static readonly byte[] UserInfoSigningAlgValuesSupported = Encoding.UTF8.GetBytes("userinfo_signing_alg_values_supported");
     }
 }