add an overload for ReadJsonWebToken to take a ReadOnlyMemory, add tests and benchmark (#3205)

Author: jennyf19

benchmark/Microsoft.IdentityModel.Benchmarks/Microsoft.IdentityModel.Benchmarks.csproj

@@ -45,6 +45,7 @@
     <ProjectReference Include="..\..\src\Microsoft.IdentityModel.Tokens\Microsoft.IdentityModel.Tokens.csproj" />
     <ProjectReference Include="..\..\src\System.IdentityModel.Tokens.Jwt\System.IdentityModel.Tokens.Jwt.csproj" />
     <ProjectReference Include="..\..\src\Microsoft.IdentityModel.Protocols.SignedHttpRequest\Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj" />
+    <ProjectReference Include="..\..\test\Microsoft.IdentityModel.TestUtils\Microsoft.IdentityModel.TestUtils.csproj" />
   </ItemGroup>
 
   <PropertyGroup Condition="'$(TargetFramework)' == 'net6.0'">

benchmark/Microsoft.IdentityModel.Benchmarks/ReadJsonWebTokenBenchmarks.cs

@@ -0,0 +1,65 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System;
+using BenchmarkDotNet.Attributes;
+using Microsoft.IdentityModel.JsonWebTokens;
+using Microsoft.IdentityModel.TestUtils;
+using Microsoft.IdentityModel.Tokens;
+
+namespace Microsoft.IdentityModel.Benchmarks
+{
+    public class ReadJsonWebTokenBenchmarks
+    {
+        private JsonWebTokenHandler _handler;
+        private string _smallToken;
+        private string _largeToken;
+
+        [GlobalSetup]
+        public void Setup()
+        {
+            _handler = new JsonWebTokenHandler();
+
+            // Small token with minimal claims
+            _smallToken = _handler.CreateToken(
+                Default.PayloadString,
+                KeyingMaterial.JsonWebKeyRsa256SigningCredentials);
+
+            // Large token with many claims
+            var claims = Default.PayloadClaims;
+            for (int i = 0; i < 50; i++)
+                claims.Add(new System.Security.Claims.Claim($"claim{i}", $"value{i}"));
+
+            _largeToken = _handler.CreateToken(
+                new SecurityTokenDescriptor
+                {
+                    Subject = new CaseSensitiveClaimsIdentity(claims),
+                    SigningCredentials = KeyingMaterial.JsonWebKeyRsa256SigningCredentials
+                });
+        }
+
+        [Benchmark(Baseline = true)]
+        public JsonWebToken ReadJsonWebToken_String_Small()
+        {
+            return _handler.ReadJsonWebToken(_smallToken);
+        }
+
+        [Benchmark]
+        public JsonWebToken ReadJsonWebToken_Span_Small()
+        {
+            return _handler.ReadJsonWebToken(_smallToken.AsMemory());
+        }
+
+        [Benchmark]
+        public JsonWebToken ReadJsonWebToken_String_Large()
+        {
+            return _handler.ReadJsonWebToken(_largeToken);
+        }
+
+        [Benchmark]
+        public JsonWebToken ReadJsonWebToken_Span_Large()
+        {
+            return _handler.ReadJsonWebToken(_largeToken.AsMemory());
+        }
+    }
+}

src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs

@@ -486,6 +486,31 @@ public virtual JsonWebToken ReadJsonWebToken(string token)
             return new JsonWebToken(token);
         }
 
+        /// <summary>
+        /// Converts a ReadOnlyMemory span of characters into an instance of <see cref="JsonWebToken"/>.
+        /// </summary>
+        /// <param name="token">A ReadOnlyMemory span containing a JSON Web Token (JWT) in JWS or JWE Compact Serialization format.</param>
+        /// <returns>A <see cref="JsonWebToken"/>.</returns>
+        /// <exception cref="ArgumentException">Thrown if the length of <paramref name="token"/> is greater than <see cref="TokenHandler.MaximumTokenSizeInBytes"/>.</exception>
+        /// <remarks>
+        /// <para>If the <paramref name="token"/> is in JWE Compact Serialization format, only the protected header will be deserialized.</para>
+        /// This method is unable to decrypt the payload. Use <see cref="ValidateToken(string, TokenValidationParameters)"/>to obtain the payload.
+        /// <para>
+        /// The token is NOT validated and no security decisions should be made about the contents.
+        /// Use <see cref="ValidateToken(string, TokenValidationParameters)"/> or <see cref="ValidateTokenAsync(string, TokenValidationParameters)"/> to ensure the token is acceptable.
+        /// </para>
+        /// </remarks>
+        public virtual JsonWebToken ReadJsonWebToken(ReadOnlyMemory<char> token)
+        {
+            if (token.IsEmpty)
+                throw LogHelper.LogArgumentNullException(nameof(token));
+
+            if (token.Span.Length > MaximumTokenSizeInBytes)
+                throw LogHelper.LogExceptionMessage(new ArgumentException(LogHelper.FormatInvariant(TokenLogMessages.IDX10209, LogHelper.MarkAsNonPII(token.Length), LogHelper.MarkAsNonPII(MaximumTokenSizeInBytes))));
+
+            return new JsonWebToken(token);
+        }
+
         /// <summary>
         /// Converts a string into an instance of <see cref="JsonWebToken"/>.
         /// </summary>

src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI.Unshipped.txt

@@ -0,0 +1 @@
+virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ReadJsonWebToken(System.ReadOnlyMemory<char> token) -> Microsoft.IdentityModel.JsonWebTokens.JsonWebToken

test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs

@@ -4573,6 +4573,57 @@ public static TheoryData<CreateTokenTheoryData> ValidateAuthenticationTagLengthT
                 }
             };
         }
+
+        [Theory, MemberData(nameof(ReadJsonWebTokenSpanTheoryData))]
+        public void ReadJsonWebToken_Span(JwtTheoryData theoryData)
+        {
+            var context = TestUtilities.WriteHeader($"{this}.ReadJsonWebToken_Span", theoryData);
+            try
+            {
+                var handler = new JsonWebTokenHandler();
+                var readOnlySpan = theoryData.Token.AsMemory();
+                var jwtFromSpan = handler.ReadJsonWebToken(readOnlySpan);
+                var jwtFromString = handler.ReadJsonWebToken(theoryData.Token);
+
+                if (theoryData.ExpectedException == null)
+                {
+                    // Results should match between span and string versions
+                    IdentityComparer.AreEqual(jwtFromSpan, jwtFromString, context);
+                }
+
+                theoryData.ExpectedException.ProcessNoException(context);
+            }
+            catch (Exception ex)
+            {
+                theoryData.ExpectedException.ProcessException(ex, context);
+            }
+
+            TestUtilities.AssertFailIfErrors(context);
+        }
+
+        public static TheoryData<JwtTheoryData> ReadJsonWebTokenSpanTheoryData()
+        {
+            return new TheoryData<JwtTheoryData>
+            {
+                new JwtTheoryData
+                {
+                    TestId = "ValidToken",
+                    Token = Default.AsymmetricJws,
+                },
+                new JwtTheoryData
+                {
+                    TestId = "TokenTooLong",
+                    Token = new string('x', TokenValidationParameters.DefaultMaximumTokenSizeInBytes + 1),
+                    ExpectedException = ExpectedException.ArgumentException("IDX10209:"),
+                },
+                new JwtTheoryData
+                {
+                    TestId = "EmptyToken",
+                    Token = string.Empty,
+                    ExpectedException = ExpectedException.ArgumentNullException("IDX10000:"),
+                }
+            };
+        }
     }
 
     public class CreateTokenTheoryData : TheoryDataBase