From f7edc778a18158e315da58456d28c10e4f1e3b23 Mon Sep 17 00:00:00 2001
From: jennyf19 <jeferrie@microsoft.com>
Date: Tue, 11 Jul 2023 12:41:21 -0700
Subject: [PATCH] Possible fixes to address perf issue in 6.31 (#2131)

* move bool check sooner

* Fixing one bug in JSonWebToken , and a potential exception.
The bug:
- the constructor of JSonWebToken taking header and payload supposes that these are json, not encoded. They should not be assigned directly to the encoded members. This is likely to provoke plenty of exception.
- the potential exception: in ToString(), we don't verify that there is at least one dot. Again could provoke an exception on malformed tokens.

* Removing the ".signature" per PR feedback

* address PR feedback and take Keegan's work in 7x branch

* fix logic

* move logic back to previous

---------

Co-authored-by: Jean-Marc Prieur <jmprieur@microsoft.com>
---
 .../JsonWebToken.cs                                  | 12 +++++++++---
 src/Microsoft.IdentityModel.Logging/LogHelper.cs     |  6 +++---
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
index 3dd95fb868..29b84db401 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
@@ -120,8 +120,9 @@ public JsonWebToken(string header, string payload)
                 throw LogHelper.LogExceptionMessage(new ArgumentException(LogHelper.FormatInvariant(LogMessages.IDX14302, payload), ex));
             }
 
-            _encodedHeader = header;
-            _encodedPayload = payload;
+            _encodedHeader = Base64UrlEncoder.Encode(header);
+            _encodedPayload = Base64UrlEncoder.Encode(payload);
+            EncodedToken = _encodedHeader + "." + _encodedPayload + ".";
         }
 
         internal string ActualIssuer { get; set; }
@@ -904,7 +905,12 @@ public string Subject
         /// <returns>Encoded token string without signature or authentication tag.</returns>
         public override string ToString()
         {
-            return EncodedToken.Substring(0, EncodedToken.LastIndexOf("."));
+            int lastDot = EncodedToken.LastIndexOf('.');
+
+            if (lastDot >= 0)
+                return EncodedToken.Substring(0, lastDot);
+            else
+                return EncodedToken;
         }
 
         /// <summary>
diff --git a/src/Microsoft.IdentityModel.Logging/LogHelper.cs b/src/Microsoft.IdentityModel.Logging/LogHelper.cs
index 16d910ab63..467cd3606e 100644
--- a/src/Microsoft.IdentityModel.Logging/LogHelper.cs
+++ b/src/Microsoft.IdentityModel.Logging/LogHelper.cs
@@ -365,15 +365,15 @@ public static string FormatInvariant(string format, params object[] args)
                 return string.Format(CultureInfo.InvariantCulture, format, args.Select(SanitizeSecurityArtifact).ToArray());
         }
 
-        private static string SanitizeSecurityArtifact(object arg)
+        private static object SanitizeSecurityArtifact(object arg)
         {
             if (arg == null)
                 return "null";
 
-            if (arg is ISafeLogSecurityArtifact && IdentityModelEventSource.LogCompleteSecurityArtifact)
+            if (IdentityModelEventSource.LogCompleteSecurityArtifact && arg is ISafeLogSecurityArtifact)
                 return (arg as ISafeLogSecurityArtifact).UnsafeToString();
 
-            return arg.ToString();
+            return arg;
         }
 
         private static string RemovePII(object arg)