/// <summary>
/// Create a JWT for a user - After Authtenicated
/// </summary>
/// <param name="userName">User Name</param>
/// <returns>string</returns>
public AuthServerJWT CreateJWT(string userName)
{
//contains both the JWT and Refresh Token
var authServerJWT = new AuthServerJWT();
authServerJWT.hasError = false;
authServerJWT.errorMsg = string.Empty;
var secKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.Default.GetBytes(_secret));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
secKey,
SecurityAlgorithms.HmacSha256Signature);
//Setup date now and expiration date
//DateTime centuryBegin = new DateTime(1970, 1, 1);
//var exp = new TimeSpan(DateTime.Now.AddMinutes(20).Ticks - centuryBegin.Ticks).TotalSeconds;
//var now = new TimeSpan(DateTime.Now.Ticks - centuryBegin.Ticks).TotalSeconds;
var now = DateTimeOffset.Now.ToUnixTimeSeconds();
var exp = DateTimeOffset.Now.AddMinutes(20).ToUnixTimeSeconds();
//Setup the header
var header = new JwtHeader(signingCredentials);
List <string> Groups = new List <string>();
var userADGroups = AuthFlowJWT.Security.Auth.ActiveDirectory.GetADGroups(userName);
var payload = new JwtPayload
{
{ "iss", _issuer },
{ "aud", _audience },
{ "iat", now },
{ "exp", exp },
{ "groups", userADGroups }
};
//Create the JWT
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(secToken);
authServerJWT.jsonWebToken = jwt;
//Generate the Refresh Token
authServerJWT.refreshToken = GenerateRefreshToken(userName);
return(authServerJWT);
}
/// <summary>
/// Renew the token by passing the JWT. If the renewal token is still valid a
/// new JWT will be created.
/// </summary>
/// <param name="jwt">JWT</param>
/// <returns></returns>
public AuthServerJWT RenewJWT(string refreshToken)
{
var jwtRenewed = string.Empty;
ObjectCache cache = MemoryCache.Default;
var cacheRenewalJWT = (AuthServerRefreshToken)cache[refreshToken];
var jwt = new AuthServerJWT();
//If no refresh token is found, it means it expired.
if (cacheRenewalJWT == null)
{
jwt.jsonWebToken = string.Empty;
jwt.refreshToken = string.Empty;
jwt.hasError = true;
jwt.errorMsg = "Refresh Token Expired";
return(jwt);
}
//The refresh token is valid, return a new JWT
jwt = CreateJWT(cacheRenewalJWT.userName);
return(jwt);
}
private static void WriteJWTToConsole(string msg, AuthServerJWT jwt)
{
Console.WriteLine("\n" + msg + "\n");
Console.WriteLine(jwt.jsonWebToken);
}
