Beispiel #1
0
        /// <summary>
        ///     Creates an access JwtSecurityToken given an <paramref name="account"/> and <paramref name="refreshTokenId"/>.
        /// </summary>
        /// <param name="account">The Account from which to retrieve user claims.</param>
        /// <param name="refreshTokenId">The refresh token id to use for the jti claim.</param>
        /// <returns>The created JwtSecurityToken.</returns>
        public JwtSecurityToken GetAccessToken(Account account, Guid refreshTokenId)
        {
            var expiry = Utility.GetSetting <int>(Settings.JwtAccessTokenExpiry);
            var key    = Utility.GetSetting <string>(Settings.JwtKey);

            var claims = new List <Claim>()
            {
                new Claim(ClaimTypes.Name, account.Name),
                new Claim(ClaimTypes.NameIdentifier, account.Id.ToString()),
                new Claim(ClaimTypes.Role, account.Role.ToString()),
                new Claim("sub", account.Id.ToString()),
                new Claim("name", account.Name),
                new Claim("role", account.Role.ToString()),
                new Claim("jti", refreshTokenId.ToString()),
                new Claim("pwd", account.PasswordResetRequired.ToString().ToLower()),
            };

            return(GetJwtSecurityToken(claims, expiry));
        }
Beispiel #2
0
        private JwtSecurityToken GetJwtSecurityToken(List <Claim> claims, DateTime expiresUtc, DateTime issuedUtc)
        {
            if (!claims.Any(c => c.Type == "iat"))
            {
                claims.Add(new Claim("iat", ((DateTimeOffset)issuedUtc).ToUnixTimeSeconds().ToString()));
            }

            var key         = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Utility.GetSetting <string>(Settings.JwtKey)));
            var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512);

            var token = new JwtSecurityToken(
                issuer: Utility.GetSetting <string>(Settings.JwtIssuer),
                audience: Utility.GetSetting <string>(Settings.JwtAudience),
                claims: claims,
                notBefore: issuedUtc,
                expires: expiresUtc,
                signingCredentials: credentials);

            return(token);
        }
Beispiel #3
0
        /// <summary>
        ///     Creates a refresh JwtSecurityToken with the specified <paramref name="refreshTokenId"/> and default expiry.
        /// </summary>
        /// <param name="refreshTokenId">The token id.</param>
        /// <returns>The created JwtSecurityToken.</returns>
        public JwtSecurityToken GetRefreshToken(Guid refreshTokenId)
        {
            var expiry = Utility.GetSetting <int>(Settings.JwtRefreshTokenExpiry);

            return(GetRefreshToken(refreshTokenId, DateTime.UtcNow.AddMinutes(expiry), DateTime.UtcNow));
        }