private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType)
        {
            var obj = new AccessTokens();

            obj.Id             = Guid.NewGuid();
            obj.RefreshToken   = refreshToken;
            obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
            var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"]));

            obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);

            Claim[] claims;

            if (grantType == GRANT_TYPE_PASSWORD)
            {
                claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Sub, userId),
                    new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
                    new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim("appid", clientAppId)
                };
            }
            else
            {
                claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
                    new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim("appid", clientAppId)
                };
            }

            var token = new JwtSecurityToken(
                issuer: _config["Jwt:Issuer"],
                audience: _config["Jwt:Audience"],
                claims: claims,
                expires: AccessTokenExpiryDateTime,
                notBefore: DateTime.UtcNow,
                signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj)
                );

            obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token);
            obj.Status      = true;

            // Write Generated AccessToken to AuthDB (For future checking)
            var authAccessToken = _authObj.PutAccessTokens(obj);

            // Update RefreshToken to AuthDB (For future checking)
            var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime);

            return(obj);
        }
Beispiel #2
0
        private string GenerateJwtRequestByRSAKey()
        {
            var payloadObj = new Payload();

            payloadObj.iss   = _config["GoogleApi:Firebase:UndoneAuth:ServiceAccount"];
            payloadObj.scope = _config["GoogleApi:Firebase:UndoneAuth:Scope"];
            payloadObj.aud   = _config["GoogleApi:Firebase:UndoneAuth:RequestTokenUrl"] + "oauth2/v4/token";
            payloadObj.exp   = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60)));
            payloadObj.iat   = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow));

            SigningCredentials creds;
            var result = string.Empty;

            using (RSA privateRsa = RSA.Create())
            {
                var privateKeyXml = string.Empty;
                var resp          = _azObj.GetValueBySecretName(_config["GoogleApi:Firebase:UndoneAuth:Key:RS256:PrivateKeyXml"]).Result;
                if (resp.StatusCode == HttpStatusCode.OK)
                {
                    var content = resp.Content.ReadAsStringAsync().Result;
                    var obj     = JsonConvert.DeserializeObject <SecretPayload>(content);
                    privateKeyXml = obj.value;
                }
                privateRsa.fromXmlString(privateKeyXml);
                var privateKey = new RsaSecurityKey(privateRsa);
                creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256);

                var claims = new[] {
                    new Claim("scope", payloadObj.scope),
                    new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()),
                    new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString())
                };
                var token = new JwtSecurityToken(
                    payloadObj.iss,
                    payloadObj.aud,
                    claims,
                    signingCredentials: creds
                    );

                result = new JwtSecurityTokenHandler().WriteToken(token);
            }

            return(result);
        }
Beispiel #3
0
        private string GenerateJwtRequestByRSAKey()
        {
            var payloadObj = new Payload();

            payloadObj.iss   = serviceAccount;
            payloadObj.scope = scope;
            payloadObj.aud   = requestTokenUrl + "token";
            payloadObj.exp   = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60)));
            payloadObj.iat   = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow));

            SigningCredentials creds;

            using (RSA privateRsa = RSA.Create())
            {
                var privateKeyXml = File.ReadAllText(rs256PrivateKeyXml);
                privateRsa.fromXmlString(privateKeyXml);
                var privateKey = new RsaSecurityKey(privateRsa);
                creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256);
            }

            var claims = new[] {
                new Claim("scope", payloadObj.scope),
                new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()),
                new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString())
            };
            var token = new JwtSecurityToken(
                payloadObj.iss,
                payloadObj.aud,
                claims,
                signingCredentials: creds
                );

            var result = new JwtSecurityTokenHandler().WriteToken(token);

            return(result);
        }