public async Task <Result <byte[]> > BuildAsync(IAsymmetricHasher hasher)
{
var header = Serialize(Header);
var payload = Serialize(Claims);
var data = new byte[header.Length + 1 + payload.Length];
Buffer.BlockCopy(header, 0, data, 0, header.Length);
data[header.Length] = (byte)'.';
Buffer.BlockCopy(payload, 0, data, header.Length + 1, payload.Length);
var alg = SHA256.Create();
var digest = alg.ComputeHash(data);
var result = await hasher.SignAsync(digest);
if (result.IsFailure)
{
return(result);
}
var signature = result.Value;
var base64Signature = new byte[Base64.GetMaxEncodedToUtf8Length(signature.Length)];
Base64.EncodeToUtf8(signature, base64Signature, out _, out _);
var token = new byte[data.Length + 1 + base64Signature.Length];
Buffer.BlockCopy(data, 0, token, 0, data.Length);
token[data.Length] = (byte)'.';
Buffer.BlockCopy(base64Signature, 0, token, data.Length + 1, base64Signature.Length);
return(token);
public async Task <Result> VerifyAsync(IAsymmetricHasher hasher)
{
var(success, _, (data, signature), error) = Scan();
if (!success)
{
return(Result.Failure(error));
}
var result = await hasher.VerifyAsync(data, signature);
if (result.IsFailure)
{
return(result);
}
var now = DateTime.UtcNow.Unix();
if (ExpiryTimestamp.HasValue && ExpiryTimestamp.Value <= now)
{
return(Result.Failure(ExpiredMessage));
}
if (NotBeforeTimestamp.HasValue && NotBeforeTimestamp.Value > now)
{
return(Result.Failure(NotYetValidMessage));
}
return(Result.Success());
}
public TokenService(
IUserProvider userProvider,
IPasswordService passwordService,
IAsymmetricHasher hasher,
ILogger <TokenService> logger)
{
_userProvider = userProvider;
_passwordService = passwordService;
_hasher = hasher;
_logger = logger;
}
