public ActionResult <string> Post(AuthenticationRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey,
[FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(
issuer: "SampleOfWebAPI",
audience: "WebAPI",
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddHours(1),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
string jwtToken = tokenHandler.WriteToken(token);
return(jwtToken);
}
private EncryptingCredentials EncryptingCredentialsPrepare()
{
return(new EncryptingCredentials(
_encryptingEncodingKey.GetKey(),
_encryptingEncodingKey.SigningAlgorithm,
_encryptingEncodingKey.EncryptingAlgorithm));
}
public string GenerateJwtToken(UserModel user, IJwtSigningEncodingKey signingEncodingKey, IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, user?.Login),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateJwtSecurityToken(
issuer: JwtSettings.ValidIssuer,
audience: JwtSettings.ValidAudience,
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(5),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm)
);
var jwteString = tokenHandler.WriteToken(token);
return(jwteString);
}
public async Task <ServiceResult <string> > GetTokenAsync(string email)
{
User user = await _mongoManager.UserManager.GetAsync(email.ToLower());
if (user == null)
{
_logger.LogWarning("User didn't get token. User data isn't loaded from database because the data doesn't exist ");
_logger.LogTrace("Djelato.Services.Services.GetTokenAsync(string email, IJwtSigningEncodingKey signingEncodingKey)");
return(new ServiceResult <string>(false, null, "Profile doesn't exist"));
}
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id)
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateJwtSecurityToken(
issuer: "DjelatoApp",
audience: "DjelatoClient",
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddHours(24),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
_signingEncodingKey.GetKey(),
_signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
_encryptingEncodingKey.GetKey(),
_encryptingEncodingKey.SigningAlgorithm,
_encryptingEncodingKey.EncryptingAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
if (string.IsNullOrEmpty(jwtToken))
{
_logger.LogError("JwtSecurityToken class didn't generate token");
_logger.LogTrace("Djelato.Services.Services.GetTokenAsync(string email, IJwtSigningEncodingKey signingEncodingKey)");
return(new ServiceResult <string>(true, jwtToken, "Token generated"));
}
else
{
_logger.LogInformation($"token generate successfully");
return(new ServiceResult <string>(true, jwtToken, "Token generated"));
}
}
public ActionResult <string> Post(AuthenticationRequest authRequest, [FromServices] IJwtSigningEncodingKey signingEncodingKey, [FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
// 1. Проверяем данные пользователя из запроса.
// ...
var identity = GetIdentity(authRequest.Name, authRequest.Password);
if (identity == null)
{
Response.StatusCode = 400;
Response.WriteAsync("Invalid username or password.").GetAwaiter().GetResult();
return(null);
}
else
{
// 2. Создаем утверждения для токена.
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
// 3. Генерируем JWT.
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(
issuer: "DemoApp",
audience: "DemoAppClient",
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(5),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
var jwtToken = tokenHandler.WriteToken(token);
return(jwtToken);
}
}
public string GenereteJwtToken(string userName, IdentityUser user, List <string> roles)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimsIdentity.DefaultNameClaimType, userName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(CommonConstants.UniqueClaimName, CryptoRandomizer.GetRandomString(16))
};
foreach (string role in roles)
{
claims.Add(new Claim(ClaimsIdentity.DefaultRoleClaimType, role));
}
var signInCreditials = new SigningCredentials(signInEncodingKey.GetKey(),
signInEncodingKey.SignInAlgorithm);
var encryptedCreditials = new EncryptingCredentials(jwtEncryptionEncodingKey.GetKey(),
jwtEncryptionEncodingKey.SigningAlgorithm,
jwtEncryptionEncodingKey.EncryptingAlgorithm);
var expires = DateTime.Now.AddMinutes(Convert.ToDouble(tokenLifeTimeOptions.Value.AccessTokenLifeTime));
var now = DateTime.UtcNow;
var token = new JwtSecurityTokenHandler().CreateJwtSecurityToken(
authOptions.Value.Issuer,
authOptions.Value.Audience,
notBefore: now,
subject: new ClaimsIdentity(claims),
expires: expires,
issuedAt: DateTime.Now,
signingCredentials: signInCreditials,
encryptingCredentials: encryptedCreditials
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public string GenerateAccessToken(IEnumerable <Claim> claims,
IJwtSigningEncodingKey signingEncodingKey,
IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var tokenHandler = new JwtSecurityTokenHandler();
var expiryInMinutes = Convert.ToInt32(_configuration["Jwt:ExpiryInMinutes"]);
var jwtToken = tokenHandler.CreateJwtSecurityToken(
issuer: _configuration["Jwt:Site"],
audience: _configuration["Jwt:Site"],
subject: new ClaimsIdentity(claims),
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(expiryInMinutes),
issuedAt: DateTime.UtcNow,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
return(tokenHandler.WriteToken(jwtToken));
}