/// <summary>
/// This method validated the incoming signature.
/// </summary>
/// <param name="payload">The payload containing the signature.</param>
/// <returns>Returns the JWT token.</returns>
protected virtual JwtToken TokenValidate(TransmissionPayload payload)
{
var tokensig = payload.Message.SecuritySignature;
if (string.IsNullOrEmpty(tokensig))
{
throw new IncomingPayloadTokenSignatureNotPresentException();
}
JwtToken token = new JwtToken(tokensig, mSecret, true, false);
return(token);
}
/// <summary>
/// This method generates a JWT token from the payload and it associated security principal and Microservice metadata.
/// </summary>
/// <param name="payload">The payload to sign.</param>
/// <returns>The corresponding token</returns>
protected virtual JwtToken TokenGenerate(TransmissionPayload payload)
{
JwtToken token = new JwtToken(mAlgorithm);
token.Claims.Audience = mAudience;
token.Claims.Issuer = OriginatorId.ExternalServiceId;
token.Claims.IssuedAt = DateTime.UtcNow;
token.Claims.JWTId = payload.Message.OriginatorKey;
token.Claims.Add(ClaimPayloadId, payload.Id.ToString("N").ToUpperInvariant());
token.Claims.Add(ClaimServiceVersion, OriginatorId.ServiceVersionId);
token.Claims.Add(ClaimServiceEngineVersion, OriginatorId.ServiceEngineVersionId);
var correl = payload.Message.ProcessCorrelationKey;
if (correl != null)
{
token.Claims.Add(ClaimProcessCorrelationKey, correl);
}
token.Claims.Add(ClaimDestination, payload.Message.ToKey());
IIdentity identity = payload.SecurityPrincipal?.Identity;
if (identity != null)
{
token.Claims.Add(ClaimTypes.Authentication, identity.IsAuthenticated ? "true" : "false");
token.Claims.Add(ClaimTypes.Role, "Default");
if (identity.Name != null)
{
token.Claims.Add(ClaimTypes.Name, identity.Name);
}
if (identity.IsAuthenticated && identity.AuthenticationType != null)
{
token.Claims.Add(ClaimTypes.AuthenticationMethod, identity.AuthenticationType);
}
}
return(token);
}
/// <summary>
/// This method is used to validate the token.
/// </summary>
/// <param name="tokenParameter">The token auth string parameter.</param>
/// <returns>Returns a Jwt token if the validation is passed.</returns>
public virtual JwtToken Validate(string tokenParameter)
{
var token = new JwtToken(tokenParameter, Secret);
if (ValidateAudience &&
!token.Claims.Audience.Equals(Audience, StringComparison.InvariantCultureIgnoreCase))
{
throw new WebApiJwtFilterValidationException(JwtClaims.HeaderAudience);
}
if (ValidateExpiry &&
(!token.Claims.ExpirationTime.HasValue || token.Claims.ExpirationTime.Value < DateTime.UtcNow))
{
throw new WebApiJwtFilterValidationException(JwtClaims.HeaderExpirationTime);
}
if (ValidateNotBefore &&
(!token.Claims.NotBefore.HasValue || token.Claims.NotBefore.Value >= DateTime.UtcNow))
{
throw new WebApiJwtFilterValidationException(JwtClaims.HeaderNotBefore);
}
return(token);
}
public JwtClaimsPrincipal(JwtToken token)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="MicroserviceSecurityPrincipal"/> class.
/// </summary>
/// <param name="incoming">The incoming token.</param>
public MicroserviceSecurityPrincipal(JwtToken incoming) : base(new MicroserviceSecurityIdentity(incoming))
{
}
/// <summary>
/// Initializes a new instance of the <see cref="MicroserviceIdentity"/> class.
/// </summary>
/// <param name="incoming">The incoming token that holds the claims.</param>
public MicroserviceIdentity(JwtToken incoming)
{
incoming.Claims
.Where((c) => c.Value is string)
.ForEach((c) => AddClaim(new Claim(c.Key, c.Value as string)));
}