/// <summary> /// Create a JWT for a user - After Authtenicated /// </summary> /// <param name="userName">User Name</param> /// <returns>string</returns> public AuthServerJWT CreateJWT(string userName) { //contains both the JWT and Refresh Token var authServerJWT = new AuthServerJWT(); authServerJWT.hasError = false; authServerJWT.errorMsg = string.Empty; var secKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.Default.GetBytes(_secret)); var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials( secKey, SecurityAlgorithms.HmacSha256Signature); //Setup date now and expiration date //DateTime centuryBegin = new DateTime(1970, 1, 1); //var exp = new TimeSpan(DateTime.Now.AddMinutes(20).Ticks - centuryBegin.Ticks).TotalSeconds; //var now = new TimeSpan(DateTime.Now.Ticks - centuryBegin.Ticks).TotalSeconds; var now = DateTimeOffset.Now.ToUnixTimeSeconds(); var exp = DateTimeOffset.Now.AddMinutes(20).ToUnixTimeSeconds(); //Setup the header var header = new JwtHeader(signingCredentials); List <string> Groups = new List <string>(); var userADGroups = AuthFlowJWT.Security.Auth.ActiveDirectory.GetADGroups(userName); var payload = new JwtPayload { { "iss", _issuer }, { "aud", _audience }, { "iat", now }, { "exp", exp }, { "groups", userADGroups } }; //Create the JWT var secToken = new JwtSecurityToken(header, payload); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(secToken); authServerJWT.jsonWebToken = jwt; //Generate the Refresh Token authServerJWT.refreshToken = GenerateRefreshToken(userName); return(authServerJWT); }
/// <summary> /// Renew the token by passing the JWT. If the renewal token is still valid a /// new JWT will be created. /// </summary> /// <param name="jwt">JWT</param> /// <returns></returns> public AuthServerJWT RenewJWT(string refreshToken) { var jwtRenewed = string.Empty; ObjectCache cache = MemoryCache.Default; var cacheRenewalJWT = (AuthServerRefreshToken)cache[refreshToken]; var jwt = new AuthServerJWT(); //If no refresh token is found, it means it expired. if (cacheRenewalJWT == null) { jwt.jsonWebToken = string.Empty; jwt.refreshToken = string.Empty; jwt.hasError = true; jwt.errorMsg = "Refresh Token Expired"; return(jwt); } //The refresh token is valid, return a new JWT jwt = CreateJWT(cacheRenewalJWT.userName); return(jwt); }
private static void WriteJWTToConsole(string msg, AuthServerJWT jwt) { Console.WriteLine("\n" + msg + "\n"); Console.WriteLine(jwt.jsonWebToken); }