public async Task <AccessTokenModel> AuthUser(EntityUser user, EntityUserSocialType provider)
{
var identity = await GetUserIdentity(user, provider);
var now = DateTime.UtcNow;
var jwt = new JwtSecurityToken(
issuer: AuthOptions.ISSUER,
audience: AuthOptions.AUDIENCE,
claims: identity.Claims,
expires: now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)),
signingCredentials: new SigningCredentials(AuthOptions.GetKey(), SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(new AccessTokenModel
{
Token = encodedJwt,
Email = user.Email,
Expires = jwt.ValidTo.Subtract(now).Ticks,
FirstName = user.FirstName,
LastName = user.LastName,
OAuthProvider = provider.ToString(),
ProfileImageUrl = user.PictureUrl
});
}
protected async Task <ClaimsIdentity> GetUserIdentity(EntityUser user, EntityUserSocialType provider)
{
var list = new List <Claim>();
if (await _userStore.IsInRoleAsync(user, "user"))
{
list.Add(new Claim(ClaimsIdentity.DefaultRoleClaimType, "user"));
}
if (await _userStore.IsInRoleAsync(user, "admin"))
{
list.Add(new Claim(ClaimsIdentity.DefaultRoleClaimType, "admin"));
}
list.Add(new Claim(ClaimsIdentity.DefaultNameClaimType, user.Email));
list.Add(new Claim("Provider", provider.ToString()));
return(new ClaimsIdentity(list, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType));
}
