public string GenerateToken(GetLoggedUserResult user, List <string> claims) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.TokenSecret); //i take the Secret from the Config that will be used to generate the Token //I'll create the Tokens, add the Claims into it, and return the Token var tokenDescriptor = new SecurityTokenDescriptor { Issuer = _appSettings.Emiter, //here i say who is the emiter of the Token (name of my system backend) Audience = _appSettings.ValidIn, //here i will say where it's valid (that's specific in Settings.ValidIn - default there is http://localhost) Expires = DateTime.UtcNow.AddMinutes(_appSettings.ExpirationInMinutes), //take how many minutes my token is valid SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature), Subject = new ClaimsIdentity(new Claim[] { new Claim("IdUser", user.IdUser), new Claim("NameUser", user.NameUser), new Claim("UsernameOrEmail", user.UsernameOrEmail), new Claim("EmailAddress", user.EmailAddress) }) }; //now I'm gonna add the claims to the Token claims.ForEach(item => { tokenDescriptor.Subject.AddClaim(new Claim("roles", item)); }); return(tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor))); }
public void Handle_ShouldLoginAUser() { _loginResult = (GetLoggedUserResult)_handler.Handle(_validLoginUser); Assert.AreEqual(_result.Success, true); }