public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
var signature = new HmacSigningCredentials(_secret);
var signingCredentials = new SigningCredentials(
signature.SigningKey,
signature.SignatureAlgorithm,
signature.DigestAlgorithm);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(
_issuer,
"Any",
data.Identity.Claims,
issued.Value.UtcDateTime,
expires.Value.UtcDateTime,
signingCredentials);
var jwt = new JwtSecurityTokenHandler().WriteToken(token);
return(jwt);
}
/// <summary>
/// Creates a JWT from an Authentication Ticket.
/// </summary>
/// <param name="data">Authentiction Ticket.</param>
/// <returns></returns>
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null;
if (string.IsNullOrWhiteSpace(audienceId))
{
throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience");
}
Audience audience = AudiencesStore.FindAudience(audienceId);
string symmetricKeyAsBase64 = audience.Base64Secret;
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
private string ISecureDataFormat_Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = AppConfiguration.GetByKey(GlobalLegaSys.ClientId);
string symmetricKeyAsBase64 = AppConfiguration.GetByKey(GlobalLegaSys.ClientSecret);
dynamic keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
dynamic signingKey = new HmacSigningCredentials(keyByteArray);
dynamic issued = data.Properties.IssuedUtc;
dynamic expires = data.Properties.ExpiresUtc;
dynamic token = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.UtcDateTime, expires.UtcDateTime, signingKey);
dynamic handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
dynamic jwt = handler.WriteToken(token);
return(jwt);
}
/// Generated the token in format JWT
/// </summary>
/// <param name="data">Data for generated token</param>
/// <returns>Token generated</returns>
/// <author> Natalia Ladino - [email protected] </author>
public string Protect(AuthenticationTicket data)
{
string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null;
if (string.IsNullOrWhiteSpace(audienceId))
{
throw new InvalidOperationException(Resources.Message_es.InvalidAudience);
}
blAUdience = new BlAudience();
Audience audience = blAUdience.GetAudienceByClientId(audienceId);
if (!string.IsNullOrEmpty(audience.Secret))
{
string symmetricKeyAsBase64 = audience.Secret;
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(issuerGenerated, audienceId, data.Identity.Claims, issued.Value.LocalDateTime, expires.Value.LocalDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
else
{
throw new InvalidOperationException(Resources.Message_es.ExceptionSecret);
}
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var currentUtc = new SystemClock().UtcNow;
data.Properties.IssuedUtc = currentUtc;
double expirationTimeMin = double.Parse(ConfigurationManager.AppSettings["ExpirationTimeTokenInMin"]);
data.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(expirationTimeMin));
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, currentUtc.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
if (string.IsNullOrWhiteSpace(_audienceId))
{
throw new InvalidOperationException("AuthenticationTicket Properties does not include audience");
}
var keyByteArray = TextEncodings.Base64Url.Decode(_symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, _audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
// this API serves as Resource and Authorization Server at the same time,
// so we are fixing the Audience Id and Audience Secret (Resource Server) in web.config file,
// this Audience Id and Secret will be used for HMAC265 and hash the JWT token. (see: AudienceService for generating these)
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
// prepare the raw data for the JSON Web Token which will be issued to the requester by providing the
// issuer, audience, user claims, issue date, expiry date, and the signing key which will sign (hash) the JWT payload.
var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
// Serialize the JSON Web Token to a string and return it to the requester.
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = data.Properties.Dictionary["AudienceId"];
string symmetricKeyAsBase64 = data.Properties.Dictionary["AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
//var signingKey = new SigningCredentials(
// new InMemorySymmetricSecurityKey(keyByteArray),
// signatureAlgorithm: "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
// digestAlgorithm: "http://www.w3.org/2001/04/xmlenc#sha256");
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = System.Configuration.ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = System.Configuration.ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new System.IdentityModel.Tokens.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new System.IdentityModel.Tokens.JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
//this.Unprotect("eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTM4NCJ9.eyJuYW1laWQiOiIyZGMxZTRlMC0xNjdjLTQ4MWQtOTZjMC0zOGQzYmIxNzA5ZDgiLCJ1bmlxdWVfbmFtZSI6IlVzdWFyaW8iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2FjY2Vzc2NvbnRyb2xzZXJ2aWNlLzIwMTAvMDcvY2xhaW1zL2lkZW50aXR5cHJvdmlkZXIiOiJBU1AuTkVUIElkZW50aXR5IiwiQXNwTmV0LklkZW50aXR5LlNlY3VyaXR5U3RhbXAiOiJiNWNiMGMxYi05OWI2LTQ1NmItOWRiMC0xODRiNjE0NzVjNDciLCJyb2xlIjoiVXNlciIsIk15VHlwZSI6IjQ1IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDg5IiwiYXVkIjoiVHdpY2VUYWxlbnQiLCJleHAiOjE0ODk4NTMwNzgsIm5iZiI6MTQ4OTc2NjY3OH0.wuj8cRpwjCr75eyLrPpgvwUk8l0cmR07Cxetm_Ei2_Ym6At32QteM22tqT2hSaph");
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string clientId = ConfigurationManager.AppSettings.Get("ClientIdApi");
if (string.IsNullOrWhiteSpace(clientId))
{
throw new InvalidOperationException("AuthenticationTicket.Properties does not include AccessData");
}
AccessData accessData = new AccessDataFactory().Get();
string symmetricKeyAsBase64 = accessData.Base64Secret;
byte[] keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
HmacSigningCredentials signingKey = new HmacSigningCredentials(keyByteArray);
DateTimeOffset?issued = data.Properties.IssuedUtc;
DateTimeOffset?expires = data.Properties.ExpiresUtc;
JwtSecurityToken token = new JwtSecurityToken(_issuer, clientId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
string jwt = handler.WriteToken(token);
new LogWebApiScmFactory().SaveLog("Token", JsonConvert.SerializeObject(token), "Gerando token", string.Format("Token gerado: {0}", jwt), HttpContext.Current);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
var credentials = new HmacSigningCredentials(_secret);
// Finally create a Token
//var header = new JwtHeader(credentials);
var handler = new JwtSecurityTokenHandler();
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
return(new JwtSecurityTokenHandler()
.WriteToken(new JwtSecurityToken(_issuer,
"Any",
data.Identity.Claims,
issued.Value.UtcDateTime,
expires.Value.UtcDateTime
, credentials
)));
}
public string GenerateDobiToken(DobiBasicInformation dobi)
{
try
{
var issuer = WebConfigurationManager.AppSettings["issuer"];
var audience = WebConfigurationManager.AppSettings["aud"];
var key = WebConfigurationManager.AppSettings["secret"];
var identity = new ClaimsIdentity("JWT");
identity.AddClaim(new Claim("dobiId", dobi.DobiId));
identity.AddClaim(new Claim("name", dobi.Name));
identity.AddClaim(new Claim("phone", dobi.Phone));
identity.AddClaim(new Claim("photo", dobi.Photo ?? ""));
identity.AddClaim(new Claim(ClaimTypes.Role, "dobi"));
var now = DateTime.UtcNow;
var expires = now.AddDays(Validity);
var symmetricKeyAsBase64 = key;
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var token = new JwtSecurityToken(issuer, audience, identity.Claims, now, expires, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwtToken = handler.WriteToken(token);
return(jwtToken);
}
catch (Exception e)
{
throw;
}
}
public string Protect(AuthenticationTicket data)
{
AppLogger.Instance.LogBegin(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name);
try
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationReader.Instance.GetAppSetting(AppSettingKeys.AudienceId);
string symmetricKeyAsBase64 = ConfigurationReader.Instance.GetAppSetting(AppSettingKeys.AudienceSecret);
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.DateTime, expires.Value.DateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
AppLogger.Instance.LogEnd(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name);
return(jwt);
}
catch (Exception ex)
{
AppLogger.Instance.Log(eLogType.Error, ex.ToString());
return(null);
}
finally
{
AppLogger.Instance.LogEnd(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name);
}
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = "all";
string symmetricKeyAsBase64 = "UHxNtYMRYwvfpO1dS5pWLKL0M2DgOj40EbN4SoBWgfc";
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = "099153c2625149bc8ecb3e85e03f0022";
string symmetricKeyAsBase64 = "IxrAjDoa2FqElO7IhrSrUJELhUckePEPVpaePlS_Xaw";
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
/// <summary>
/// Protects the specified data.
/// </summary>
/// <param name="data">The data.</param>
/// <returns></returns>
/// <exception cref="System.ArgumentNullException">data</exception>
/// <exception cref="System.InvalidOperationException">AuthenticationTicket.Properties does not include audience</exception>
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
var audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
var keyByteArray = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["as:AudienceSecret"]);
if (string.IsNullOrWhiteSpace(audienceId) || keyByteArray == null)
{
throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience and/or keybyte");
}
Array.Resize(ref keyByteArray, 48);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
//string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
//string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
//var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
//var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
//var signatureCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
//var issued = data.Properties.IssuedUtc;
//var expires = data.Properties.ExpiresUtc;
//var token = new JwtSecurityToken(_issuer,
// audienceId,
// data.Identity.Claims,
// issued.Value.UtcDateTime,
// expires.Value.UtcDateTime,
// signatureCredentials);
//var handler = new JwtSecurityTokenHandler();
//var jwt = handler.WriteToken(token);
//return jwt;
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer,
audienceId,
data.Identity.Claims,
issued.Value.UtcDateTime,
expires.Value.UtcDateTime,
signingKey);
// var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
internal static ClaimsPrincipal ValidateToken(TokenValidationParameters validationParams, string tokenString, string secretKey)
{
validationParams.IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(secretKey));
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
SecurityToken validatedToken = null;
return(tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken));
}
private JwtSecurityToken GetJwtSecurityToken(AuthenticationTicket ticket, Client client)
{
byte[] securityKey = TextEncodings.Base64Url.Decode(client.Secret);
var signingKey = new HmacSigningCredentials(securityKey);
DateTimeOffset?issued = ticket.Properties.IssuedUtc;
DateTimeOffset?expires = ticket.Properties.ExpiresUtc;
var token = new JwtSecurityToken(client.Name, client.ClientId, ticket.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
return(token);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException();
}
var signingKey = new HmacSigningCredentials(_secret);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
return(new JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, _issuer, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey)));
}
private SigningCredentials CreateHmac()
{
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray); // 32:HmacSha256 / 48:HmacSha384 / 64:HmacSha512
// var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
// var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
return(signingKey);
}
public static string GenerateToken(this ClaimsIdentity identity, string audienceId, string symmetricKeyAsBase64, string issuer, DateTimeOffset?issued, DateTimeOffset?expires)
{
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var token = new JwtSecurityToken(issuer, audienceId, identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
string jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
var signingKey = new HmacSigningCredentials(_securitySettings.AudienceSecret);
var token = new JwtSecurityToken(_securitySettings.Issuer, _securitySettings.AudienceId, data.Identity.Claims, data.Properties.IssuedUtc?.UtcDateTime, data.Properties.ExpiresUtc?.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
var audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
//var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new ApplicationDbContext()));
//if(HttpContext.Current != null)
//{
// var app = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>();
// var user = app.FindByName(data.Identity.Name);
// foreach(var role in roleManager.Roles)
// {
// if(user.Roles.Any(r=>r.RoleId.Equals(role.Id)))
// {
// var rClaims = _roleClaims.Where(r => r.RoleId.Equals(role.Id)).ToList();
// foreach(var rClaim in rClaims)
// {
// var claim = _claims.FirstOrDefault(c=>c.Id == rClaim.ClaimId);
// var securityClaim =
// new System.Security.Claims.Claim("userClaimsPerRole", claim.ClaimValue);
// data.Identity.AddClaim(securityClaim);
// }
// }
// }
//}
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims,
issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public IHttpActionResult refreshToken()
{
var authHeader = Request.Headers.FirstOrDefault(h => h.Key.Equals("Authorization"));
var bearJwtToken = authHeader.Value.FirstOrDefault();
if (string.IsNullOrEmpty(bearJwtToken))
{
return(BadRequest("Authorization required"));
}
var arr = bearJwtToken.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);
if (arr.Length < 2)
{
return(BadRequest("Invalid Token"));
}
var jwtTokenStr = arr[1];
var tokenHandler = new JwtSecurityTokenHandler();
var jwtToken = tokenHandler.ReadToken(jwtTokenStr) as JwtSecurityToken;
var appConfig = new AppConfig();
var audienceId = appConfig["clientId"];
var issuer = appConfig["issuer"];
var configExpire = appConfig["expireMinutes"];
var claims = jwtToken.Claims;
var notBefore = DateTime.Now;
double expireMinutes = 0;
if (!double.TryParse(configExpire, out expireMinutes))
{
expireMinutes = 30;
}
var expires = notBefore.AddMinutes(expireMinutes);
Audience audience = AudiencesStore.FindAudience(audienceId);
string symmetricKeyAsBase64 = audience.Base64Secret;
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var signingKey = new HmacSigningCredentials(keyByteArray);
var newToken = new JwtSecurityToken(issuer, audienceId, claims, notBefore, expires, signingKey);
var jwt = tokenHandler.WriteToken(newToken);
return(Ok(jwt));
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
var signingKey = new HmacSigningCredentials(_secret);
//var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(_secret);
//var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
return(new JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, "Any", data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey)));
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
var signingKey = new HmacSigningCredentials(_secret); // create a HMAC-SHA256 signing key
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var jwt = new JwtSecurityTokenHandler().WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
var clientId = ConfigurationManager.AppSettings["as:ClientId"];
var secret = ConfigurationManager.AppSettings["as:ClientSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(secret);
var signingKey = new HmacSigningCredentials(keyByteArray);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, clientId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
//var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(_secret, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256);
//var signingKey = new System.IdentityModel.Tokens.SigningCredentials(
// new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["secret"])),
// System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var signingKey = new HmacSigningCredentials(_secret);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
return(new System.IdentityModel.Tokens.JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, null, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey)));
}
