private (string, SessionAuthData) CreateAuthToken(string entityID, string deviceID, long tokenExpirationMillis) { SessionAuthData payload = new SessionAuthData(); payload.DeviceID = deviceID; payload.EntityID = new string[] { entityID }; return(new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) // symmetric .WithSecret(this.jwtSecret) .AddClaim("exp", DateTimeOffset.UtcNow.AddMilliseconds(tokenExpirationMillis).ToUnixTimeSeconds()) .AddClaims(payload.ToDictionary()) .Encode(), payload); }
public SessionAuthData TestToken(string token) { try { var jsonPayload = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) // symmetric .WithSecret(jwtSecret) .MustVerifySignature() .Decode(token); var payload = JsonConvert.DeserializeObject <SessionAuthData>(jsonPayload); if (payload == null) { payload = new SessionAuthData(); } return(payload); // TODO add enchanced token validation } catch { return(null); } }