protected virtual string Sign(string signingInput, System.IdentityModel.Tokens.SigningCredentials signingCredentials)
{
if (signingCredentials == null)
{
return(string.Empty);
}
string result;
using (SignatureProvider signatureProvider = SignatureProvider.Create(signingCredentials))
{
result = Base64UrlEncoder.Encode(signatureProvider.Sign(Base64UrlEncoder.TextEncoding.GetBytes(signingInput)));
}
return(result);
}
public static SignatureProvider Create(System.IdentityModel.Tokens.SigningCredentials signingCredentials)
{
Utility.VerifyNonNullArgument("signingCredentials", signingCredentials);
if (System.StringComparer.Ordinal.Compare(signingCredentials.DigestAlgorithm, "http://www.w3.org/2001/04/xmlenc#sha256") != 0)
{
throw new System.ArgumentException("signingCredentials.DigestAlgorithm must be SHA-256");
}
System.IdentityModel.Tokens.X509AsymmetricSecurityKey x509AsymmetricSecurityKey = signingCredentials.SigningKey as System.IdentityModel.Tokens.X509AsymmetricSecurityKey;
if (x509AsymmetricSecurityKey != null)
{
return(new X509AsymmetricSignatureProvider(x509AsymmetricSecurityKey));
}
System.IdentityModel.Tokens.SymmetricSecurityKey symmetricSecurityKey = signingCredentials.SigningKey as System.IdentityModel.Tokens.SymmetricSecurityKey;
if (symmetricSecurityKey != null)
{
return(new SymmetricSignatureProvider(symmetricSecurityKey));
}
throw new System.ArgumentException("signingCredentials.SigningKey must be either X509AsymmetricSecurityKey or SymmetricSecurityKey");
}
public static string MakeToken(string secret, string user)
{
var securityKey = new System.IdentityModel.Tokens.InMemorySymmetricSecurityKey(Encoding.Default.GetBytes(secret));
System.IdentityModel.Tokens.SigningCredentials signingCredentials =
new System.IdentityModel.Tokens.SigningCredentials(
securityKey,
"http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
"http://www.w3.org/2001/04/xmlenc#sha256");
byte[] randomNonce = new Byte[32];
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetBytes(randomNonce);
List <Claim> claims = new List <Claim>()
{
new Claim("user", user),
new Claim("nonce", Convert.ToBase64String(randomNonce)),
};
var jwtSecurityToken = new System.IdentityModel.Tokens.JwtSecurityToken(
issuer,
audience,
claims,
DateTime.Now,
DateTime.Now.AddHours(1),
signingCredentials
);
var handler = new System.IdentityModel.Tokens.JwtSecurityTokenHandler();
string tokenString = handler.WriteToken(jwtSecurityToken);
return(tokenString);
}
public JsonWebSecurityToken(string issuer, string audience, System.DateTime validFrom, System.DateTime validTo, System.Collections.Generic.IEnumerable <JsonWebTokenClaim> claims, System.IdentityModel.Tokens.SigningCredentials signingCredentials) : this(issuer, audience, validFrom, validTo, claims)
{
Utility.VerifyNonNullArgument("signingCredentials", signingCredentials);
this._signingCredentials = signingCredentials;
}
