public static JwtModel setToken(JwtModel md) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Convert.ToInt32(Math.Round((now - unixEpoch).TotalSeconds)); secondsSinceEpoch += 24 * 60 * 60; md.exp = secondsSinceEpoch; var payload = new Dictionary <string, object> { { "id", md.userid }, { "usercode", md.rolecode }, { "username", md.username }, { "isadmin", md.isadmin }, { "rolecode", md.rolecode }, { "exp", md.exp } }; var secret = "9720cbfbb0684617a2afbe466e100ba2"; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); md.token = encoder.Encode(payload, secret); md.message = "获取成功"; md.status_code = 200; return(md); }
public void DecodeToObject_Should_Throw_Exception_On_Expired_Claim() { const string key = TestData.Key; const int timeDelta = -1; var algorithm = new HMACSHA256Algorithm(); var dateTimeProvider = new UtcDateTimeProvider(); var serializer = new JsonNetSerializer(); var validator = new JwtValidator(serializer, dateTimeProvider); var urlEncoder = new JwtBase64UrlEncoder(); var decoder = new JwtDecoder(serializer, validator, urlEncoder); var now = dateTimeProvider.GetNow(); var exp = UnixEpoch.GetSecondsSince(now.AddHours(timeDelta)); var encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(new { exp }, key); Action decodeExpiredJwt = () => decoder.DecodeToObject <Customer>(token, key, verify: true); decodeExpiredJwt.Should() .Throw <TokenExpiredException>("because decoding an expired token should raise an exception when verified"); }
public static string CreateToken(int id) { // set expiration to 6 hours IDateTimeProvider provider = new UtcDateTimeProvider(); DateTime now = provider.GetNow(); now = now.AddHours(6); // convert to seconds since 1/1/1970 UTC var expirationInSecondsSinceEpoch = Math.Round((now - JwtValidator.UnixEpoch).TotalSeconds); var payload = new Dictionary <string, object> { { "id", id.ToString() }, { "exp", expirationInSecondsSinceEpoch } }; var secret = ConfigurationManager.AppSettings["jwt.secret"]; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, secret); return(token); }
private string GenerateJwt(int key, string secret, int expiryPeriod = 300) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); int secondsSinceEpoch = (int)Math.Round((now - unixEpoch).TotalSeconds); int expiry = secondsSinceEpoch + expiryPeriod; var payload = new Dictionary <string, object> { { "iss", Convert.ToString(key) }, { "ist", "project" }, { "iat", secondsSinceEpoch }, { "exp", expiry } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, secret); return(token); }
/// <summary> /// jwt主要分为三部分:header、playload、secret /// </summary> public string GetTokenJwt() { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); //计算从utc时间到现在的经过的秒数 var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); //定义playload var payload = new Dictionary <string, object> { { "name", "MrBug" }, { "exp", secondsSinceEpoch + 10000 }, { "jti", "test" } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, secret); return(token); }
public string EndcodeTokenWithJWT(User User, byte[] secretKey) { try { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var secondsSinceEpoch = UnixEpoch.GetSecondsSince(now.AddMinutes(30)); var payload = new Dictionary <string, object> { { "UserID", User.UserID }, { "RoleID", User.RoleID }, { "exp", secondsSinceEpoch } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); // SHA256 Algorithm IJsonSerializer serializer = new JsonNetSerializer(); // Convert JSON IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); // Endcode Base 64 IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, secretKey); return(token); } catch { return(null); } }
/// <summary> /// 创建Token /// </summary> /// <param name="userId">用户Id</param> /// <param name="bAdmin">是否超级管理员</param> /// <returns></returns> public static string GetToken(string userId, string corpId, bool bAdmin) { //生成过期时间 IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); //token颁发时间 var exp = now.AddHours(ConstValue.TOKEN_EXPTIME); //token过期时间 var nbf = Convert.ToDateTime(NBF_TIME); //启用日期 var secondsSinceEpoch = Math.Round((now - TOKEN_STARTDATE).TotalSeconds); var secondsExp = Math.Round((exp - TOKEN_STARTDATE).TotalSeconds); var secondsNbf = Math.Round((nbf - TOKEN_STARTDATE).TotalSeconds); //生成token var payload = new Dictionary <string, object> { { ConstValue.SUB_KEY_NODE, userId }, // 该JWT所面向的用户 { ConstValue.ISS_KEY_NODE, ISS_VALUE }, //该JWT的签发者 { ConstValue.IAT_KEY_NODE, secondsSinceEpoch }, //在什么时候签发的token { ConstValue.EXP_KEY_NODE, secondsExp }, // token什么时候过期 { ConstValue.NBF_KEY_NODE, secondsNbf }, //token在此时间之前不能被接收处理 { ConstValue.JTI_KEY_NODE, JTI_VALUE }, //JWT ID为web token提供唯一标识 { ConstValue.ADMIN_KEY_NODE, bAdmin }, //是否超级管理员 { ConstValue.CORP_KEY_NODE, corpId } //是否超级管理员 }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); return(encoder.Encode(payload, TOKEN_SECRET));; }
public static string GenerateToken(string userCode) { try { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); //3分钟后失效 var payload = new Dictionary <string, object> { { "user", userCode }, { "exp", secondsSinceEpoch + 60 * 3 }, { "jti", Guid.NewGuid() } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, secret); return(token); } catch { return(""); } }
//POST: api/Login public APIResult Post([FromBody] UserLoginModel UserLoginModel) { var account = UserLoginModel.Account; var password = UserLoginModel.Password; var fooItem = Context.MyUsers.FirstOrDefault(x => x.EmployeeID == account && x.Password == password); if (fooItem != null) { #region 產生這次通過身分驗證的存取權杖 Access Token string secretKey = MainHelper.SecretKey; #region 設定該存取權杖的有效期限 IDateTimeProvider provider = new UtcDateTimeProvider(); // 這個 Access Token只有一個小時有效 var now = provider.GetNow().AddHours(1); var unixEpoch = UnixEpoch.Value; // 1970-01-01 00:00:00 UTC var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); #endregion string[] fooRole; if (fooItem.IsManager == true) { fooRole = new string[] { "Manager" }; } else { fooRole = new string[0]; } var jwtToken = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secretKey) .AddClaim("iss", UserLoginModel.Account) .AddClaim("exp", secondsSinceEpoch) .AddClaim("role", fooRole) .AddClaim("manager", fooItem.IsManager) .Build(); #endregion // 帳號與密碼比對正確,回傳帳密比對正確 this.Request.CreateResponse(HttpStatusCode.OK); fooResult = new APIResult() { Success = true, Message = $"", TokenFail = false, Payload = new UserLoginResultModel() { AccessToken = $"{jwtToken}", MyUser = fooItem } }; } else { fooResult.Success = false; fooResult.Message = $"使用者不存在或者帳號、密碼不正確"; fooResult.TokenFail = false; fooResult.Payload = null; } return(fooResult); }
public HttpResponseMessage Login([FromBody] TempLoginData data) { HttpResponseMessage response = null; var r = db.TemporaryAccount.Find(data.uid); if (DateTime.Compare(r.reg_time.AddMinutes(accEffTime), DateTime.UtcNow) < 0) { // 臨時帳號accEffTime分鐘內有效 response = this.Request.CreateResponse <APIResult>(HttpStatusCode.Unauthorized, new APIResult() { Success = false, Message = $"", Payload = $"臨時帳號{accEffTime}分鐘內有效" }); } else if (r.pwd == MainHelper.HashPassword(data.pwd)) { // 帳號與密碼比對正確,回傳帳密比對正確 #region 產生這次通過身分驗證的存取權杖 Access Token string secretKey = MainHelper.SecretKey; // 設定該存取權杖的有效期限 IDateTimeProvider provider = new UtcDateTimeProvider(); var expDate = provider.GetNow().AddMinutes(accEffTime); //權杖效期accEffTime分鐘 var unixEpoch = UnixEpoch.Value; // 1970-01-01 00:00:00 UTC var secondsSinceEpoch = Math.Round((expDate - unixEpoch).TotalSeconds); //產生Token var jwtToken = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secretKey) .AddClaim("iss", r.uid.ToString()) // .AddClaim("exp", secondsSinceEpoch) .AddClaim("role", new string[] { "User", "People", "Guest" }) .Build(); #endregion response = this.Request.CreateResponse <APIResult>(HttpStatusCode.OK, new APIResult() { Success = true, Message = $"{r.ancestor_uid}", //回傳祖先的ID 這樣才能用哦~ Payload = $"{jwtToken}" }); } else { // 密碼錯誤 response = this.Request.CreateResponse <APIResult>(HttpStatusCode.Unauthorized, new APIResult() { Success = false, Message = $"", Payload = "UID或密碼不正確" }); } return(response); }
public void SetExpiration(int Minutes) { IDateTimeProvider TimeProvider = new UtcDateTimeProvider(); var Now = TimeProvider.GetNow(); var SecondsSinceEpoch = UnixEpoch.GetSecondsSince(Now); var ExpirationTime = SecondsSinceEpoch + (Minutes * 60); this.Payload.Add("exp", ExpirationTime); }
private int CurrentTime() { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); int secondsSinceEpoch = (int)Math.Round((now - unixEpoch).TotalSeconds); return(secondsSinceEpoch); }
public HttpResponseMessage Login(HttpRequestMessage request, int operationResult, Login login) { Result res = new Result(); res.result = "用户不存在"; var resp = request.CreateResponse(HttpStatusCode.InternalServerError, res); switch (operationResult) { case 1: IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); var payload = new Dictionary <string, object> { { "userId", login.UserId }, { "password", login.InPassword }, { "time", DateTime.Now } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, "UTF-8"); DataConnection pclsCache = new DataConnection(); int a = userInfoMethod.MstUserChangeToken(pclsCache, login.UserId, token); res.result = "登录成功|" + token; resp = request.CreateResponse(HttpStatusCode.OK, res); break; case 0: res.result = "用户不存在"; resp = request.CreateResponse(HttpStatusCode.InternalServerError, res); break; case -1: res.result = "密码错误"; resp = request.CreateResponse(HttpStatusCode.BadRequest, res); break; case -2: res.result = "数据库连接失败"; resp = request.CreateResponse(HttpStatusCode.NotFound, res); break; default: break; } return(resp); }
private static double Expires(TimeSpan timeSpan) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now.Add(timeSpan) - unixEpoch).TotalSeconds); return(secondsSinceEpoch); }
public static double GetSecondSinceEpoch(int daysFromNow = 0) { IDateTimeProvider provider = new UtcDateTimeProvider(); var expiration = provider.GetNow().AddDays(daysFromNow); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((expiration - unixEpoch).TotalSeconds); return(secondsSinceEpoch); }
public HttpResponseMessage Login(string username, string password) { string result = string.Empty; RuleCommon rule = new RuleCommon(); try { tblFW_User objUser = new tblFW_User(); //到数据库进行校验 if (CheckUser(username, password, "", ref objUser) == false) { result = rule.JsonStr("error", "用户名或密码错误", ""); return(new HttpResponseMessage { Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json") }); } DateTime dtime = DateTime.Parse(DateTime.Now.ToShortDateString()); IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); var payload = new Dictionary <string, object> { { "pass", password }, { "exp", secondsSinceEpoch + 10000 }, { "name", username } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, "YYplay"); ////返回登录结果、用户信息、用户验证票据信息 //var Token = FormsAuthentication.Encrypt(token); ////将身份信息保存在session中,验证当前请求是否是有效请求 //if (HttpContext.Current.Session[username] == null) // HttpContext.Current.Session[username] = Token; LoginInfo lginfo = new LoginInfo(); lginfo.token = token; result = rule.JsonStr("ok", "", lginfo); return(new HttpResponseMessage { Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json") }); } catch (Exception e) { result = rule.JsonStr("error", e.Message, ""); return(new HttpResponseMessage { Content = new StringContent(result, System.Text.Encoding.UTF8, "application/json") }); } }
/// <summary> /// Decode a token with the secret and payload values. /// A expiration time can be setted for the token. /// </summary> /// <param name="payload">The payload values, stored in a dictionary</param> /// <param name="expTime">Time to expirate in seconds</param> /// <returns>Encoded token</returns> public string MakeToken(Dictionary <string, object> payload, int expTime = 0) { if (expTime != 0) { IDateTimeProvider timeDaNet = new UtcDateTimeProvider(); var agora = timeDaNet.GetNow(); var segundos = UnixEpoch.GetSecondsSince(agora) + expTime; payload.Add("exp", segundos); } return(encoder.Encode(payload, secret)); }
public static string Encode(Dictionary <string, object> obj) { var secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk"; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); // IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = provider.GetNow().AddYears(1).toJWTString(); var payload = obj; var token = encoder.Encode(payload, secret); return(token); }
private static readonly int _expire = 60 * 60 * 60 * 600; // seconds public static string GenerateToken(Employee employee, int expire) { try { var keySec = _secret; if (string.IsNullOrWhiteSpace(AppGlobal.NexusConfig.Secret)) { keySec = AppGlobal.NexusConfig.Secret; } if (expire <= 0) { expire = _expire; } var provider = new UtcDateTimeProvider(); var createTime = provider.GetNow(); var expiredTime = provider.GetNow().AddSeconds(expire); var secondsSinceEpoch = UnixEpoch.GetSecondsSince(expiredTime); var payload = new Dictionary <string, object> { { "Employee", employee }, { "exp", secondsSinceEpoch } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); // symmetric JWT.IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, keySec); return(token); } catch (Exception ex) { Logger.Write(ex.ToString(), true); } return(null); }
public LoginResult aaa(LoginRequest request) { LoginResult rs = new LoginResult(); //假设用户名为"admin",密码为"123" if (request.UserName == "admin" && request.Password == "123") { //如果用户登录成功,则可以得到该用户的身份数据。当然实际开发中,这里需要在数据库中获得该用户的角色及权限 IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = UnixEpoch.Value; // 1970-01-01 00:00:00 UTC var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); AuthInfo authInfo = new AuthInfo { IsAdmin = true, Roles = new List <string> { "admin", "owner" }, UserName = "******" }; var payload = new Dictionary <string, object> { { "authInfo", authInfo }, { "exp", DateTimeOffset.UtcNow.AddSeconds(30).ToUnixTimeSeconds() } }; try { //生成token,SecureKey是配置的web.config中,用于加密token的key,打死也不能告诉别人 byte[] key = Encoding.Default.GetBytes(ConfigurationManager.AppSettings["SecureKey"]); //采用HS256加密算法 IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var token = encoder.Encode(payload, key); rs.Token = token; rs.Success = true; } catch { rs.Success = false; rs.Message = "登陆失败"; } } else { rs.Success = false; rs.Message = "用户名或密码不正确"; } return(rs); }
protected virtual IHttpActionResult Logout(IDictionary <string, object> jwtPayload) { if (ExpiredMinutes > 0) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds); jwtPayload[JwtClaimName.exp.ToString()] = secondsSinceEpoch + ExpiredMinutes * 60; } string data = JwtHelper.Encode(jwtPayload, Secret); return(Succeed(data, "已经退出登陆")); }
public void DecodeToObject_Should_Decode_Token_After_NotBefore_Becomes_Valid() { var serializer = new JsonNetSerializer(); var dateTimeProvider = new UtcDateTimeProvider(); var validTor = new JwtValidator(serializer, dateTimeProvider); var urlEncoder = new JwtBase64UrlEncoder(); var decoder = new JwtDecoder(serializer, validTor, urlEncoder); var now = dateTimeProvider.GetNow(); var nbf = UnixEpoch.GetSecondsSince(now); var encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder); var token = encoder.Encode(new { nbf }, "ABC"); decoder.DecodeToObject <Customer>(token, "ABC", verify: true); }
/// <summary> /// 创建token,注意要解析token是一个匿名方式的对象,格式new T{ exp, data } /// </summary> /// <param name="payload">自定义数据</param> /// <param name="month">过期时间,单位min</param> /// <returns></returns> public string CreateToken(object data, int min = 60) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds) + min; var payload = new { exp = secondsSinceEpoch, data = data }; return(CreateToken(payload)); }
public static string GenerateToken(User user, int expireMinutes = 20) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow().AddHours(expireMinutes); var secondsSinceEpoch = Math.Round((now - UnixEpoch.Value).TotalSeconds); AuthContextUser auser = new AuthContextUser(user); var payload = new Dictionary <string, object> { { ClaimTypes.Name, user.LoginName }, { ClaimTypes.UserData, auser }, { "exp", secondsSinceEpoch } }; var token = encoder.Encode(payload, Secret); return(token); }
/// <summary> /// Generate custom signature verified Auth Token /// </summary> public string GenerateCustomToken() { var privateKey = TestConfiguration.FakeTokenPrivateKey; var header = new Dictionary <string, object> { { "x5t", "kg2LYs2T0CTjIfj4rt6JIynen38" }, { "kid", "kg2LYs2T0CTjIfj4rt6JIynen38" } }; var provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var tokenIssued = UnixEpoch.GetSecondsSince(now); var expiry = tokenIssued + 3600; var payload = new Dictionary <string, object> { { "aud", $"{EssauthConfig.EssClientId}" }, { "iss", $"https://sts.windows.net/{EssauthConfig.TenantId}/" }, { "iat", tokenIssued }, { "nbf", tokenIssued }, { "exp", expiry }, { "aio", "E2RgYPisIWqdtDHp72InvliZoLuf+m/cOdbklLQrIXRDxgPb23MB" }, { "appid", $"{EssauthConfig.AutoTestClientId}" }, { "appidacr", "1" }, { "idp", $"https://sts.windows.net/{EssauthConfig.TenantId}/" }, { "oid", "da599026-93fc-4d2a-92c8-94b724e26176" }, { "rh", "0.AAAASMo0kT1mBUqWijGkLwrtPjtAyT6ZgpBKjswH7mZCEJ8CAP0." }, { "roles", new string [] { "BatchCreate" } }, { "sub", "uftNZPaOJaWSYJqHrMIkFhg3rgQ97G9Km9fDl48WQPk" }, { "tid", "9134ca48-663d-4a05-968a-31a42f0aed3e" }, { "uti", "KOT0iQPMzESCe4R_Ce94AA" }, { "ver", "1.0" } }; var privateKeyBytes = Convert.FromBase64String(privateKey); using var rsa = RSA.Create(); rsa.ImportRSAPrivateKey(privateKeyBytes, out _); IJwtAlgorithm algorithm = new RS256Algorithm(rsa, rsa); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); return(encoder.Encode(header, payload, "")); }
public string Make(int userType) { IDateTimeProvider provider = new UtcDateTimeProvider(); var now = provider.GetNow(); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); // or use JwtValidator.UnixEpoch var secondsSinceEpoch = Math.Round((now - unixEpoch).TotalSeconds) + TokenTimeOut; var payload = new Dictionary <string, object>() { { "exp", secondsSinceEpoch }, { "tp", userType } }; IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); return(encoder.Encode(payload, Secret)); }
public void DecodeToObject_Should_Throw_Exception_Before_NotBefore_Becomes_Valid() { var serializer = new JsonNetSerializer(); var dateTimeProvider = new UtcDateTimeProvider(); var validTor = new JwtValidator(serializer, dateTimeProvider); var urlEncoder = new JwtBase64UrlEncoder(); var decoder = new JwtDecoder(serializer, validTor, urlEncoder); var now = dateTimeProvider.GetNow(); var nbf = UnixEpoch.GetSecondsSince(now.AddHours(1)); var encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder); var token = encoder.Encode(new { nbf }, "ABC"); Action action = () => decoder.DecodeToObject <Customer>(token, "ABC", verify: true); Assert.Throws <SignatureVerificationException>(action); }
public void DecodeToObject_Should_Throw_Exception_On_Expired_Claim() { var serializer = new JsonNetSerializer(); var dateTimeProvider = new UtcDateTimeProvider(); var validator = new JwtValidator(serializer, dateTimeProvider); var urlEncoder = new JwtBase64UrlEncoder(); var decoder = new JwtDecoder(serializer, validator, urlEncoder); var now = dateTimeProvider.GetNow(); var exp = (int)(now.AddHours(-1) - JwtValidator.UnixEpoch).TotalSeconds; var encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder); var expiredtoken = encoder.Encode(new { exp = exp }, "ABC"); Action action = () => decoder.DecodeToObject <Customer>(expiredtoken, "ABC", verify: true); action.ShouldThrow <TokenExpiredException>(); }
public void DecodeToObject_Should_Throw_Exception_On_Expired_Claim() { var serializer = new JsonNetSerializer(); var dateTimeProvider = new UtcDateTimeProvider(); var validator = new JwtValidator(serializer, dateTimeProvider); var decoder = new JwtDecoder(serializer, validator); var now = dateTimeProvider.GetNow(); var hourAgo = now.Subtract(new TimeSpan(1, 0, 0)); var unixTimestamp = (int)(hourAgo - new DateTime(1970, 1, 1)).TotalSeconds; var encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer); var expiredtoken = encoder.Encode(new { exp = unixTimestamp }, "ABC"); Action action = () => decoder.DecodeToObject <Customer>(expiredtoken, "ABC", verify: true); action.ShouldThrow <TokenExpiredException>(); }
public static double Expiration() { try { IDateTimeProvider provider = new UtcDateTimeProvider(); int tokenDurationTime = 0; var now = provider.GetNow(); var durationUntil = UnixEpoch.GetSecondsSince(now) + tokenDurationTime; return(durationUntil); } catch { throw new Exception("Can't build expiration time for token"); } }