public static void ConfigureServices(IServiceCollection services, VQJwtDescriptor jwtDescriptor)
{
services
.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = jwtDescriptor.SecretKey.GetSymmetricSecurityKey(),
ValidateIssuer = true,
ValidIssuer = jwtDescriptor.Issuer,
ValidateAudience = true,
ValidAudience = jwtDescriptor.Audience,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromSeconds(30),
};
});
}
public static string GenerateToken(this List <KeyValuePair <string, string> > dictionaryClaims, VQJwtDescriptor tokenDescriptor, int minutesToExpire = _3_HOURS_IN_MINUTES)
{
var utcNow = DateTime.UtcNow;
var claims = new ClaimsIdentity(dictionaryClaims.Select(x => new Claim(x.Key, x.Value)));
var tokenHeader = new JwtSecurityTokenHandler();
var securityTokenDescriptor = new SecurityTokenDescriptor
{
Issuer = tokenDescriptor.Issuer,
Audience = tokenDescriptor.Audience,
Subject = claims,
Expires = utcNow.AddMinutes(minutesToExpire),
NotBefore = utcNow,
SigningCredentials = tokenDescriptor.SecretKey.GetCredentials()
};
var token = tokenHeader.CreateToken(securityTokenDescriptor);
return(tokenHeader.WriteToken(token));
}
