public bool Validate(Interface.IRegistrationData registrationData)
{
if (TokenExists)
{
Model.Jwt token;
try
{
token = Utils.DecodeTokenVerify(_jwt, registrationData.SharedSecret);
}
catch (Exception ex)
{
throw new TokenExpiredException($"{ex.Message} for {registrationData.ClientKey}");
}
if (!token.isValidDate)
{
throw new TokenExpiredException($"Token Expired for {registrationData.ClientKey}");
}
var hash = QueryStringHasher.CalculateHash(_method, _path, _queryString);
if (hash != token.qsh)
{
throw new SignatureVerificationException($"Invalid URL signature for {ClientKey}");
}
}
return(TokenExists);
}
/// <summary>
/// Encodes JWT token
/// </summary>
/// <param name="secret"></param>
/// <param name="issuer"></param>
/// <param name="subject"></param>
/// <param name="expMinutes"></param>
/// <param name="method"></param>
/// <param name="path"></param>
/// <param name="queryString"></param>
/// <param name="dt"></param>
/// <returns></returns>
public static string EncodeToken(string secret, string issuer, string subject, int expMinutes, string method, string path, string queryString = "", DateTimeOffset?dt = null) =>
new JwtBuilder()
.WithAlgorithm(new HMACSHA256Algorithm())
.WithSecret(secret)
.Issuer(issuer)
.AddClaim("iat", (dt ?? DateTimeOffset.UtcNow).ToUnixTimeSeconds())
.AddClaim("exp", (dt ?? DateTimeOffset.UtcNow).AddMinutes(expMinutes).ToUnixTimeSeconds())
.AddClaim("qsh", QueryStringHasher.CalculateHash(method, path, queryString))
.AddClaim("sub", subject)
.Encode();
