public Task <string> WriteToken(PasetoTokenDescriptor descriptor)
{
ValidationResult validationResult = new TokenDescriptorValidator()
.Validate(descriptor);
if (!validationResult.IsValid)
{
throw new ValidationException(validationResult.Errors);
}
PasetoBuilder <Version2> pasetoBuilder = new PasetoBuilder <Version2>()
.WithKey(PasetoDefaults.GenerateKeys(descriptor.SecretKey).privateKey)
.AsPublic()
.AddClaim(RegisteredClaims.Audience, descriptor.Audience)
.AddClaim(RegisteredClaims.Issuer, descriptor.Issuer)
.AddClaim(PasetoRegisteredClaimsNames.IssuedAt, DateTime.Now)
.Expiration(descriptor.Expires);
if (!descriptor.NotBefore.Equals(null))
{
pasetoBuilder.AddClaim(RegisteredClaims.NotBefore, descriptor.NotBefore);
}
foreach (Claim claim in descriptor.Subject.Claims)
{
pasetoBuilder.AddClaim(claim.Type, claim.Value);
}
return(Task.FromResult(pasetoBuilder.Build()));
}
public static Dictionary <string, string> DecodeToken(HttpRequest request, string key)
{
return(JsonConvert.DeserializeObject <Dictionary <string, string> >
(new PasetoBuilder <Version2>()
.WithKey(PasetoDefaults.GenerateKeys(key).publicKey)
.AsPublic()
.Decode(Convert.ToString(request.Headers["Authorization"]).Replace("Bearer ", ""))));
}