Example #1
0
        public string GetToken(ClsReturnValues audience, int UserGroupID)
        {
            // TODO - Authenticate credentials here
            // TODO - Based on the audience passed in, pick the shared key from key store
            // Just hard-coding a key heress
            string key = "qqO5yXcbijtAdYmS2Otyzeze2XQedqy+Tp37wQ3sgTQ=";

            SimpleWebToken token = new SimpleWebToken(key)
            {
                Issuer = "tdoCloud"
            };

            //verify the user from the database
            token.AddClaim(ClaimTypes.Name, audience.ID.ToString());
            //token.AddClaim(ClaimTypes.Email, "*****@*****.**");
            using (tdoEntities db = new tdoEntities())
            {
                var groupName = db.uspGetUserGroups().ToList <ClsUserGroups>().Where(p => p.userGroupID == UserGroupID).First().groupName;
                token.AddClaim(ClaimTypes.Role, groupName);
                token.AddClaim("GroupID", UserGroupID.ToString());
            }

            //token.AddClaim(ClaimTypes.Role, "Administrator");
            return(token.ToString());
        }
Example #2
0
        public static SimpleWebToken Parse(string token, string secretKey)
        {
            var items = HttpUtility.ParseQueryString(token);
            var swt   = new SimpleWebToken(secretKey);

            foreach (string key in items.AllKeys)
            {
                string item = items[key];
                switch (key)
                {
                case "Issuer": swt.Issuer = item; break;

                case "Audience": swt.Audience = item; break;

                case "ExpiresOn": swt.ExpiresOn = ulong.Parse(item); break;

                case "HMACSHA256": swt.Signature =
                    Convert.FromBase64String(item); break;

                default: swt.AddClaim(key, items[key]); break;
                }
            }
            string rawToken          = swt.ToString(); // Computes HMAC inside ToString()
            string computedSignature = HttpUtility.ParseQueryString(rawToken)
                                       ["HMACSHA256"];

            if (!computedSignature.Equals(Convert.ToBase64String(swt.Signature),
                                          StringComparison.Ordinal))
            {
                throw new SecurityTokenValidationException("Signature is invalid");
            }
            TimeSpan ts = DateTime.UtcNow - epochStart;

            if (swt.ExpiresOn < Convert.ToUInt64(ts.TotalSeconds))
            {
                throw new SecurityTokenException("Token has expired");
            }
            return(swt);
        }