private async Task <Result <SbApiAuthToken> > AuthenticateWithToken(AuthTokenPayload payload) { var authJwtOptions = _configuration.GetOptions <JwtOptions>(JwtOptions.SectionName); var jwtEmailEncryptionSecret = authJwtOptions.EmailEncryptionSecret; var jwtSecret = authJwtOptions.Secret; var user = await _authService.Authenticate(payload); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, jwtEmailEncryptionSecret, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, Security.Encrypt(jwtEmailEncryptionSecret, user.Email)), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtSecret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( authJwtOptions.Issuer, authJwtOptions.Audience, claims, expires: DateTime.Now.AddSeconds(3600), signingCredentials: creds); return(Result.Ok(new SbApiAuthToken(new JwtSecurityTokenHandler().WriteToken(token)))); }
private string GenerateAuthToken(User user) { AuthTokenPayload payload = new AuthTokenPayload { Issuer = _settings.Issuer, Subject = user.Id, Audience = _settings.Audience, IssuedAt = DateTime.Now.Millisecond, Expires = DateTime.Now.AddHours(_settings.RefreshTokenValidityHours).Millisecond, User = user }; return(GenerateToken(payload)); }