public ClaimsPrincipal? GetPrincipalFromToken(string token) { return _jwtTokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.SecretKey)), ValidateLifetime = false // we check expired tokens here }); }
public ClaimsPrincipal?GetPrincipalFromToken(string token) { if (_options.SecretKey == null) { throw new InvalidOperationException("The secret key must not be null."); } return(_jwtTokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.SecretKey)), ValidateLifetime = false // we check expired tokens here })); }
public IActionResult ValidateJwt([FromBody] string token) { if (_jwtHandler.ValidateToken(token)) { var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(token) as JwtSecurityToken; var claims = new JwtCustomClaims { FirstName = jwtToken.Claims.First(claim => claim.Type == "FirstName").Value, LastName = jwtToken.Claims.First(claim => claim.Type == "LastName").Value, Email = jwtToken.Claims.First(claim => claim.Type == "Email").Value }; return(Ok(claims)); } return(BadRequest("Token is invalid.")); }
public async Task <Result> RefreshTokenAsync(JsonWebToken model) { var validatedToken = _jwtHandler.ValidateToken(model.Token); if (validatedToken == null) { return(Result.GeneralFailure("Invalid Token")); } if (validatedToken.ValidTo > DateTime.UtcNow) { return(Result.GeneralFailure("This Token Has Not Expired Yet")); } var userId = validatedToken.Claims.First(claim => claim.Type == TokenClaims.UserId).Value; var userRefreshToken = await _context.RefreshTokens.Where(x => x.Token == model.RefreshToken) .Include(c => c.Users) .Where(v => v.Users.Id == userId) .FirstOrDefaultAsync(); if (userRefreshToken == null) { return(Result.GeneralFailure("No refresh token for this user")); } if (userRefreshToken.Token != model.RefreshToken) { return(Result.GeneralFailure("Invalid Refresh Token")); } if (userRefreshToken.IsExpired) { return(Result.GeneralFailure("Expired Token")); } if (userRefreshToken.Revoked != null) { return(Result.GeneralFailure("This Token has Been Used and Revoked")); } if (userRefreshToken.IsActive) { var userRole = await _userManager.GetRolesAsync(userRefreshToken.Users); var newRefreshToken = _jwtHandler.CreateRefreshToken(userId); var token = _jwtHandler.CreateToken(userRefreshToken.Users, userRole.FirstOrDefault()); var jwt = new JsonWebToken { Token = token, RefreshToken = newRefreshToken.Token, }; userRefreshToken.Revoked = DateTime.UtcNow; var updateResult = _context.RefreshTokens.Update(userRefreshToken); var addNewRefreshToken = await _context.RefreshTokens.AddAsync(newRefreshToken); var saveChanges = await _context.SaveChangesAsync(); if (updateResult.IsKeySet || addNewRefreshToken.IsKeySet || saveChanges == 1) { return(Result.ReturnToken(jwt)); } } return(Result.GeneralFailure("SomeThing Wrong")); }