public void Create_AnyRoleAndAnyExpirationTime_WorksSuccessfully(RoleType role, int minutes) { //arrange User user = new User() { UserName = "******", Email = "testEmail" }; var key = "b3ff24525cbdb417dd1f7cbe8c37477d7393f905c873718b8a5222e43testkey"; var audience = "testAudience"; var issuer = "testIssuer"; var rolesList = new List <string>() { role.ToString() }; var userManagerMock = MockUserManager <User>(); userManagerMock.Setup(um => um.GetRolesAsync(user)).ReturnsAsync(rolesList); var sut = new JwtFactory(userManagerMock.Object, key, issuer, audience); //act var result = sut.Create(user, minutes); //assert result.Should().NotBeNull(); result.Should().BeOfType <Jwt>(); result.Expiration.Should().BeCloseTo(DateTime.UtcNow.AddMinutes(minutes), precision: 60000); result.Roles.Should().Contain(role.ToString()); result.Token.Length.Should().BeGreaterThan(10); userManagerMock.Verify(um => um.GetRolesAsync(user), Times.Once); }
public void JWT_Test_05_CreateToken() { using (JwtFactory Factory = new JwtFactory(Encoding.ASCII.GetBytes("secret"))) { DateTime Expires = DateTime.Today.ToUniversalTime().AddDays(2); string TokenStr = Factory.Create( new KeyValuePair <string, object>("sub", "test user"), new KeyValuePair <string, object>("exp", Expires)); JwtToken Token = new JwtToken(TokenStr); Assert.AreEqual("JWT", Token.Type); Assert.IsTrue(Token.Algorithm is HmacSha256); Assert.AreEqual(true, Token.TryGetClaim("sub", out object Subject)); Assert.AreEqual("test user", Subject); Assert.AreEqual("test user", Token.Subject); Assert.AreEqual(Expires, Token.Expiration); Assert.AreEqual(true, Factory.IsValid(Token)); } }
public void JWT_Test_05_CreateToken() { using (JwtFactory Factory = new JwtFactory(Encoding.ASCII.GetBytes("secret"))) { DateTime Expires = new DateTime(2018, 1, 1, 0, 0, 0, DateTimeKind.Utc); string TokenStr = Factory.Create( new KeyValuePair <string, object>("sub", "test user"), new KeyValuePair <string, object>("exp", Expires)); JwtToken Token = new JwtToken(TokenStr); Assert.AreEqual("JWT", Token.Type); Assert.AreEqual(JwtAlgorithm.HS256, Token.Algorithm); Assert.AreEqual(true, Token.TryGetClaim("sub", out object Subject)); Assert.AreEqual("test user", Subject); Assert.AreEqual("test user", Token.Subject); Assert.AreEqual(Expires, Token.Expiration); Assert.AreEqual(true, Factory.IsValid(Token)); } }
public async Task <Result> Handle(Command request, CancellationToken cancellationToken) { var bearerToken = await _httpContextAccessor.HttpContext.GetTokenAsync("access_token"); var principal = TryGetPrincipalFromToken(bearerToken); if (principal != null) { var username = principal.FindFirst(ClaimTypes.NameIdentifier).Value; var user = await _userManager.FindByNameAsync(username); if (user != null && TokenMatchesAndNotExpired(user, request.RefreshToken)) { // TODO: Use IdentityServer4 var jwtToken = JwtFactory.Create(user); await SaveRefreshToken(user, jwtToken.RefreshToken, DateTime.Now.AddDays(1)); return(new Result(true, jwtToken)); } } return(new Result(false)); }
public async Task <CommandResult> Handle(Command request, CancellationToken cancellationToken) { var user = await _userManager.FindByNameAsync(request.UserName); if (user == null) { return(new CommandResult(false)); } var passwordIsValid = await _userManager.CheckPasswordAsync(user, request.Password); if (!passwordIsValid) { return(new CommandResult(false)); } // TODO: Use IdentityServer4 var jwtToken = JwtFactory.Create(user); await SaveRefreshToken(user, jwtToken.RefreshToken, DateTime.Now.AddDays(1)); return(new CommandResult(true, jwtToken)); }
public async Task <IActionResult> SmsCode([FromBody] SmsRequest request) { var validateSmsCodeResult = await _repo.ValidateSmsCode(request.SessionId, request.SmsCode.ToString()); if (validateSmsCodeResult.IsSmsCodeValid) { var debtorIdClaim = new Claim(ClientApiSecurity.Claims.UserToken, validateSmsCodeResult.DebtorId.ToString()); var canImportDataClaim = new Claim(ClientApiSecurity.Claims.CanImportData, "false"); string token = _jwtFactory.Create(_authOptions.Key, debtorIdClaim, canImportDataClaim); var response = new SmsResponse { Token = token }; _logger.LogWarning($"Auth token issued: SessionId={request.SessionId}"); return(Ok(response)); } else { throw new InvalidSmsCodeException(); } }
private static void Main(string[] args) { // Create a random key using a random number generator. This would be the // secret key shared by sender and receiver. byte[] privateKey = new Byte[64]; using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider()) { // The array is now filled with cryptographically strong random bytes. rng.GetBytes(privateKey); Debug.WriteLine($"Private key: {Base64Url.Encode(privateKey)}"); var payload = new Dictionary <string, string>(); payload.Add("uid", "Glen"); var jwtFactory = new JwtFactory(); var jwt = jwtFactory.Create(JwtAuthentication.HashAlgorithm.HS256, privateKey, payload); Console.WriteLine($"JWT: {jwt}"); Debug.WriteLine($"JWT: {jwt}"); Console.ReadLine(); } }