private string createToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddYears(7);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
//Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:55898", audience: "http://localhost:55898",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public string GetJWTToken(Device device)
{
if (JWTService.TokenKeysHolder.keys.Count == 0)
{
return(null);
}
string sec = JWTService.TokenKeysHolder.keys[0].k;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Convert.FromBase64String(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256);
var header = new JwtHeader(signingCredentials);
header.Add("kid", JWTService.TokenKeysHolder.keys[0].kid);
var claims = new[]
{
new Claim("serialID", device.OriginalID.ToString()),
new Claim("carID", device.CarID.ToString(), ClaimValueTypes.Integer64),
new Claim("deviceID", device.ID.ToString(), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Exp, ((Int32)(DateTime.UtcNow.AddDays(1).Subtract(new DateTime(1970, 1, 1))).TotalSeconds).ToString(), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Aud, "https://auth.mgduke.com")
};
var payload = new JwtPayload(claims);
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
return(tokenString);
}
private string createToken(string username, int UserId)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(1);
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, UserId.ToString())
});
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token = (JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:63613", audience: "http://localhost:63613",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString); // return the token string
}
// The Method is used to generate token for user when user is authentic.
public string GenerateTokenForUser(string userName, int userId)
{
var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(communicationKey));
var now = DateTime.UtcNow;
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(signingKey,
System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature,
System.IdentityModel.Tokens.SecurityAlgorithms.Sha256Digest);
var claimsIdentity = new ClaimsIdentity(new List <Claim>()
{
new Claim(ClaimTypes.Name, userName),
new Claim(ClaimTypes.NameIdentifier, userId.ToString()),
}, "Custom");
var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
//AppliesToAddress = "http://www.example.com",
//TokenIssuerName = "self",
Issuer = "self",
Expires = DateTime.MaxValue,
Subject = claimsIdentity,
SigningCredentials = signingCredentials,
//Lifetime = new Lifetime(now, now.AddYears(1)),
};
var tokenHandler = new JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
return(signedAndEncodedToken);
}
private string CreateToken(E_PERSONA pPersona)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(Convert.ToInt32(ConfigurationManager.AppSettings["JWT_EXPIRE_DAYS"]));
//DateTime expires = DateTime.UtcNow.AddMinutes(Convert.ToInt32(ConfigurationManager.AppSettings["JWT_EXPIRE_DAYS"]));
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, pPersona.Nombre)
});
string sec = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"], audience: ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"],
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string createToken(string username)
{
DateTime issuedAt = DateTime.UtcNow;
DateTime expires = DateTime.UtcNow.AddMinutes(60);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials
);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string CreateToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddMinutes(1);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, 1.ToString () /*userId*/) //,
//new Claim(ClaimTypes.Role, "Admin")
}, "custom");
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var noChar = sec.ToArray <char>().Count();
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:59311/", audience: "http://localhost:59311/",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string createToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
expires = DateTime.UtcNow.AddHours(2);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
string SecretKey = ConfigurationManager.AppSettings["JWT_SecretKey"];
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(SecretKey));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: ConfigurationManager.AppSettings["JWT_issuer"], audience: ConfigurationManager.AppSettings["JWT_audience"],
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string createToken(string username)
{
DateTime issuedAt = DateTime.UtcNow;
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
const string sec = "4uce812b05hkoru2gtgatcb28l1yvdfpdxtso1tuc14ry4j4op4776flx69ipuxtxwbbouv61535gd0a8anmmsxa5dykxmj1o02i14f8f841ru16aeyndl384ry8jozy";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(
issuer: "http://localhost:12951",
audience: "http://localhost:12951",
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
/// <summary>
/// The issue token.
/// </summary>
/// <returns>
/// The <see cref="string"/>.
/// </returns>
private static string IssueToken()
{
//string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
string sec = Certificate.ReadCertificate().GetKeyAlgorithm();
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
securityKey,
SecurityAlgorithms.HmacSha256Signature);
JwtSecurityToken jwt = new JwtSecurityToken(
issuer: "Dummy Cloud STS",
audience: "http://aperture.identity/connectors",
claims: new[]
{
// TODO: Add your claims here.
new Claim("sub", "*****@*****.**")
},
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddHours(1),
//TODO : change code to support new version
//signingCredentials: new X509SigningCredentials(Certificate.ReadCertificate())
signingCredentials: signingCredentials
// signingCredentials: new HmacSigningCredentials(GetIssuerKey())
);
JwtSecurityTokenHandler jwtHandler = new JwtSecurityTokenHandler();
return(jwtHandler.WriteToken(jwt));
}
public string generateTokenForUser(User user)
{
// Create Security Key
string securityKey = "//OUR_GRAD_PROJECT_1234!@#123456";
//Symetric Key
var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
//var symmetricSecuritykey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
////signingCredintals
var signingCredintals = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//var signingCredintals = new SigningCredentials(symmetricSecuritykey, SecurityAlgorithms.HmacSha256Signature);
//AddClaims
List <Claim> claims = new List <Claim>();
// claims.Add(new Claim(ClaimTypes.Role, user.));
claims.Add(new Claim(ClaimTypes.Role, user.UserRole.Name));
claims.Add(new Claim("LogUserId", user.UserId.ToString()));
////Create token
var token = new JwtSecurityToken(
issuer: "smesk.in",
audience: "readers",
expires: DateTime.Now.AddHours(1),
signingCredentials: signingCredintals,
claims: claims
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var secretKey = "mysuper_secretkey";
var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.Audience = "http://localhost:5001/";
options.Authority = "http://localhost:5050/";
//In order to avoid the following error
//The MetadataAddress or Authority must use HTTPS unless disabled for development by setting RequireHttpsMetadata=false.
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
//The signing key must match
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
//Validate JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = "https://issuer.example.com",
ValidateAudience = true,
ValidAudiences = new List <string>
{
"https://application.example.com",
"AUDIENCE2"
},
//Validate the token expiry
ValidateLifetime = true
};
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
private string CreateToken(LoginSuccessModel model)
{
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(1);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsIdentity claims = new ClaimsIdentity();
claims.AddClaim(new Claim(ClaimTypes.NameIdentifier, model.userId));
foreach (var item in model.Rolenames)
{
var roleclaims = new Claim(ClaimTypes.Role, item);
claims.AddClaim(roleclaims);
}
//ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
//{
// new Claim(ClaimTypes.NameIdentifier, model.userId)
//});
const string sec = "P6CZQPptm7y535swXauhWQga9JuC2KZGpRWmFXpcNLJfMwELBezkvtYpHERVfmtFf7RZjVqqJvSbQLsHJ8ddJ3NCAd5ueCsCySYZPvdGDkveV92qn2S2WZCMHFRPQ7tb";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token = tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:53060", audience: "http://localhost:53060",
subject: claims, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string createToken(string username, int userId, string fullname, string role)
{
DateTime issuedAt = DateTime.UtcNow;
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim("user_name", username),
new Claim("full_name", fullname),
new Claim(ClaimTypes.Role, role),
new Claim("user_id", userId.ToString())
});
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:57182", audience: "http://localhost:57182",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
internal static string CreateToken(string username)
{
DateTime issuedAt = DateTime.UtcNow;
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
string sec = ConfigurationManager.AppSettings["jwt:key"];
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredential = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256);
var token = (JwtSecurityToken)tokenHandler.CreateJwtSecurityToken(
issuer: ConfigurationManager.AppSettings["jwt:issuer"],
audience: ConfigurationManager.AppSettings["jwt:audience"],
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredential);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
/// <summary>
///
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static string CreateToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(ENC_KEY));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: ISSUER, audience: AUDIENCE,
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public static string GenerateTokenKey(string userName)
{
var issuedAt = DateTime.Now;
var expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
var claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, userName) });
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(SECRET_KEY));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//Create token key
var token = (JwtSecurityToken)tokenHandler.CreateJwtSecurityToken(
issuer: ISSUER,
audience: ISSUER,
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials
);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public AuthenticationTicket Unprotect(string protectedText)
{
if (string.IsNullOrWhiteSpace(protectedText))
{
throw new ArgumentNullException("protectedText");
}
var keyByteArray = TextEncodings.Base64Url.Decode(AzureADConstants.AppKey);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
securityKey,
SecurityAlgorithms.HmacSha256Signature);
var handler = new JwtSecurityTokenHandler();
var securityToken = handler.ReadToken(protectedText);
string rawToken = ((JwtSecurityToken)securityToken).RawData;
string audienceId = AzureADConstants.GraphResourceId;
var validationParams = new TokenValidationParameters()
{
ValidateLifetime = false,
ValidAudience = audienceId,
ValidIssuer = audienceId,
ValidateIssuer = false,
ValidateAudience = false,
TokenDecryptionKey = securityKey,
IssuerSigningKey = securityKey
};
SecurityToken validatedToken;
var principal = handler.ValidateToken(rawToken, validationParams, out validatedToken);
var identity = principal.Identities;
return(new AuthenticationTicket(identity.First(), new AuthenticationProperties()));
}
void Run()
{
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.
SymmetricSecurityKey(Encoding.UTF8.GetBytes(_passphrase));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, "HS256");
var header = new JwtHeader(signingCredentials);
var payload = new JwtPayload
{
{ "unique_name", _name },
{ "scope", "https://apigee.com/example" },
{ "iat", RenderAsEpoch(now) },
{ "nbf", RenderAsEpoch(now) },
{ "exp", RenderAsEpoch(now.AddSeconds(_expiry)) }
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
Console.WriteLine("\ntoken:\n" + tokenString);
var decodedToken = handler.ReadToken(tokenString);
String decodedTokenString = decodedToken.ToString();
//Console.WriteLine("\nDecoded: \n"+ decodedTokenString);
var parts = decodedTokenString.Split(".", 2);
foreach (String part in parts)
{
dynamic parsedJson = Newtonsoft.Json.JsonConvert.DeserializeObject(part);
string formatted = Newtonsoft.Json.JsonConvert.SerializeObject(parsedJson /* decodedToken */, Newtonsoft.Json.Formatting.Indented);
Console.WriteLine("\n" + formatted); \
}
}
/// <summary>
/// Generates a JWT.
/// NOTE: THIS METHOD DOES NOT AUTHENTICATE USER CREDENTIALS.
/// Any user authentication must be done prior to calling this method.
///
/// The expiration time is expressed as a unix/posix integer in UTC.
/// </summary>
/// <param name="userId">The user's ID</param>
/// <param name="tzOffset">The user's timezone offset from UTC in minutes</param>
/// <param name="expMinutes">
/// An optional specification of how long the token is valid (in seconds).
/// Must be positive to be considered.
/// </param>
/// <param name="assesmentId">Optionally brands the new token with an assessment ID in the payload</param>
/// <returns></returns>
public static string GenerateToken(int userId, string tzOffset, int expSeconds, int?assessmentId, int?aggregationId, string scope)
{
// Build securityKey. For uniqueness, append the user identity (userId)
var securityKey = new Microsoft
.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(GetSecret() + userId));
// Build credentials
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(securityKey, SecurityAlgorithms.HmacSha256Signature);
// Finally create a Token
var header = new JwtHeader(credentials);
// Determine the expiration (server time) of the token
int jwtExpiryMinutes = 60;
string expMinutesConfig = ConfigurationManager.AppSettings["JWT Expiry Minutes"];
if (expMinutesConfig != null)
{
int.TryParse(expMinutesConfig, out jwtExpiryMinutes);
}
int secondsUntilExpiry = (jwtExpiryMinutes * 60);
// If a non-zero expSeconds was provided, override the expiration
if (expSeconds > 0)
{
secondsUntilExpiry = expSeconds;
}
var payload = new JwtPayload
{
{ "aud", "CSET_AUD" },
{ "iss", "CSET_ISS" },
{ "exp", Utilities.UnixTime() + secondsUntilExpiry },
{ Constants.Token_UserId, userId },
{ Constants.Token_TimezoneOffsetKey, tzOffset },
{ "scope", scope }
};
// Include the current AssessmentId if one was provided
if (assessmentId != null)
{
payload.Add(Constants.Token_AssessmentId, assessmentId);
}
// Include the current AggregationId if one was provided
if (aggregationId != null)
{
payload.Add(Constants.Token_AggregationId, aggregationId);
}
// Build the token
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
return(handler.WriteToken(secToken));
}
private string CreateToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(1);
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
string sec = ConfigurationManager.AppSettings["loginKey"].ToString();
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var issuer = ConfigurationManager.AppSettings["keyIssuer"].ToString();
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: issuer, audience: issuer,
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
/// Using the same key used for signing token, user payload is generated back
public JwtSecurityToken GenerateUserClaimFromJWT(string authToken)
{
var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(communicationKey));
var tokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
ValidAudiences = new string[]
{
"http://www.example.com",
},
ValidIssuers = new string[]
{
"self",
},
IssuerSigningKey = signingKey
};
var tokenHandler = new JwtSecurityTokenHandler();
Microsoft.IdentityModel.Tokens.SecurityToken validatedToken;
try
{
tokenHandler.ValidateToken(authToken, tokenValidationParameters, out validatedToken);
}
catch (Exception)
{
return(null);
}
return(validatedToken as JwtSecurityToken);
}
public static Microsoft.IdentityModel.Tokens.SymmetricSecurityKey Create()
{
var symmetricKey = Convert.FromBase64String(JwtKey);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(symmetricKey);
return(securityKey);
}
public string Get(string cadena)
{
string[] data = cadena.Split('|');
User userdata = new User();
userdata.name = data[0];
userdata.password = data[1];
string jsontext = JsonConvert.SerializeObject(userdata);
jsontext = jsontext.Replace("\r", String.Empty);
jsontext = jsontext.Replace("\n", String.Empty);
var sKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(data[2]));
var signingcredential = new Microsoft.IdentityModel.Tokens.SigningCredentials(sKey, "HS256");
//HEADER
var header = new JwtHeader(signingcredential);
//PAYLOAD
var payload = new JwtPayload();
payload = JwtPayload.Deserialize(jsontext);
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
string token = tokenString;
return(token);
}
private string GenerateToken(IDictionary <string, string> keyValues)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity();
foreach (var item in keyValues)
{
claimsIdentity.AddClaim(new Claim(item.Key, item.Value));
}
const string secretKey = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token = tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:8080",
audience: "http://localhost:8080",
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public string createToken(string username)
{
DateTime issuedAt = DateTime.UtcNow;
DateTime expires = DateTime.UtcNow.AddDays(7);
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
, new Claim(ClaimTypes.Role, "ADMIN-SuperUser")
});
var sec = "This is my Security Key";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(
issuer: "http://localhost:50191",
audience: "http://localhost:50191",
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
/// <summary>
/// This method will generat a JWT token.
/// </summary>
/// <returns>Returns the JWT token for the Configuration App.</returns>
public string GenerateToken()
{
DateTime issuedAt = DateTime.UtcNow;
var tenantId = this.appSettings.TenantId;
var audience = this.appSettings.ClientId;
var issuer = $"https://sts.windows.net/{tenantId}/";
// Set the time when it expires.
DateTime expires = DateTime.UtcNow.AddHours(1);
var tokenHandler = new JwtSecurityTokenHandler();
// Create a identity and add claims to the user which we want to log in.
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim("appid", audience),
});
// Need to get the below secret key from key vault
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(this.appSettings.ClientSecret));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
// Creates the JWT token.
var token = (JwtSecurityToken)tokenHandler.CreateJwtSecurityToken(
issuer: issuer,
audience: audience,
subject: claimsIdentity,
notBefore: issuedAt,
expires: expires,
signingCredentials: signingCredentials);
return(tokenHandler.WriteToken(token));
}
public IActionResult GetToken()
{
//Create Security Key
string securityKey = "This My Security key made by ";
//Symetric Key
var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
//var symmetricSecuritykey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
////signingCredintals
var signingCredintals = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//var signingCredintals = new SigningCredentials(symmetricSecuritykey, SecurityAlgorithms.HmacSha256Signature);
//add Claims
List <Claim> claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Role, "Admin"));
claims.Add(new Claim(ClaimTypes.Role, "User"));
claims.Add(new Claim("LoggenInUserId", "123"));
////Create token
var token = new JwtSecurityToken(
issuer: "smesk.in",
audience: "readers",
expires: DateTime.Now.AddHours(1),
signingCredentials: signingCredintals,
claims: claims
);
return(Ok(new JwtSecurityTokenHandler().WriteToken(token)));
}
public string GetToken()
{
string key = "DZfBCX9dLBuyrEWeE1a5cMa8TWoNtX9n1prGR1SLSH4="; //Secret key which will be used later during validation
var issuer = "https://www.twitch.tv/"; //WebAuthenticationBroker.GetCurrentApplicationCallbackUri().AbsoluteUri; //normally this will be your site URL
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Convert.FromBase64String(key));
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256);
//Create a List of Claims, Keep claims name short
var permClaims = new List <Claim>();
permClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
permClaims.Add(new Claim("channel_id", "1"));
permClaims.Add(new Claim("exp", (DateTimeOffset.Now + TimeSpan.FromSeconds(30)).ToUnixTimeSeconds().ToString()));
permClaims.Add(new Claim("is_unlinked", "false"));
permClaims.Add(new Claim("opaque_user_id", "someUser"));
//Create Security Token object by giving required parameters
var token = new JwtSecurityToken(issuer, //Issure
issuer, //Audience
permClaims,
expires: DateTime.Now.AddDays(1),
signingCredentials: credentials);
var jwt_token = new JwtSecurityTokenHandler().WriteToken(token);
return(jwt_token);
}
