// The Method is used to generate token for user
public static string GenerateTokenForUser(UserDetailsModel userDetailsModel)
{
var tokenHandler = new JwtSecurityTokenHandler();
var symmetricKey = GetBytes(communicationKey);
var signingKey = new MicrosoftIdentityModelToken.SymmetricSecurityKey(Encoding.ASCII.GetBytes(communicationKey));
//var signingKey = new InMemorySymmetricSecurityKey(symmetricKey);
//var tokenDescriptor = new SystemIdentityModelToken.SecurityTokenDescriptor
var tokenDescriptor = new MicrosoftIdentityModelToken.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(SecurityConstants.SCB_JWTClaim_Id, GetStringOrEmpty(Convert.ToString(userDetailsModel.UserId))),
new Claim(SecurityConstants.SCB_JWTClaim_UserName, GetStringOrEmpty(userDetailsModel.UserName)),
new Claim(SecurityConstants.SCB_JWTClaim_RoleId, GetStringOrEmpty(Convert.ToString(userDetailsModel.RoleId)))
}),
//TokenIssuerName = tokenIssuer,
//AppliesToAddress = appliesToAddress,
//Lifetime = new Lifetime(DateTime.UtcNow, ExpiryTime),
Expires = SecurityConstants.SCB_JWTExpiryTime,
SigningCredentials = new MicrosoftIdentityModelToken.SigningCredentials(signingKey, signatureAlgo, digestAlgo)
//SigningCredentials = new SystemIdentityModelToken.SigningCredentials(signingKey, signatureAlgo , digestAlgo)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
AddTokenToCookie(tokenString);
//var claim = GetClaim(tokenString);
return(tokenString);
}
public JsonWebToken(string securityKey, IEnumerable <Claim> claims, double?lifetimeMinutes, string issuer = null, string audience = null)
{
this.issuer = issuer;
id = Guid.NewGuid().ToString();
created = DateTime.UtcNow;
expires = created.AddMinutes(lifetimeMinutes.HasValue ? lifetimeMinutes.Value : 20);
SigningKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Convert.FromBase64String(securityKey));
JwtSecurityTokenHandler jwt = new JwtSecurityTokenHandler();
SecurityTokenDescriptor msstd = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Issuer = issuer,
Subject = new ClaimsIdentity(claims),
Expires = expires,
IssuedAt = created,
NotBefore = created,
Audience = audience,
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(SigningKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature)
};
try
{
JwtSecurityToken jwtToken = jwt.CreateJwtSecurityToken(msstd);
tokenString = jwt.WriteToken(jwtToken);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
public User GetTokenAndUserInfo(string username, string password)
{
var user = _users.FirstOrDefault(x => x.Username == username && x.Password == password);
// return null if user not found
if (user == null)
{
return(null);
}
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
// remove password before returning
user.Password = null;
return(user);
}
//return a token info with username password pair
public string Login(Dtos loginInfo)
{
var user = _users.Where(x => x.Username == loginInfo.Username && x.Password == loginInfo.Password).SingleOrDefault();
if (user == null)
{
return(null);
}
var signingKey = Convert.FromBase64String(_configuration["Jwt:SigningSecret"]);
var expirationTime = int.Parse(_configuration["Jwt:ExpirationDate"]);
var tokenDescription = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
//One can add new paramaters in the token Description
Issuer = null,
Audience = null,
IssuedAt = DateTime.UtcNow,
NotBefore = DateTime.UtcNow,
Expires = DateTime.UtcNow.AddMinutes(expirationTime),
//define the cypher method
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new SymmetricSecurityKey(signingKey), SecurityAlgorithms.HmacSha256Signature)
};
var jwtTokenHandler = new JwtSecurityTokenHandler();
var jwtToken = jwtTokenHandler.CreateJwtSecurityToken(tokenDescription);
var token = jwtTokenHandler.WriteToken(jwtToken);
return(token);
}
/*
* JWT token has following 3 components:
* -----------------------------------------------------
* 1. Header
* {
* "typ": "JWT",
* "alg": "HS256"
* }
* In this method the algorithm used is SecurityAlgorithms.HmacSha256Signature
* -----------------------------------------------------
* 2. Payload
* In this method we are putting 2 claims (ie username and userid) in payload.
* -----------------------------------------------------
* 3. Signature
* In this method SigningCredentials is the signature.
* -----------------------------------------------------
*
* IMPORTANT:
* i) Data inside a JWT is encoded and signed, not encrypted. Signing verifies authenticity of source of data.
* ii) JWT does NOT guarantee security for sensitive data. The secret we used during signing provider layer of security in our case.
*/
public String GenerateJwtToken(String userName, String userId)
{
// payload.
var claimsIdentity = new ClaimsIdentity(new List <Claim>()
{
new Claim(ClaimTypes.Name, userName),
new Claim(ClaimTypes.NameIdentifier, userId.ToString()),
}, "Custom");
// header and signature.
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Audience = "http://www.example.com",
Subject = claimsIdentity,
Issuer = "self",
Expires = DateTime.UtcNow.AddDays(30),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(CreateSymmetricKey()), //symmetric key
System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature,
System.IdentityModel.Tokens.SecurityAlgorithms.Sha256Digest)
};
var tokenHandler = new JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(tokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
return(signedAndEncodedToken);
}
public JsonWebToken(Uri audience, string securityKey, string issuer, IEnumerable <Claim> claims, double lifetimeMinutes)
{
this.issuer = issuer;
id = Guid.NewGuid().ToString();
created = DateTime.UtcNow;
expires = created.AddMinutes(lifetimeMinutes);
SigningKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Convert.FromBase64String(securityKey));
JwtSecurityTokenHandler jwt = new JwtSecurityTokenHandler();
Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor msstd = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Issuer = issuer,
Subject = new ClaimsIdentity(claims),
Expires = expires,
IssuedAt = created,
NotBefore = created,
Audience = audience.ToString(),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(SigningKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature)
};
JwtSecurityToken jwtToken = jwt.CreateJwtSecurityToken(msstd);
tokenString = jwt.WriteToken(jwtToken);
}
public async Task <IActionResult> Login(UserForLoginDTO userForLoginDTO)
{
var userFromRepo = await _repo.Login(userForLoginDTO.Username, userForLoginDTO.Password);
if (userFromRepo == null)
{
return(Unauthorized("unauthorized"));
}
var claims = new []
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username.ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(100),
SigningCredentials = creds
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new {
token = tokenHandler.WriteToken(token)
}));
}
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto)
{
try
{
var now = DateTime.UtcNow;
var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var claims = new []
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
var key = new Microsoft.IdentityModel.Tokens
.SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config
.GetSection("AppSettings:Token").Value));
var creds = new Microsoft.IdentityModel.Tokens
.SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens
.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UserForListDto>(userFromRepo);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user
}));
}
catch (Exception ex)
{
return(BadRequest(ex.ToString()));
}
}
private string GetRefreshToken(string user, DateTime expires)
{
var handler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = _tokenOptions.Issuer,
Audience = _tokenOptions.Audience,
SigningCredentials = _tokenOptions.SigningCredentials,
Expires = expires
};
var toki = handler.CreateToken(tokenDescriptor);
return(handler.WriteToken(toki));
}
private static Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor CreateTokenDescriptor(IEnumerable <Claim> claims)
{
var descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
TokenType = SecurityTokenTypes.OasisWssSaml2TokenProfile11,
Lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(1)),
AppliesToAddress = appliesTo,
TokenIssuerName = issuer,
Subject = new ClaimsIdentity(claims),
SigningCredentials = GetSigningCredentials(),
};
return(descriptor);
}
private string GenerateJwtToken(User user)
{
var tokenhandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var keys = System.Text.Encoding.ASCII.GetBytes(jwtKey);
var tokendescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[] { new Claim("id", user.Id.ToString()) }),
Expires = DateTime.UtcNow.AddHours(24),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keys),
Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature)
};
var tokens = tokenhandler.CreateToken(tokendescriptor);
return(tokenhandler.WriteToken(tokens));
}
public string GenerateToken(User user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes("(yLxF6ad7W2Qq6wsdK3-cHvvVVaGpVGJe3m=&JGf1loI34KSttOvKy6kjzA.!BAilsE%JO");
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public static string GenerateToken(
string signingKey,
string nameId,
string audience,
string issuer,
string role = "Administrator",
IDictionary <string, string> additionalClaims = null,
DateTime?issuedAt = null,
DateTime?notBefore = null,
int expireTime = 3600
)
{
var secKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(secKey,
Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.Sha256Digest);
var claimsIdentity = new ClaimsIdentity(new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, nameId),
new Claim(ClaimTypes.Role, role),
}, "Custom");
if (additionalClaims != null)
{
claimsIdentity.AddClaims(additionalClaims.Select(kvp => new Claim(kvp.Key, kvp.Value)));
}
var tokenHandler = new JwtSecurityTokenHandler();
var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Audience = audience,
Issuer = issuer,
Subject = claimsIdentity,
SigningCredentials = signingCredentials,
NotBefore = notBefore,
IssuedAt = issuedAt,
Expires = issuedAt.HasValue ? issuedAt.Value.AddSeconds(expireTime) : (DateTime?)null
};
var plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
return(signedAndEncodedToken);
}
public string GenerateJSONWebToken(Users users)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes("THIS IS USED TO SIGN AND VERIFY JWT TOKENS, REPLACE IT WITH YOUR OWN SECRET, IT CAN BE ANY STRING");
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, users.Id.ToString()),
new Claim(ClaimTypes.Email, users.EmailId.ToString())
}),
Expires = DateTime.UtcNow.AddHours(4),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public static string SignToken(AppUser user, IDictionary <string, string> properties = null, DateTime?expires = null, string audience = "*")
{
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
var descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Expires = expires ?? DateTime.UtcNow.AddDays(3),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(JwtSigningKey), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature),
Issuer = IssuerName,
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimTypes.Role, user.Claims.FirstOrDefault(x => x.ClaimType == ClaimTypes.Role).Value),
new Claim(ClaimTypes.Name, user.Username),
}),
Audience = audience,
};
return(handler.WriteToken(handler.CreateToken(descriptor)));
}
public string GenreateJwtTokken(string userID, string username, string secret)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = System.Text.Encoding.ASCII.GetBytes(secret);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, userID),
new Claim(ClaimTypes.Name, username),
}),
Expires = System.DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var encypttedToken = tokenHandler.WriteToken(token);
return(encypttedToken);
}
public static string GenerateToken(User user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(Settings.Secret);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.UserName.ToString()),
new Claim(ClaimTypes.Role, user.Role.ToString())
}),
Expires = DateTime.UtcNow.AddHours(2),
SigningCredentials =
new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public string CriaToken(InformacaoToken info)
{
var claims = new[]
{
new Claim(ClaimTypes.Authentication, JsonConvert.SerializeObject(info), JsonClaimValueTypes.Json)
};
var handler = new JwtSecurityTokenHandler();
var agora = DateTime.Now;
var valoresToken = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
NotBefore = DateTime.Now.AddDays(-1),
Expires = agora.AddMinutes(Convert.ToInt32(ConfigurationManager.AppSettings["ExpiracaoTokenMinutos"] ?? "60")),
IssuedAt = agora,
Issuer = issuer,
Subject = new ClaimsIdentity(claims),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
chave, "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256")
};
return(handler.WriteToken(handler.CreateToken(valoresToken)));
}
private string CreateToken(User user)
{
List <Claim> claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username)
};
SymmetricSecurityKey key = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)
);
SigningCredentials creds = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor {
Subject = new ClaimsIdentity(claims),
Expires = System.DateTime.Now.AddDays(1),
SigningCredentials = creds
};
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
static string GetJwtFromTokenIssuer()
{
byte[] key = Convert.FromBase64String("tTW8HB0ebW1qpCmRUEOknEIxaTQ0BFCYrdjOdOl4rfM=");
SecurityKey symetricKey = new SymmetricSecurityKey(key);
var signingCredentials = new SigningCredentials(symetricKey, SecurityAlgorithms.HmacSha256Signature);
var descriptor = new SecurityTokenDescriptor
{
Issuer = "http://authzserver.demoX",
Audience = "http://localhost:5000/api",
Expires = DateTime.UtcNow.AddMinutes(1),
SigningCredentials = signingCredentials,
Subject = new ClaimsIdentity(new []
{
new Claim(ClaimTypes.Name, "Johny"),
})
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(descriptor);
return(tokenHandler.WriteToken(token));
}
public static string GenerateToken(string username)
{
var symmetricKey = Convert.FromBase64String(Secret);
var tokenHandler = new JwtSecurityTokenHandler();
int expireMinutes = TokenExpiration;
var now = DateTime.UtcNow;
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
}),
Expires = now.AddMinutes(Convert.ToInt32(expireMinutes)),
SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(symmetricKey), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature)
};
Microsoft.IdentityModel.Tokens.SecurityToken securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return(token);
}
private async Task <string> GenerateJwtToken(User user)
{
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.UserName)
};
var roles = await _userManager.GetRolesAsync(user);
foreach (var role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var key = new Microsoft.IdentityModel.Tokens
.SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config
.GetSection("AppSettings:Token").Value));
var creds = new Microsoft.IdentityModel.Tokens
.SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens
.SecurityTokenDescriptor {
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public Object GenerateToken()
{
try{
bool changes = false;
String jni = IdGenerationModel.GenerateId(_ID_GEN_SIZE);
var signingKey =
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jni))
{
KeyId = IdGenerationModel.GenerateId(24)
};
var signingCredentials =
new SigningCredentials(signingKey,
SecurityAlgorithms
.HmacSha256); // SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);
// Descriptor
DateTime CallDate = DateTime.Now, ExpirationDate = CallDate.AddMinutes(10.0d);
var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Issuer = CompanyInfoUtil.CompanyClaims.ValidIssuers[0],
IssuedAt = CallDate,
Expires = ExpirationDate,
Audience = CompanyInfoUtil.CompanyClaims.ValidAudiences[0],
Subject = Claims,
SigningCredentials = signingCredentials,
};
// Encoded token
var plainToken = TokenHandler.CreateToken(securityTokenDescriptor);
var signedAndEncodedToken = TokenHandler.WriteToken(plainToken);
var tokenValidationParameters = new TokenValidationParameters()
{
ValidAudiences = CompanyInfoUtil.CompanyClaims.ValidAudiences,
ValidIssuers = CompanyInfoUtil.CompanyClaims.ValidIssuers,
RequireExpirationTime = true,
IssuerSigningKey = signingKey
};
SecurityToken validatedToken;
TokenHandler.ValidateToken(signedAndEncodedToken, tokenValidationParameters, out validatedToken);
signedAndEncodedToken += IdGenerationModel.GenerateId(12);
if (!TokenExists(signedAndEncodedToken) && CheckToken(signedAndEncodedToken))
{
//var signingKey = new InMemorySymmetricSecurityKey(Encoding.UTF8.GetBytes(plainTextSecurityKey));
_context.Token.Add(new Token()
{
Jni = jni,
TKey = signingKey.KeyId.ToString(),
Token1 = signedAndEncodedToken,
Beg = CallDate,
Exp = ExpirationDate,
Boundmac = validatedToken.ToString() // To rename
});
changes = true;
}
if (TokenExists(signedAndEncodedToken))
{
_context.Token.Remove(
_context.Token.First(token => token.Token1.Equals(signedAndEncodedToken)));
changes = true;
}
if (changes)
{
_context.SaveChanges();
}
return(new { Message = signedAndEncodedToken });
}
catch (Exception e)
{
return(new { Message = $"An error ocurred during the validation process {e}" });
}
}
public IEnumerable <string> CreateCertificate()
{
// service url to call
string _url = "http://*****:*****@mycompany.com"),
new Claim("MyCustomClaim", "My special value"),
};
// define the token elements -- claims, signing key, lifetime, issuer, etc.
var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Audience = _audience,
Issuer = _issuer,
Subject = new ClaimsIdentity(claims, "Bearer"),
SigningCredentials = new SigningCredentials(signingCredentials,
SecurityAlgorithms.RsaSha256Signature),
IssuedAt = DateTime.UtcNow,
NotBefore = DateTime.UtcNow.AddMinutes(-1),
Expires = DateTime.UtcNow.AddHours(12)
};
// create the token, digitally sign it, and write it out to a string
var handler = new JwtSecurityTokenHandler();
var token = handler.CreateJwtSecurityToken(securityTokenDescriptor);
var tokenString = handler.WriteToken(token);
Console.WriteLine(tokenString);
// now we have a JWT string, let's make our REST call
var task = Task.Run(async() => await GetValuesAsync(_url, tokenString));
var values = task.Result;
foreach (var s in values)
{
Console.WriteLine(s);
}
Console.ReadKey();
/// <summary>
/// internal async method to call the rest service URL with the token attached
/// with "Bearer" token scheme.
/// </summary>
return(new string[] { "value1", "value2" });
}
public static bool TryIssueToken
(
string issuer
, string audience
, IEnumerable <Claim> claims
, out Microsoft.IdentityModel.Tokens.SecurityToken plainToken
, out string secretTokenString
, Microsoft
.IdentityModel
.Tokens
.SymmetricSecurityKey
signingKey
, Microsoft
.IdentityModel
.Tokens
.SigningCredentials
signingCredentials
)
{
bool r = false;
plainToken = null;
secretTokenString = null;
try
{
//var signingKey = new Microsoft
// .IdentityModel
// .Tokens
// .SymmetricSecurityKey
// (
// Encoding
// .GetEncoding(plainTextSecurityKeyEncoding)
// .GetBytes(plainTextSecurityKey)
// );
//var signingCredentials
// = new Microsoft.IdentityModel.Tokens.SigningCredentials
// (
// signingKey
// , signingCredentialsAlgorithm
// , signingCredentialsDigest
// );
// ComplexClaim
var claimsIdentity = new ClaimsIdentity
(
claims
, "Custom"
);
var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Issuer = issuer,
Audience = audience,
IssuedAt = DateTime.Now,
Subject = claimsIdentity,
SigningCredentials = signingCredentials,
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
secretTokenString = tokenHandler.WriteToken(plainToken);
r = true;
}
catch //(Exception)
{
//throw;
}
return
(r);
}
/// <summary>
/// Returns <see cref="SecurityToken"/>.
/// </summary>
/// <param name="tokenDescriptor"><see cref="SecurityTokenDescriptor"/></param>
public virtual SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
{
throw new NotImplementedException();
}
public static bool TryIssueToken
(
string issuer
, string audience
, string userName
, IEnumerable <Claim> claims
, out Microsoft
.IdentityModel
.Tokens
.SecurityToken plainToken
, out string secretTokenString
, Microsoft
.IdentityModel
.Tokens
.SymmetricSecurityKey
signingKey
, Microsoft
.IdentityModel
.Tokens
.SigningCredentials
signingCredentials
//, IIdentity identity = null
)
{
bool r = false;
plainToken = null;
secretTokenString = null;
try
{
IIdentity user = new JsonWebTokenUser
(
userName
, "jwt"
, true
);
var claimsIdentity = new ClaimsIdentity(user, claims);
var securityTokenDescriptor =
new Microsoft
.IdentityModel
.Tokens
.SecurityTokenDescriptor()
{
Issuer = issuer,
Audience = audience,
IssuedAt = DateTime.Now,
Subject = claimsIdentity,
SigningCredentials = signingCredentials,
};
var tokenHandler = new System
.IdentityModel
.Tokens
.Jwt
.JwtSecurityTokenHandler();
plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
secretTokenString = tokenHandler.WriteToken(plainToken);
r = true;
}
catch (Exception e)
{
//throw;
}
return
(r);
}
