public IHttpActionResult GetToken()
{
//Create Security Key
string securityKey = "This My Security key made by ";
//Symetric Key
var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
//var symmetricSecuritykey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
////signingCredintals
var signingCredintals = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//var signingCredintals = new SigningCredentials(symmetricSecuritykey, SecurityAlgorithms.HmacSha256Signature);
//add Claims
List <Claim> claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Role, "Admin"));
claims.Add(new Claim(ClaimTypes.Role, "User"));
claims.Add(new Claim("LoggenInUserId", "123"));
////Create token
var token = new JwtSecurityToken(
issuer: "smesk.in",
audience: "readers",
expires: DateTime.Now.AddHours(1),
signingCredentials: signingCredintals,
claims: claims
);
return(Ok(new JwtSecurityTokenHandler().WriteToken(token)));
//return Ok("hello from api");
}
public static object GenerateToken(dynamic input)
{
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var header = new JwtHeader(credentials);
var payload = new JwtPayload();
foreach (IDictionary <string, object> row in input)
{
foreach (var pair in row)
{
var num = pair.Key;
var val = pair.Value;
if (num == "ID" || num == "EMAIL")
{
payload.Add(num, val);
}
}
}
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
//Get_Id("eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJJRCI6MzAwMy4wLCJFTUFJTCI6ImdhYnJpZWxtYXRlaTJAZ21haWwuY29tIn0.0YGk0PrCbkuhjdSHrG8YQ9oEpiNOh4YNxWqO36xMO28");
return(tokenString);
}
public JwtSecurityToken MintToken(List <Claim> claims, string audience, DateTime expirationDateTime)
{
string forwardedFor = null;
// add issuer with forwarded for address if exists (added by reverse proxy)
if (this.httpContextAccessor.HttpContext.Request.Headers.Where(t => t.Key == "X-Forwarded-For").Count() > 0)
{
forwardedFor = this.httpContextAccessor.HttpContext.Request.Headers.Where(t => t.Key == "X-Forwarded-For").FirstOrDefault().Value
.First();
this.logger.LogInformation("Added issuer with X-Forwarded-For address.");
}
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey =
new RsaSecurityKey(this.rsaHelpers.DecodeRsa(this.config.IdentityGatewayService.PrivateKey));
// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.RsaSha256);
JwtSecurityToken token = new JwtSecurityToken(
issuer: forwardedFor ?? "https://" + this.httpContextAccessor.HttpContext.Request.Host.ToString() + "/",
audience: audience,
expires: expirationDateTime.ToUniversalTime(),
claims: claims.ToArray(),
signingCredentials: credentials);
return(token);
}
public ViewResult GenerateToken(string jsontext, string key, string algorithm)
{
try
{
jsontext = jsontext.Replace("\r", String.Empty);
jsontext = jsontext.Replace("\n", String.Empty);
var json = JsonConvert.DeserializeObject(jsontext);
//KEY (your - 256 - bit - secret )
var verificarion = Encoding.UTF8.GetBytes(key);
var sKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var signingcredential = new Microsoft.IdentityModel.Tokens.SigningCredentials(sKey, algorithm);
//HEADER
var header = new JwtHeader(signingcredential);
//PAYLOAD
var payload = new JwtPayload();
payload = JwtPayload.Deserialize(jsontext);
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
AlgorithmModel model = new AlgorithmModel();
model.token = tokenString;
return(View(model));
}
catch
{
ViewBag.Message = "Please enter a valid key";
return(View(new AlgorithmModel()));
}
}
public string CreateToken(Dictionary <string, string> claims)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(
claims.Select(d => new Claim(d.Key, d.Value))
);
string sec = this.JwtKey;
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:80", audience: "http://localhost:80",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
private string createToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
//new Claim(ClaimTypes.Pol, username)
});
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:50191", audience: "http://localhost:50191",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public string CriarToken(string nome, string email)
{
// Definindo uma Const Key que deve ser uma chave secreta privada armazenada em algum lugar seguro
string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b372742 9090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
// Criando a chave de segurança usando a chave privada acima:
// não a versão mais recente do JWT usando o namespace Microsoft em vez do sistema
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
// Observe também que o comprimento da segurança deve ser > 256b
// então você deve ter certeza de que sua chave privada tenha um comprimento adequado
//
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(securityKey, SecurityAlgorithms.HmacSha256Signature);
// Finalmente criando um Token
var header = new JwtHeader(credentials);
// Alguns PayLoad que contêm informações sobre o usuário
var payload = new JwtPayload
{
{ "Nome ", nome },
{ "Email", email },
};
//
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
// Token em String para que você possa usá-lo em seu usuário
var tokenString = handler.WriteToken(secToken);
// Retornando token
return(tokenString);
}
public static string GenerateToken(string username, DateTime expiredTime)
{
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
// so you have to make sure that your private key has a proper length
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// Finally create a Token
var header = new JwtHeader(credentials);
//Some PayLoad that contain information about the customer
var payload = new JwtPayload
{
{ username, expiredTime.ToString() },
{ "scope", "http://dummy.com/" },
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
// Token to String so you can use it in your client
var tokenString = handler.WriteToken(secToken);
return(tokenString);
}
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto)
{
var userFromRepo = await _repo.Login(userForLoginDto.UserName.ToLower(), userForLoginDto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.UserName)
};
var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey
(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
var tokenDesk = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDesk);
return(Ok(new {
token = tokenHandler.WriteToken(token)
}));
}
private string GenerateTokenJwt(UserApi user, string unicoIdentificador, DateTime time, DateTime expireTime)
{
// appsetting for Token JWT
var secretKey = EngineData.SecretKey;
var audienceToken = EngineData.Audience;
var issuerToken = EngineData.Issuer;
var securityKey = new SymmetricSecurityKey(Encoding.Default.GetBytes(secretKey));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, user.Email),
new Claim(ClaimTypes.DateOfBirth, user.CreateDate.ToString()),
new Claim("HoraToken", DateTime.UtcNow.ToString()),
new Claim(ClaimTypes.Anonymous, unicoIdentificador)
});
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: time,
expires: expireTime,
signingCredentials: signingCredentials);
string token = tokenHandler.WriteToken(jwtSecurityToken);
return(token);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
WatchRef.ServiceSoapClient client = new WatchRef.ServiceSoapClient();
WatchRef.AuthControl auth = new WatchRef.AuthControl();
string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8basdcvb9090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var header = new JwtHeader(credentials);
var payload = new JwtPayload
{
{ "Username", txtUsername.Text },
{ "Password", txtPassword.Text },
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
auth.Token = handler.WriteToken(secToken);
client.Login(auth);
Response.Redirect("TumSaatler.aspx");
}
/// <summary>
/// Creates a JWT using the reseller / partners impersonation token settings and the customers account id
/// </summary>
/// <param name="impersonatedAccountId">The account id of the customer you want to impersonate</param>
/// <param name="resellerId">The account id for the reseller / partner</param>
/// <param name="issuer">Your unique JWT issuer you provided to the dotdigital CPaaS team</param>
/// <param name="secret">Your unique JWT secret you provided to the dotdigital CPaaS team</param>
/// <returns></returns>
private static string CreateImpersonationToken(int impersonatedAccountId, int resellerId, string issuer, string secret)
{
// Create Security key using the secret
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(securityKey, SecurityAlgorithms.HmacSha256);
// Create a token
var header = new JwtHeader(signingCredentials);
// Create the JWT payload including the details on the customer to impersonate.
var payload = new JwtPayload
{
{ "accountId", impersonatedAccountId },
{ "resellerId", RESELLER_ACCOUNT_ID },
{ "aud", "https://api.comapi.com" },
{ "iss", issuer },
{ "exp", (long)(DateTime.UtcNow.AddMinutes(115) - new DateTime(1970, 1, 1)).TotalSeconds } // Expires 115 minutes in the the future based on UTC
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
// Export the JWT as a string
return(handler.WriteToken(secToken));
}
static string GenerateJWT(RSA rsa)
{
//var securityKey = new Microsoft.IdentityModel.Tokens.X509SecurityKey(GetByThumbprint("YOUR-CERT-THUMBPRINT-HERE"));
//var securityKey = new Microsoft.IdentityModel.Tokens.X509SecurityKey(new X509Certificate2(Convert.FromBase64String("MIIDBTCCAe2gAwIBAgIQbiJkXaenk61AKixVocnLRTANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MB4XDTE5MTAwNTAwMDAwMFoXDTI0MTAwNDAwMDAwMFowLTErMCkGA1UEAxMiYWNjb3VudHMuYWNjZXNzY29udHJvbC53aW5kb3dzLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ2H9Y6Z+3BXUCtlbmXr6H5owYy15XTl3vdpOZLUkk4OV9LMsB1phjNp+wgl28eAgrNNfu4BTVlHdR9x6NTrSiIapsYjzzEz4mOmRh1Bw5tJxit0VEGn00/ZENniTjgeEFYgDHYwjrfZQ6dERBFiw1OQb2IG5f3KLtx92lUXeIZ7ZvTaPkUpc4Qd6wQZmWgzPqWFocRsJATGyZzXiiXQUrc9cVqm1bws3P0lFBcqNtv+AKDYKT5IRYLsyCkueQC9R6LUCsZVD7bVIkeQuA3iehJKIEAlk/e3j5E4VaCRs642ajb/z9kByTl2xL2k0AeZGc8/Rcy7SQn0LBcJNZGp/SMCAwEAAaMhMB8wHQYDVR0OBBYEFOLhl3BDPLNVYDe38Dp9JbUmd4kKMA0GCSqGSIb3DQEBCwUAA4IBAQAN4XwyqYfVdMl0xEbBMa/OzSfIbuI4pQWWpl3isKRAyhXezAX1t/0532LsIcYkwubLifnjHHqo4x1jnVqkvkFjcPZ12kjs/q5d1L0LxlQST/Uqwm/9/AeTzRZXtUKNBWBOWy9gmw9DEH593sNYytGAEerbWhCR3agUxsnQSYTTwg4K9cSqLWzHX5Kcz0NLCGwLx015/Jc7HwPJnp7q5Bo0O0VfhomDiEctIFfzqE5x9T9ZTUSWUDn3J7DYzs2L1pDrOQaNs/YEkXsKDP1j4tOFyxic6OvjQ10Yugjo5jg1uWoxeU8pI0BxY6sj2GZt3Ynzev2bZqmj68y0I9Z+NTZo")));
var securityKey = new Microsoft.IdentityModel.Tokens.RsaSecurityKey(rsa);
var mod = rsa.ExportParameters(includePrivateParameters: false).Modulus;
// The "key ID" used for RSA key in GPG/PGP is the last 8 hex digits (4 bytes) of the modulus of the key.
securityKey.KeyId = Base64UrlEncode(mod, mod.Length - 4, 4);
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, "RS256");
var header = new JwtHeader(credentials);
var payload = new JwtPayload
{
{ "aud", "https://management.core.windows.net/" },
{ "iss", "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/" },
{ "exp", (Int32)(new DateTime(2019, 12, 9, 0, 0, 0, DateTimeKind.Utc).Subtract(new DateTime(1970, 1, 1))).TotalSeconds },
{ "iat", (Int32)(new DateTime(2019, 12, 7, 0, 0, 0, DateTimeKind.Utc).Subtract(new DateTime(1970, 1, 1))).TotalSeconds }
};
var token = new JwtSecurityToken(header, payload);
var input = string.Join(".", new[] { token.EncodedHeader, token.EncodedPayload });
var signature = SignRS256(input, rsa);
return(string.Join(".", new[] { input, Base64UrlEncoder.Encode(signature) }));
}
/// <summary>
/// Builds a Json Web Token from the certificate for a specific user to be used in the webview.
/// </summary>
/// <param name="x509Certificate2">The certificate PFX</param>
/// <param name="customerUserId">The customer user id</param>
/// <param name="apiEndpoint">Endpoint URL called by the WebView</param>
/// <returns>A JSON Web Token</returns>
public static string BuildWebViewDefaultToken(X509Certificate2 x509Certificate2, string customerUserId, string apiEndpoint = "https://sca-multitenant.securibox.eu")
{
Uri endpointUri = new Uri(apiEndpoint);
var iss = x509Certificate2.Issuer;
var nbf = DateTime.UtcNow.AddMinutes(-1);
var exp = DateTime.UtcNow.AddHours(5);
var aud = endpointUri.Scheme + "://" + endpointUri.Host;
List <Claim> claims = new List <Claim>();
claims.Add(new Claim("sub", endpointUri.Host));
claims.Add(new Claim("jti", Guid.NewGuid().ToString("D")));
claims.Add(new Claim("uid", customerUserId));
SigningCredentials credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
new X509SecurityKey(x509Certificate2),
SecurityAlgorithms.RsaSha256Signature,
SecurityAlgorithms.Sha256Digest
);
var header = new JwtHeader(credentials);
var payload = new JwtPayload(issuer: iss, audience: aud, claims: claims, notBefore: nbf, expires: exp);
var jwtSecurityToken = new JwtSecurityToken(header, payload);
jwtSecurityToken.Header.Remove("kid");
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
return(handler.WriteToken(jwtSecurityToken));
}
public string GenerateToken(DateTime date, string user, TimeSpan time)
{
var expire = date.Add(time);
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, user),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(
JwtRegisteredClaimNames.Iat,
new DateTimeOffset(date).ToUniversalTime().ToUnixTimeSeconds().ToString(),
ClaimValueTypes.Integer64
)
};
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
new SymmetricSecurityKey(Encoding.ASCII.GetBytes(GlobalSettings.SYS_SINGINKEY)),
SecurityAlgorithms.HmacSha256Signature
);
var jwt = new JwtSecurityToken(
issuer: GlobalSettings.SYS_ISSUER,
audience: GlobalSettings.SYS_AUDIENCE,
claims: claims,
notBefore: date,
expires: expire,
signingCredentials: signingCredentials
);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(encodedJwt);
}
public static string GenerateToken <T>(string key, T information)
{
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey = new Microsoft
.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
//
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(securityKey, SecurityAlgorithms.HmacSha256Signature);
// Finally create a Token
var header = new JwtHeader(credentials);
//Some PayLoad that contain information about the customer
var payload = new JwtPayload {
{ information.GetType().Name, Newtonsoft.Json.JsonConvert.SerializeObject(information) }
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
// Token to String so you can use it in your client
return(handler.WriteToken(secToken));
}
private string CreateToken(string username)
{
string sec = ConfigurationManager.AppSettings["jwtKey"];
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(int.Parse(ConfigurationManager.AppSettings["jwtValidity"]));
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: ConfigurationManager.AppSettings["jwtIssuer"],
audience: ConfigurationManager.AppSettings["jwtIssuer"],
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public string genToken(string usn, string Permit)
{
string key = " WarakornT.!#~ WarakornT.!~% WarakornT.!@~ WarakornT.!!~ WarakornT.!&~ WarakornT.!~~!@#!";
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var header = new JwtHeader(credentials);
var payload = new JwtPayload
{
{ "name", usn },
{ "role", Permit } // 0 = not permit, 1 = admin, 2 = RD, 3 = Extra user
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
var tokenString = handler.WriteToken(secToken);
var token = handler.ReadJwtToken(tokenString);
return(token.RawData.ToString());
}
public string GenerateToken(DateTime date, string user, TimeSpan validDate)
{
var expire = date.Add(validDate);
var claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, user),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(
JwtRegisteredClaimNames.Iat,
new DateTimeOffset(date).ToUniversalTime().ToUnixTimeSeconds().ToString(),
ClaimValueTypes.Integer64
),
new Claim("roles", "Cliente"),
new Claim("roles", "Administrador")
};
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
new SymmetricSecurityKey(Encoding.ASCII.GetBytes("aaAAaaAA1234sdsdsdsddferrtrfgfgfrgfgfgdgfdfdf")),
SecurityAlgorithms.HmacSha256Signature
);
var jwt = new JwtSecurityToken(
issuer: "Ejemplo",
audience: "Public",
claims: claims,
notBefore: date,
expires: expire,
signingCredentials: signingCredentials
);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(encodedJwt);
}
public void SB()
{
var keyByteArray = System.Text.Encoding.ASCII.GetBytes("qMCdFDQuF23RV1Y-1Gq9L3cF3VmuFwVbam4fMTdAfcc");
var audienceid = "414e1927a3884f68abc79f7283837fd2";
var issuer = "http://www.abc.com";
var securityKey = new SymmetricSecurityKey(keyByteArray);
var sigigCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
JwtSecurityToken token = handler.CreateJwtSecurityToken(issuer, audienceid, null, DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromHours(1), DateTime.UtcNow + TimeSpan.FromHours(1), sigigCredentials);
string jwt = handler.WriteToken(token);
TokenValidationParameters tokenValidationParameters = new TokenValidationParameters()
{
IssuerSigningKey = securityKey,
ValidAudience = audienceid,
ValidIssuer = issuer
};
SecurityToken securityToken = null;
handler.ValidateToken(jwt, tokenValidationParameters, out securityToken);
bool istrue = securityToken.Issuer == issuer ? true : false;
Assert.True(istrue);
}
public static string GenerateToken(string userId, string username, string firstname, string lastname)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(7);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username),
new Claim("userid", userId),
new Claim("username", username),
new Claim("firstname", firstname),
new Claim("lastname", lastname),
//TODO:add other claim
});
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token = tokenHandler.CreateJwtSecurityToken(issuer: "AuthAPI", audience: "MvcWebClient",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
public ActionResult <string> Token()
{
//var header = Request.Headers["Authorization"];
//var credValue = header.ToString().Substring("Basci ".Length).Trim();
//var userNameAndPassenc = Encoding.UTF8.GetString(Convert.FromBase64String(credValue));
//var userNameAndPass = userNameAndPassenc.Split(":");
var claims = new[] {
new Claim(ClaimTypes.Name, "username")
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(AppConstants.JWTBearerToken.Token));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
key, SecurityAlgorithms.HmacSha256Signature);
var tokennString = new JwtSecurityToken(
issuer: AppConstants.JWTBearerToken.Issuer,
audience: AppConstants.JWTBearerToken.Audience,
expires: DateTime.Now.AddMinutes(AppConstants.JWTBearerToken.Expires),
claims: claims,
signingCredentials: signingCredentials
);
var token = new JwtSecurityTokenHandler().WriteToken(tokennString);
return(token);
}
public virtual string JwtPayloadToToken(JwtPayload Payload)
{
var ByteLenght = System.Text.ASCIIEncoding.Unicode.GetByteCount(this.Key);
if (ByteLenght < 256)
{
throw new ArgumentException($"the byte count of the key should be greater than 256 bytes,the current length is:{ByteLenght}");
}
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var SecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.Key));
// securityKey length MUST be >256 based on the length of the key
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(SecurityKey, SecurityAlgorithms.HmacSha256Signature);
// Lets create the token
var header = new JwtHeader(credentials);
// Lets add the header and payload
JwtSecurityToken SecurityToken = new JwtSecurityToken(header, Payload);
var Handler = new JwtSecurityTokenHandler();
// Convert the token to string and send it to your client
string TokenString = Handler.WriteToken(SecurityToken);
return(TokenString);
}
private JwtPayload ReadToken(string tokenString)
{
// Define const Key this should be private secret key stored in some safe place
string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey = new Microsoft
.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
//
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(securityKey, SecurityAlgorithms.HmacSha256Signature);
//
var handler = new JwtSecurityTokenHandler();
// And finally when you received token from client
// you can either validate it or try to read
var token = handler.ReadJwtToken(tokenString);
return(token.Payload);
}
private string createToken(TurfUser userInfo)
{
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, userInfo.Username),
new Claim(JwtRegisteredClaimNames.Email, userInfo.Email),
new Claim("UserType", userInfo.UserType.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var token = new JwtSecurityToken(issuer: "http://localhost:50191",
audience: "http://localhost:50191",
claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: signingCredentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
/// <summary>
/// Creates a new JWT Token for securing endpoints
/// </summary>
/// <returns>A string containing a new JWT token</returns>
public static string GenerateJwtToken()
{
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
(SIGNING_KEY, SecurityAlgorithms.HmacSha256);
var header = new JwtHeader(credentials);
// set the number in AddMinutes to set session length
DateTime expires = DateTime.UtcNow.AddMinutes(10);
// convert to unix seconds
int ts = (int)(expires - new DateTime(1970, 1, 1)).TotalSeconds;
var payload = new JwtPayload
{
{ "sub", "testSubject" },
{ "Name", "Tom" },
{ "email", "*****@*****.**" },
{ "exp", ts },
{ "iss", "https://localhost:44321" },
{ "aud", "https://localhost:44321" }
};
var secToken = new JwtSecurityToken(header, payload);
var handler = new JwtSecurityTokenHandler();
return(handler.WriteToken(secToken));
}
public string ReturnJWT(DateTime expirationDate, int permissionId_i, int userId_i)
{
// Create Security key using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
SymmetricSecurityKey securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(_key));
// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
SigningCredentials credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
// Finally create a Token
JwtHeader header = new JwtHeader(credentials);
// Some PayLoad that contain information about the customer
JwtPayload payload = new JwtPayload
{
{ "expirationDate", expirationDate },
{ "permissionId", permissionId_i },
{ "userId", userId_i }
};
JwtSecurityToken secToken = new JwtSecurityToken(header, payload);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
// Token to String so you can use it in your client
ErrInfLogger.LockInstance.InfoLog("Token created.");
return(handler.WriteToken(secToken));
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
//var signingKey = new HmacSigningCredentials(keyByteArray);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
securityKey, SecurityAlgorithms.HmacSha256Signature);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var handler = new JwtSecurityTokenHandler
{
MapInboundClaims = false
};
// we are clearing the map of the rename of the properties. see https://mderriey.com/2019/06/23/where-are-my-jwt-claims/ for details
//handler.InboundClaimTypeMap.Clear();
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials);
var jwt = handler.WriteToken(token);
return(jwt);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = ConfigurationManager.AppSettings["as:AudienceId"];
string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"];
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray);
var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
public string GenerateToken(List <Claim> claims)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = DateTime.UtcNow.AddDays(_appSettings.ExpireDay);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims);
var now = DateTime.UtcNow;
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(_appSettings.SecurityKey));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: _appSettings.Issuer, audience: _appSettings.Audience,
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
return(tokenString);
}
