/// <summary>
/// Creates security token.
/// </summary>
/// <param name="tokenDescriptor">The token descriptor.</param>
/// <returns>Security token.</returns>
public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
{
if (tokenDescriptor == null)
{
throw new ArgumentNullException("tokenDescriptor");
}
// See details in Json Web Token specification.
var seconds = (tokenDescriptor.Lifetime.Expires - tokenDescriptor.Lifetime.Created) ?? new TimeSpan(0, 0, 3600);
var header = new JwtHeaderSegment();
var claims = new JwtClaimsSegment(
tokenDescriptor.TokenIssuerName,
tokenDescriptor.AppliesToAddress,
DateTime.UtcNow,
DateTime.UtcNow + seconds,
tokenDescriptor.Subject.Claims
);
// See details in Json Web Signature specification.
var key = (InMemorySymmetricSecurityKey)tokenDescriptor.SigningCredentials.SigningKey;
var mac = new HMACSHA256(key.GetSymmetricKey());
var hash = mac.ComputeHash(Encoding.UTF8.GetBytes(JsonWebToken.GetSigningInput(header, claims)));
var jwsCryptoOutput = JwtTokenUtility.Base64UrlEncode(hash);
return(new JsonWebToken(header, claims, jwsCryptoOutput));
}
/// <summary>
/// Retrieves token signing input.
/// </summary>
/// <param name="header">JWT header section.</param>
/// <param name="payload">JWT payload section.</param>
/// <returns>Signing input.</returns>
/// <remarks>For details refer to Json Web Signature specification.</remarks>
internal static string GetSigningInput(JwtHeaderSegment header, JwtClaimsSegment payload)
{
var decodedJwsHeaderInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header));
var jwsHeaderInput = JwtTokenUtility.Base64UrlEncode(decodedJwsHeaderInput);
var decodedJwsPayloadInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload));
var jwsPaloadInput = JwtTokenUtility.Base64UrlEncode(decodedJwsPayloadInput);
return(string.Format("{0}.{1}", jwsHeaderInput, jwsPaloadInput));
}
/// <summary>
/// Initializes a new instance of the <see cref="JsonWebToken"/> class.
/// </summary>
/// <param name="header">The JWT header section.</param>
/// <param name="claims">The JWT payload section.</param>
/// <param name="signature">The JWT signature.</param>
public JsonWebToken(
JwtHeaderSegment header,
JwtClaimsSegment claims,
string signature)
{
if (header == null)
throw new ArgumentNullException("header");
if (claims == null)
throw new ArgumentNullException("claims");
HeaderSection = header;
ClaimsSection = claims;
Signature = signature;
}
/// <summary>
/// Initializes a new instance of the <see cref="JsonWebToken"/> class.
/// </summary>
/// <param name="header">The JWT header section.</param>
/// <param name="claims">The JWT payload section.</param>
/// <param name="signature">The JWT signature.</param>
public JsonWebToken(
JwtHeaderSegment header,
JwtClaimsSegment claims,
string signature)
{
if (header == null)
{
throw new ArgumentNullException("header");
}
if (claims == null)
{
throw new ArgumentNullException("claims");
}
HeaderSection = header;
ClaimsSection = claims;
Signature = signature;
}
/// <summary>
/// Retrieves token signing input.
/// </summary>
/// <param name="header">JWT header section.</param>
/// <param name="payload">JWT payload section.</param>
/// <returns>Signing input.</returns>
/// <remarks>For details refer to Json Web Signature specification.</remarks>
internal static string GetSigningInput(JwtHeaderSegment header, JwtClaimsSegment payload)
{
var decodedJwsHeaderInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header));
var jwsHeaderInput = JwtTokenUtility.Base64UrlEncode(decodedJwsHeaderInput);
var decodedJwsPayloadInput = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload));
var jwsPaloadInput = JwtTokenUtility.Base64UrlEncode(decodedJwsPayloadInput);
return string.Format("{0}.{1}", jwsHeaderInput, jwsPaloadInput);
}
/// <summary>
/// Creates security token.
/// </summary>
/// <param name="tokenDescriptor">The token descriptor.</param>
/// <returns>Security token.</returns>
public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
{
if (tokenDescriptor == null)
throw new ArgumentNullException("tokenDescriptor");
// See details in Json Web Token specification.
var seconds = (tokenDescriptor.Lifetime.Expires - tokenDescriptor.Lifetime.Created) ?? new TimeSpan(0, 0, 3600);
var header = new JwtHeaderSegment();
var claims = new JwtClaimsSegment(
tokenDescriptor.TokenIssuerName,
tokenDescriptor.AppliesToAddress,
DateTime.UtcNow,
DateTime.UtcNow + seconds,
tokenDescriptor.Subject.Claims
);
// See details in Json Web Signature specification.
var key = (InMemorySymmetricSecurityKey)tokenDescriptor.SigningCredentials.SigningKey;
var mac = new HMACSHA256(key.GetSymmetricKey());
var hash = mac.ComputeHash(Encoding.UTF8.GetBytes(JsonWebToken.GetSigningInput(header, claims)));
var jwsCryptoOutput = JwtTokenUtility.Base64UrlEncode(hash);
return new JsonWebToken(header, claims, jwsCryptoOutput);
}
