Esempio n. 1
0
        public IToken GenerateRefreshToken(ClaimsIdentity identity, IEnumerable <string> audiences)
        {
            var tokenId      = Guid.NewGuid().ToString("N");
            var tokenHandler = new JwtSecurityTokenHandler();
            var signingKey   = this.options.Value.Keys.First();
            var token        = tokenHandler.CreateToken(new SecurityTokenDescriptor
            {
                Audience           = this.options.Value.Issuer,
                Expires            = (DateTime.Now + this.options.Value.RefreshTokenLifetime),
                NotBefore          = DateTime.Now.AddMinutes(-1),
                IssuedAt           = DateTime.Now,
                Issuer             = this.options.Value.Issuer,
                SigningCredentials = signingKey.Value,
                Subject            = new ClaimsIdentity(new Claim[]
                {
                    new Claim(TokenIdClaim, tokenId),
                    new Claim(TokenUsageClaim, "refresh_token"),
                    new Claim(KeyIdClaim, signingKey.Key),
                    identity.FindFirst(ClaimTypes.NameIdentifier)
                })
            });

            return(tokenHandler.GetRefreshToken(tokenId, token));
        }