public string GetToken(JwtRequest request, JwtType type)
{
_rsa.ImportRSAPrivateKey(_privateKey, out _);
var jwtHandler = new JwtSecurityTokenHandler();
var claims = new List <Claim>();
switch (type)
{
case JwtType.IdToken:
claims.Add(new Claim("email", request.email ?? ""));
claims.Add(new Claim("phone_number", request.phoneNumber ?? ""));
break;
case JwtType.AccessToken:
claims.Add(new Claim("client_id", _aud));
claims.Add(new Claim("scope", request.scope));
break;
}
claims.Add(new Claim("sub", request.subject));
claims.Add(new Claim("username", request.username));
foreach (var rclaim in request.claims)
{
claims.Add(new Claim(rclaim.Key, rclaim.Value));
}
var descriptor = new SecurityTokenDescriptor
{
Issuer = _iss,
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddHours(12),
SigningCredentials = new SigningCredentials(new RsaSecurityKey(_rsa)
{
KeyId = _kid
}, SecurityAlgorithms.RsaSha256)
};
if (type == JwtType.IdToken)
{
descriptor.Audience = _aud;
}
var jwtToken = jwtHandler.CreateToken(descriptor);
var b64token = jwtHandler.WriteToken(jwtToken);
return(b64token);
}
public void Should_Generate_Key_For_Recommended_Alg(JwtType jwtType, AlgorithmType type)
{
var key = new CryptographicKey(Algorithm.Create(type, jwtType));
key.Key.KeyId.Should().NotBeNull();
}
