public string GetToken(JwtRequest request, JwtType type) { _rsa.ImportRSAPrivateKey(_privateKey, out _); var jwtHandler = new JwtSecurityTokenHandler(); var claims = new List <Claim>(); switch (type) { case JwtType.IdToken: claims.Add(new Claim("email", request.email ?? "")); claims.Add(new Claim("phone_number", request.phoneNumber ?? "")); break; case JwtType.AccessToken: claims.Add(new Claim("client_id", _aud)); claims.Add(new Claim("scope", request.scope)); break; } claims.Add(new Claim("sub", request.subject)); claims.Add(new Claim("username", request.username)); foreach (var rclaim in request.claims) { claims.Add(new Claim(rclaim.Key, rclaim.Value)); } var descriptor = new SecurityTokenDescriptor { Issuer = _iss, Subject = new ClaimsIdentity(claims), Expires = DateTime.UtcNow.AddHours(12), SigningCredentials = new SigningCredentials(new RsaSecurityKey(_rsa) { KeyId = _kid }, SecurityAlgorithms.RsaSha256) }; if (type == JwtType.IdToken) { descriptor.Audience = _aud; } var jwtToken = jwtHandler.CreateToken(descriptor); var b64token = jwtHandler.WriteToken(jwtToken); return(b64token); }
public void Should_Generate_Key_For_Recommended_Alg(JwtType jwtType, AlgorithmType type) { var key = new CryptographicKey(Algorithm.Create(type, jwtType)); key.Key.KeyId.Should().NotBeNull(); }