private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType) { var obj = new AccessTokens(); obj.Id = Guid.NewGuid(); obj.RefreshToken = refreshToken; obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"])); obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); Claim[] claims; if (grantType == GRANT_TYPE_PASSWORD) { claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userId), new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")), new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim("appid", clientAppId) }; } else { claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")), new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim("appid", clientAppId) }; } var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Audience"], claims: claims, expires: AccessTokenExpiryDateTime, notBefore: DateTime.UtcNow, signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj) ); obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token); obj.Status = true; // Write Generated AccessToken to AuthDB (For future checking) var authAccessToken = _authObj.PutAccessTokens(obj); // Update RefreshToken to AuthDB (For future checking) var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime); return(obj); }
private string GenerateJwtRequestByRSAKey() { var payloadObj = new Payload(); payloadObj.iss = _config["GoogleApi:Firebase:UndoneAuth:ServiceAccount"]; payloadObj.scope = _config["GoogleApi:Firebase:UndoneAuth:Scope"]; payloadObj.aud = _config["GoogleApi:Firebase:UndoneAuth:RequestTokenUrl"] + "oauth2/v4/token"; payloadObj.exp = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60))); payloadObj.iat = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow)); SigningCredentials creds; var result = string.Empty; using (RSA privateRsa = RSA.Create()) { var privateKeyXml = string.Empty; var resp = _azObj.GetValueBySecretName(_config["GoogleApi:Firebase:UndoneAuth:Key:RS256:PrivateKeyXml"]).Result; if (resp.StatusCode == HttpStatusCode.OK) { var content = resp.Content.ReadAsStringAsync().Result; var obj = JsonConvert.DeserializeObject <SecretPayload>(content); privateKeyXml = obj.value; } privateRsa.fromXmlString(privateKeyXml); var privateKey = new RsaSecurityKey(privateRsa); creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256); var claims = new[] { new Claim("scope", payloadObj.scope), new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()), new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString()) }; var token = new JwtSecurityToken( payloadObj.iss, payloadObj.aud, claims, signingCredentials: creds ); result = new JwtSecurityTokenHandler().WriteToken(token); } return(result); }
private string GenerateJwtRequestByRSAKey() { var payloadObj = new Payload(); payloadObj.iss = serviceAccount; payloadObj.scope = scope; payloadObj.aud = requestTokenUrl + "token"; payloadObj.exp = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60))); payloadObj.iat = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow)); SigningCredentials creds; using (RSA privateRsa = RSA.Create()) { var privateKeyXml = File.ReadAllText(rs256PrivateKeyXml); privateRsa.fromXmlString(privateKeyXml); var privateKey = new RsaSecurityKey(privateRsa); creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256); } var claims = new[] { new Claim("scope", payloadObj.scope), new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()), new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString()) }; var token = new JwtSecurityToken( payloadObj.iss, payloadObj.aud, claims, signingCredentials: creds ); var result = new JwtSecurityTokenHandler().WriteToken(token); return(result); }