private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType)
{
var obj = new AccessTokens();
obj.Id = Guid.NewGuid();
obj.RefreshToken = refreshToken;
obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"]));
obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
Claim[] claims;
if (grantType == GRANT_TYPE_PASSWORD)
{
claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, userId),
new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim("appid", clientAppId)
};
}
else
{
claims = new[] {
new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim("appid", clientAppId)
};
}
var token = new JwtSecurityToken(
issuer: _config["Jwt:Issuer"],
audience: _config["Jwt:Audience"],
claims: claims,
expires: AccessTokenExpiryDateTime,
notBefore: DateTime.UtcNow,
signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj)
);
obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token);
obj.Status = true;
// Write Generated AccessToken to AuthDB (For future checking)
var authAccessToken = _authObj.PutAccessTokens(obj);
// Update RefreshToken to AuthDB (For future checking)
var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime);
return(obj);
}
private string GenerateJwtRequestByRSAKey()
{
var payloadObj = new Payload();
payloadObj.iss = _config["GoogleApi:Firebase:UndoneAuth:ServiceAccount"];
payloadObj.scope = _config["GoogleApi:Firebase:UndoneAuth:Scope"];
payloadObj.aud = _config["GoogleApi:Firebase:UndoneAuth:RequestTokenUrl"] + "oauth2/v4/token";
payloadObj.exp = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60)));
payloadObj.iat = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow));
SigningCredentials creds;
var result = string.Empty;
using (RSA privateRsa = RSA.Create())
{
var privateKeyXml = string.Empty;
var resp = _azObj.GetValueBySecretName(_config["GoogleApi:Firebase:UndoneAuth:Key:RS256:PrivateKeyXml"]).Result;
if (resp.StatusCode == HttpStatusCode.OK)
{
var content = resp.Content.ReadAsStringAsync().Result;
var obj = JsonConvert.DeserializeObject <SecretPayload>(content);
privateKeyXml = obj.value;
}
privateRsa.fromXmlString(privateKeyXml);
var privateKey = new RsaSecurityKey(privateRsa);
creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256);
var claims = new[] {
new Claim("scope", payloadObj.scope),
new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()),
new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString())
};
var token = new JwtSecurityToken(
payloadObj.iss,
payloadObj.aud,
claims,
signingCredentials: creds
);
result = new JwtSecurityTokenHandler().WriteToken(token);
}
return(result);
}
private string GenerateJwtRequestByRSAKey()
{
var payloadObj = new Payload();
payloadObj.iss = serviceAccount;
payloadObj.scope = scope;
payloadObj.aud = requestTokenUrl + "token";
payloadObj.exp = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow.AddMinutes(60)));
payloadObj.iat = Convert.ToInt32(DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow));
SigningCredentials creds;
using (RSA privateRsa = RSA.Create())
{
var privateKeyXml = File.ReadAllText(rs256PrivateKeyXml);
privateRsa.fromXmlString(privateKeyXml);
var privateKey = new RsaSecurityKey(privateRsa);
creds = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256);
}
var claims = new[] {
new Claim("scope", payloadObj.scope),
new Claim(JwtRegisteredClaimNames.Iat, payloadObj.iat.ToString()),
new Claim(JwtRegisteredClaimNames.Exp, payloadObj.exp.ToString())
};
var token = new JwtSecurityToken(
payloadObj.iss,
payloadObj.aud,
claims,
signingCredentials: creds
);
var result = new JwtSecurityTokenHandler().WriteToken(token);
return(result);
}