//Should not be used on the FE, this is for backend JWT generation public string GenerateToken(Claim[] claims) { //Add breadcrumb for Raven error monitoring var crumb = new Breadcrumb("AliseeksJwtAuthentication"); crumb.Message = "Creating jwt token"; raven.AddTrail(crumb); var securityKey = System.Text.Encoding.ASCII.GetBytes(jwtOptions.SecretKey); var handler = new JwtSecurityTokenHandler(); var now = DateTime.UtcNow; var tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claims), Issuer = "AliseeksIssuer", Audience = "AliseeksUser", Expires = DateTime.Now.AddDays(14), NotBefore = now, IssuedAt = now, SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(securityKey), SecurityAlgorithms.HmacSha256) }; try { var token = handler.CreateToken(tokenDescriptor); var tokenString = handler.WriteToken(token); return(tokenString); } catch (Exception e) { //Blocking I/O raven.CaptureNetCoreEvent(e).Wait(); //Throw for whatever service is calling it throw e; } }
public AuthenticationTicket Unprotect(string protectedText, string purpose) { var handler = new JwtSecurityTokenHandler(); ClaimsPrincipal principal = null; SecurityToken validToken = null; try { //Add breadcrumb for Sentry error monitoring var crumb = new Breadcrumb("AliseeksJwtCookieAuthentication"); crumb.Message = "Attempting to validate JWT token"; crumb.Data = new Dictionary <string, string>() { { "ValidationParameters", JsonConvert.SerializeObject(this.validationParameters) }, { "ProtectedText", protectedText } }; raven.AddTrail(crumb); principal = handler.ValidateToken(protectedText, this.validationParameters, out validToken); var validJwt = validToken as JwtSecurityToken; if (validJwt == null) { throw new ArgumentException("Invalid JWT"); } if (!validJwt.Header.Alg.Equals(algorithm, StringComparison.Ordinal)) { throw new ArgumentException($"Algorithm must be {algorithm}"); } //Append token value to identity var tokenClaim = new Claim[] { new Claim("Token", protectedText) }; principal.AddIdentity(new ClaimsIdentity(tokenClaim)); return(new AuthenticationTicket(principal, new Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties() { }, "AliseeksCookie")); } catch (SecurityTokenValidationException e) { //Blocking I/O raven.CaptureNetCoreEvent(e).Wait(); return(null); } catch (ArgumentException e) { //Blocking I/O raven.CaptureNetCoreEvent(e).Wait(); return(null); } catch (Exception e) { //Blocking I/O raven.CaptureNetCoreEvent(e).Wait(); return(null); } }