internal async Task <string> CreateCustomTokenAsync(
string uid,
IDictionary <string, object> developerClaims = null,
CancellationToken cancellationToken = default(CancellationToken))
{
if (string.IsNullOrEmpty(uid))
{
throw new ArgumentException("uid must not be null or empty");
}
else if (uid.Length > 128)
{
throw new ArgumentException("uid must not be longer than 128 characters");
}
if (developerClaims != null)
{
foreach (var entry in developerClaims)
{
if (ReservedClaims.Contains(entry.Key))
{
throw new ArgumentException(
$"reserved claim {entry.Key} not allowed in developerClaims");
}
}
}
var header = new JsonWebSignature.Header()
{
Algorithm = "RS256",
Type = "JWT",
};
var issued = (int)(this.clock.UtcNow - UnixEpoch).TotalSeconds;
var keyId = await this.Signer.GetKeyIdAsync(cancellationToken).ConfigureAwait(false);
var payload = new CustomTokenPayload()
{
Uid = uid,
Issuer = keyId,
Subject = keyId,
Audience = FirebaseAudience,
IssuedAtTimeSeconds = issued,
ExpirationTimeSeconds = issued + TokenDurationSeconds,
TenantId = this.TenantId,
};
if (developerClaims != null && developerClaims.Count > 0)
{
payload.Claims = developerClaims;
}
return(await JwtUtils.CreateSignedJwtAsync(
header, payload, this.Signer, cancellationToken).ConfigureAwait(false));
}
protected virtual void AssertHeader(JsonWebSignature.Header header)
{
Assert.Equal("RS256", header.Algorithm);
Assert.Equal("JWT", header.Type);
}
protected override void AssertHeader(JsonWebSignature.Header header)
{
Assert.Equal("none", header.Algorithm);
Assert.Equal("JWT", header.Type);
}
