public async Task <AuthToken> CreateAuthTokenAsync(string userType, string userId, TokenCreationParameters parameters) { var user = await _userManager.FindUserAsync(userType, userId, UserSearchMode.FindById); var builder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(_secret) .AddClaim("sub", userId) .AddClaim("ut", userType) .AddClaim("iat", DateTimeOffset.UtcNow.ToUnixTimeSeconds()) .AddClaim("preferred_username", user?.DisplayName ?? userId); if (parameters.Audience != null) { builder.AddClaim("aud", parameters.Audience); } if (parameters.ExpirationTime != null) { builder.AddClaim("exp", parameters.ExpirationTime.Value.ToUnixTimeSeconds()); } var token = builder.Encode(); return(new AuthToken { Token = token, OwnerId = userId, OwnerType = userType }); }
public string Create(string secret, IDictionary <string, object> claims, string tokenIssuer = "", TimeSpan?tokenTimeSpan = null) { if (string.IsNullOrWhiteSpace(secret)) { throw new ArgumentNullException(nameof(secret)); } if (claims is null || !claims.Any()) { throw new ArgumentNullException(nameof(claims)); } _jwtBuilder.WithSecret(Encoding.UTF8.GetBytes(secret)); //add Issuer if specified if (!string.IsNullOrWhiteSpace(tokenIssuer)) { _jwtBuilder.AddClaim(ClaimName.Issuer, tokenIssuer); } //add ExpirationTime if specified if (tokenTimeSpan.HasValue) { _jwtBuilder.AddClaim(ClaimName.ExpirationTime, DateTimeOffset.UtcNow.Add(tokenTimeSpan.Value).ToUnixTimeSeconds()); } //include all provided claims foreach (var claim in claims) { _jwtBuilder.AddClaim(claim.Key, claim.Value); } //create and return the token return(_jwtBuilder.Encode()); }
public static string BuildJwt(this object obj, string secret = null, long minutes = 60) { if (secret.IsNullOrWhiteSpace()) { secret = Secret; } try { var jwt = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret); foreach (var propertyInfo in obj.GetType().GetProperties()) { jwt.AddClaim(propertyInfo.Name.ToLower(), propertyInfo.GetValue(obj)); } jwt.AddClaim("expire", DateTime.Now.AddMinutes(minutes)); var token = jwt.Encode(); return(token); } catch { return(null); } }
public AccessToken GenerateAccessToken(string userId, string clientId, string scope, double expiresInSeconds) { JwtBuilder encoder = new JwtBuilder().WithAlgorithm(new HMACSHA256Algorithm()).WithSecret(_secret).AddClaim("scope", scope); DateTimeOffset now = DateTimeOffset.UtcNow; encoder = encoder.AddClaim("iat", now.ToUnixTimeSeconds()); encoder = encoder.AddClaim("exp", now.AddSeconds(expiresInSeconds).ToUnixTimeSeconds()); if (!String.IsNullOrWhiteSpace(userId)) { encoder = encoder.AddClaim("sub", userId); } if (!String.IsNullOrWhiteSpace(clientId)) { encoder = encoder.AddClaim("cid", clientId); } AccessToken accessToken = new AccessToken(); accessToken.ExpiresIn = (long)expiresInSeconds; accessToken.Scope = scope; accessToken.TokenType = "bearer"; accessToken.Token = encoder.Build(); return(accessToken); }
public virtual void SerializeToJwt(JwtBuilder builder) { builder.AddClaim("jwtId", this.jwtId); builder.AddClaim("authenticationMethod", this.AuthenticationMethod); if (!string.IsNullOrEmpty(this.Endpoint)) { builder.AddClaim("endpoint", this.Endpoint); } }
public static string Generate(object _o, DateTime _exp) { var _builder = new JwtBuilder().WithAlgorithm(new HMACSHA256Algorithm()).WithSecret(m_secret); _builder = _builder.AddClaim("exp", new DateTimeOffset(_exp).ToUnixTimeSeconds()); foreach (var(_key, _val) in _o.json()) { if (_key == "exp") { throw new Exception("field name \"exp\" is invalid"); } _builder = _builder.AddClaim(_key, _val.to_str()); } return(_builder.Build()); }
public static string BuildToken(Dictionary <string, string> claims, string secret) { var builder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret); claims.ToList().ForEach(claim => builder.AddClaim(claim.Key, claim.Value)); return(builder.Encode()); }
public static JwtBuilder AddClaims(this JwtBuilder builder, PinAuth pinPayload) { return(builder .AddClaim("client_id", pinPayload.client_id) .AddClaim("device_id", pinPayload.device_id) .AddClaim("credential", pinPayload.credential) .AddClaim("credential_type", pinPayload.credential_type) .AddClaim("nonce", pinPayload.nonce) .AddClaim("timestamp", pinPayload.timestamp) .AddClaim("scope", pinPayload.scope)); }
public void SerializeToJwt(JwtBuilder builder) { builder.AddClaim("jwtId", this.jwtId); if (this.isRootUser) { builder.AddClaim("isRootUser", true); } if (this.isSteamUser) { builder.AddClaim("isSteamUser", true); builder.AddClaim("steamId", this.steamId.ToString()); } if (this.endpoint != null) { builder.AddClaim("endpoint", this.endpoint); } }
public Task <string> Generate(UserInformation user, Guid correlationId, TimeSpan?expiresIn, CancellationToken cancellationToken) { var token = new JwtBuilder() .WithAlgorithm(new HMACSHA512Algorithm()) .WithSecret(_userResolverSecret.GetSecret()) .AddClaim("sub", user.Username) .AddClaim("uid", user.UserIdentifier) .AddClaim("iat", ServiceClock.CurrentTime().ToUnixTimeSeconds()) ; if (expiresIn != null) { token.AddClaim("exp", ServiceClock.CurrentTime().Add(expiresIn.Value).ToUnixTimeSeconds()); } if (user.Roles != null && user.Roles.Length > 0) { token.AddClaim("roles", user.Roles); } else { token.AddClaim("roles", new string[0]); } if (user.Claims != null && user.Claims.Any()) { foreach (var claim in user.Claims) { string[] ignore = { "exp", "roles", "uid", "iat", "sub" }; if (!ignore.Contains(claim.Key)) { token.AddClaim(claim.Key, claim.Value); } } } var tokenStr = token.Encode(); _logger.LogTrace($"Generated, token: {tokenStr}, correlationId: {correlationId}"); return(Task.FromResult(tokenStr)); }
public static JwtBuilder AddClaims(this JwtBuilder builder, DeviceAuth deviceAuth) { return(builder .AddClaim("client_id", deviceAuth.client_id) .AddClaim("device_id", deviceAuth.device_id) .AddClaim("username", deviceAuth.username) .AddClaim("password", deviceAuth.password) .AddClaim("nonce", deviceAuth.nonce) .AddClaim("timestamp", deviceAuth.timestamp) .AddClaim("scope", deviceAuth.scope) .AddClaim("grant_type", deviceAuth.grant_type)); }
/// <summary> /// 获取jwtToken /// </summary> /// <param name="data"></param> /// <returns></returns> public static string GetJwtToken(Dictionary <string, string> data) { var tokenBuilder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret); foreach (var keyValuePair in data) { tokenBuilder.AddClaim(keyValuePair.Key, keyValuePair.Value); } return(tokenBuilder.Build()); }
private string GenerateTokenFromAzureKeyCredential(DateTimeOffset expiresAt, string userId = default, IEnumerable <string> roles = default) { var keyBytes = Encoding.UTF8.GetBytes(_credential.Key); var jwt = new JwtBuilder(keyBytes); var now = DateTimeOffset.UtcNow; string endpoint = this.endpoint.AbsoluteUri; if (!endpoint.EndsWith("/", StringComparison.Ordinal)) { endpoint += "/"; } var audience = $"{endpoint}client/hubs/{hub}"; if (userId != default) { jwt.AddClaim(JwtBuilder.Sub, userId); } if (roles != default && roles.Any()) { jwt.AddClaim(s_role, roles); } jwt.AddClaim(JwtBuilder.Nbf, now); jwt.AddClaim(JwtBuilder.Exp, expiresAt); jwt.AddClaim(JwtBuilder.Iat, now); jwt.AddClaim(JwtBuilder.Aud, audience); return(jwt.BuildString()); }
/// <summary> /// Encode object with secret /// </summary> /// <param name="secretToken"></param> /// <param name="objectToEncode"></param> /// <returns></returns> public OutputDto <string> Encode(string secretToken, object objectToEncode, DateTime?tokenExpireDate = null, IJwtAlgorithm algorithm = null) { try { //Add 1 hour of token expiration by default DateTimeOffset expireDate = DateTimeOffset.UtcNow.AddHours(1); //Add default algorithm if (algorithm == null) { algorithm = new HMACSHA256Algorithm(); } //Encode token var tokenBuilder = new JwtBuilder() .WithAlgorithm(algorithm) .WithSecret(secretToken) .AddClaim("content", objectToEncode); //Validate expire date if (tokenExpireDate.HasValue) { //Parse date to UTC expireDate = tokenExpireDate.Value.Kind != DateTimeKind.Utc ? tokenExpireDate.Value.ToUniversalTime() : tokenExpireDate.Value; tokenBuilder = tokenBuilder.AddClaim("exp", expireDate.ToUnixTimeSeconds()); } //Build token var token = tokenBuilder.Build(); //Validate token if (string.IsNullOrWhiteSpace(token)) { return(new OutputDto <string>(HttpStatusCode.Unauthorized, "The generated token is empty", null)); } if (tokenExpireDate.HasValue) { //Return converted Object return(new OutputDto <string>(token, HttpStatusCode.OK, ToUtc(expireDate.DateTime))); } else { return(new OutputDto <string>(token)); } } catch (Exception ex) { return(new OutputDto <string>(HttpStatusCode.Unauthorized, ex.ToString())); } }
public string GenerateJwt(ClaimsPrincipal user) { // add identityhub claims var claims = user.Claims.ToList(); // _builder.AddClaims(); _builder.AddClaim("access_token", claims.FirstOrDefault(c => c.Type.Equals("http://schemas.u2uconsult.com/ws/2014/03/identity/claims/accesstoken")) ?.Value); _builder.AddClaim("id", claims.FirstOrDefault(c => c.Type.Equals("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier")) ?.Value); _builder.AddClaim("name", claims.FirstOrDefault(c => c.Type.Equals("http://schemas.u2uconsult.com/ws/2014/04/identity/claims/displayname")) ?.Value); _builder.AddClaim("email", claims.FirstOrDefault(c => c.Type.Equals("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")) ?.Value); return(_builder.Encode()); }
public static string CreateUserToken(User user) { PropertyInfo[] propertyInfos = typeof(User).GetProperties(); var currTime = DateTime.Now; var token = new JwtBuilder().WithAlgorithm(new HMACSHA256Algorithm()).WithSecret(SECRET_KEY).ExpirationTime(currTime.AddHours(8)); foreach (var prop in propertyInfos) { token.AddClaim(prop.Name, prop.GetValue(user)); } return(token.Encode()); }
private string Create(Dictionary <string, object> claims) { var tokenBuilder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(_secret); foreach (var claim in claims) { tokenBuilder.AddClaim(claim.Key, claim.Value.ToString()); } return(tokenBuilder.Build()); }
public string BuildToken(IEnumerable <Claim> claims, int ExpireMinutes = 20) { var jb = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(Secret); foreach (var claim in claims) { jb.AddClaim(claim.Type, claim.Value); } var token = jb.Build(); return(token); }
public string Serialize(IDictionary <string, string> claims) { var exp = (DateTimeOffset.UtcNow + duration).ToUnixTimeSeconds(); var builder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret) .AddClaim("exp", exp); foreach (var claim in claims) { builder = builder.AddClaim(claim.Key, claim.Value); } return(builder.Build()); }
private string GenerateToken(IDictionary <string, object> payload, string secret) { Guard.NotNull(payload, nameof(payload)); Guard.NotNullOrWhiteSpace(secret, nameof(secret)); var builder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret); foreach (var claim in payload) { builder.AddClaim(claim.Key, claim.Value); } return(builder.Build()); }
public string CreateJwtToken(Dictionary <string, object> payloadItems, string secret = "GQDstcKsx0NHjPOuXOYg5MbeJ1XT0uFiwDVvVBrk") { var builder = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret) ; foreach (var item in payloadItems) { builder.AddClaim(item.Key, item.Value); } var token = builder.Build(); return(token); }
public static string EncodeJwt(string keyId, Dictionary <string, object> claims) { var builder = new JwtBuilder() .WithAlgorithmFactory(_factory) .WithAlgorithm(new RS256Algorithm(Certificate)) .WithSerializer(_serializer) .WithValidator(_validator) .WithSecret("passord") .AddHeader(HeaderName.KeyId, keyId); foreach (var(key, value) in claims) { builder.AddClaim(key, value); } return(builder.Encode()); }
public static string CreateToken(List <ClaimModel> claims) { string secret = ConfigurationManager.AppSettings["token::salt"].ToString(); string tokenExp = ConfigurationManager.AppSettings["token::exp"].ToString(); var token = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(secret) .AddClaim("exp", DateTimeOffset.UtcNow.AddSeconds(Int32.Parse(tokenExp)).ToUnixTimeSeconds()); foreach (var claim in claims) { token.AddClaim(claim.Name, claim.Value); } return(token.Build()); }
public static string Encode(string secret, IDictionary <string, object> payload, JwtHashAlgorithm type = JwtHashAlgorithm.HS256) { HMACSHAAlgorithmFactory factory = new HMACSHAAlgorithmFactory(); IJwtAlgorithm algorithm = factory.Create(type); JWT.IJsonSerializer serializer = new JsonNetSerializer(); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder); var builder = new JwtBuilder() .WithAlgorithm(algorithm) .WithSecret(secret); if (payload != null) { foreach (var key in payload.Keys) { builder = builder.AddClaim(key, payload[key]); } } var token = builder.Build(); return(token); }
/// <summary> /// Creates a URI with authentication token. /// </summary> /// <param name="expiresAt">UTC time when the token expires.</param> /// <param name="userId"></param> /// <param name="roles"></param> /// <returns></returns> public virtual Uri GenerateClientAccessUri(DateTimeOffset expiresAt, string userId = default, params string[] roles) { var keyBytes = Encoding.UTF8.GetBytes(_credential.Key); var jwt = new JwtBuilder(keyBytes); var now = DateTimeOffset.UtcNow; string endpoint = this.endpoint.AbsoluteUri; if (!endpoint.EndsWith("/", StringComparison.Ordinal)) { endpoint += "/"; } var audience = $"{endpoint}client/hubs/{hub}"; if (userId != default) { jwt.AddClaim(JwtBuilder.Sub, userId); } if (roles != default && roles.Length > 0) { jwt.AddClaim(s_role, roles); } jwt.AddClaim(JwtBuilder.Nbf, now); jwt.AddClaim(JwtBuilder.Exp, expiresAt); jwt.AddClaim(JwtBuilder.Iat, now); jwt.AddClaim(JwtBuilder.Aud, audience); string token = jwt.BuildString(); var clientEndpoint = new UriBuilder(endpoint); clientEndpoint.Scheme = this.endpoint.Scheme == "http" ? "ws" : "wss"; var uriString = $"{clientEndpoint}client/hubs/{hub}?access_token={token}"; return(new Uri(uriString)); }
public string Encode(object payload) { return(_builder.AddClaim("payload", payload).Encode()); }
public override void SerializeToJwt(JwtBuilder builder) { base.SerializeToJwt(builder); builder.AddClaim("steamId", this.SteamID); }