コード例 #1
0
        public async Task <UserAndToken> IssueToken(UserModel user, string password)
        {
            if (user == null || password == null ||
                user.PasswordHash != Crypto.HashWithSalt(password, user.PasswordSalt))
            {
                _logger.LogDebug("password hashed to -> " + Crypto.HashWithSalt(password, user.PasswordSalt));
                _logger.LogDebug("DB password hash -> " + user.PasswordHash);
                _logger.LogDebug("DB password salt -> " + user.PasswordSalt);
                throw new ArgumentException($"Invalid username or password");
            }
            string jti = await _config.JtiGenerator();

            List <Claim> claims = new List <Claim> {
                new Claim(AuthConst.CLAIM_ID, user.Id),
                new Claim(AuthConst.CLAIM_JTI, jti),
                new Claim(AuthConst.CLAIM_IAT, ToUnixEpochDate(_config.IssuedAt).ToString(), ClaimValueTypes.Integer64),
                new Claim(AuthConst.CLAIM_USERNAME, user.Username),
                new Claim(AuthConst.CLAIM_FIRSTNAME, user.Firstname),
                new Claim(AuthConst.CLAIM_LASTNAME, user.Lastname)
            };
            ClaimsIdentity  identity  = new ClaimsIdentity(new GenericIdentity(user.Username, "JwtAccessToken"), claims);
            ClaimsPrincipal principal = new ClaimsPrincipal(identity);

            // Create the JWT security token and encode it.
            JwtSecurityToken jwt = new JwtSecurityToken(
                issuer: _config.Issuer,
                audience: _config.Audience,
                claims: principal.Claims,
                notBefore: _config.NotBefore,
                expires: _config.Expiration,
                signingCredentials: _config.SigningCredentials
                );

            // Export to a model ready for the consumer
            JwtToken token = new JwtToken()
            {
                AccessToken      = new JwtSecurityTokenHandler().WriteToken(jwt),
                ExpiresInSeconds = (int)_config.ValidFor.TotalSeconds
            };

            return(new UserAndToken()
            {
                User = user,
                Token = token
            });
        }
コード例 #2
0
        public string GenerateEncodedToken(string userId, string email, IEnumerable <Claim> additionalClaims)
        {
            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, userId),
                new Claim(JwtRegisteredClaimNames.Email, email),
                new Claim(JwtRegisteredClaimNames.Jti, _jwtConfiguration.JtiGenerator()),
                new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64),
            }
            .Concat(additionalClaims);

            var jwt = new JwtSecurityToken(
                issuer: _jwtConfiguration.Issuer,
                audience: _jwtConfiguration.Audience,
                claims: claims,
                notBefore: DateTime.UtcNow,
                expires: DateTime.UtcNow.Add(_jwtConfiguration.ValidFor),
                signingCredentials: _jwtConfiguration.SigningCredentials);

            var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            return(encodedJwt);
        }
コード例 #3
0
        public string GenerateEncodedToken(string userId, string email, IEnumerable <Claim> additionalClaims)
        {
            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, userId),
                new Claim(JwtRegisteredClaimNames.Email, email),
                new Claim(JwtRegisteredClaimNames.Jti, _jwtOptions.JtiGenerator()),
                new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(_jwtOptions.IssuedAt).ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
            }
            .Concat(additionalClaims);

            var jwt = new JwtSecurityToken(
                issuer: _jwtOptions.Issuer,
                audience: _jwtOptions.Audience,
                claims: claims,
                notBefore: _jwtOptions.NotBefore,
                expires: _jwtOptions.Expiration,
                signingCredentials: _jwtOptions.SigningCredentials);

            var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            return(encodedJwt);
        }