public async Task <JwtToken> GenerateTokenAsync(User user)
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(Constants.Constants.Strings.JwtClaimIdentifiers.Rol,
Constants.Constants.Strings.JwtClaims.ApiAccess),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(),
ClaimValueTypes.Integer64)
};
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(new JwtToken
{
Token = encodedJwt,
ExpiresIn = (long)_jwtOptions.ValidFor.TotalSeconds,
});
}
private async Task <IEnumerable <Claim> > GenerateClaimsIdentity(User user)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = new List <Claim>();
for (int i = 0; i < roles.Count; i++)
{
roleClaims.Add(new Claim("roles", roles[i]));
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtSettings.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtSettings.IssuedAt).ToString(),
ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(Constants.Strings.JwtClaimIdentifiers.Id, user.Id.ToString()),
}
.Union(userClaims)
.Union(roleClaims);
return(claims);
}
public async Task <ClaimsIdentity> GenerateClaimsIdentity(int userId, RoleType role)
{
_logger.LogInformation($"{nameof(JwtService)}.{nameof(GenerateClaimsIdentity)}.Start");
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, await _jwtSettings.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, _jwtSettings.IssuedAt.ToUnixEpochDate().ToString(),
ClaimValueTypes.Integer64),
new Claim(ClaimsIdentity.DefaultNameClaimType, userId.ToString(), ClaimValueTypes.Integer, _jwtSettings.Issuer),
new Claim(ClaimsIdentity.DefaultRoleClaimType, ((int)role).ToString(), ClaimValueTypes.String,
_jwtSettings.Issuer)
};
var result = new ClaimsIdentity(claims, "AccessToken", ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
_logger.LogInformation($"{nameof(JwtService)}.{nameof(GenerateClaimsIdentity)}.End");
return(result);
}
public async Task <string> CreateToken(
string userId,
string userName,
string email,
IEnumerable <Permissions> permissions)
{
var claims = new[]
{
new Claim(
JwtRegisteredClaimNames.Sub,
userId),
new Claim(
JwtRegisteredClaimNames.GivenName,
userName),
new Claim(
JwtRegisteredClaimNames.Email,
email),
new Claim(
JwtRegisteredClaimNames.Jti,
await _jwtSettings.JtiGenerator()),
new Claim(
JwtRegisteredClaimNames.Iat,
new DateTimeOffset(_jwtSettings.IssuedAt).ToUnixTimeSeconds().ToString(),
ClaimValueTypes.Integer64),
new Claim(
JwtRegisteredCustomClaimNames.Permissions,
permissions.PackPermissions()),
};
var jwt = new JwtSecurityToken(
_jwtSettings.Issuer,
_jwtSettings.Audience,
claims,
_jwtSettings.NotBefore,
_jwtSettings.Expiration,
_jwtSettings.SigningCredentials);
return(new JwtSecurityTokenHandler().WriteToken(jwt));
}