コード例 #1
0
        protected async Task <IActionResult> GenerateJWTToken(TUser user)
        {
            var rolesAndScopes = await AuthenticationHelper.GetRolesAndScopesAsync(user, _userManager, _roleManager);

            var roles  = rolesAndScopes.Roles;
            var scopes = rolesAndScopes.Scopes;

            if (!string.IsNullOrWhiteSpace(_privateSigningKeyPath))
            {
                var key     = SigningKey.LoadPrivateRsaSigningKey(_privateSigningKeyPath);
                var results = JwtTokenHelper.CreateJwtTokenSigningWithRsaSecurityKey(user.Id, user.UserName, user.Email, roles, _tokenExpiryMinutes, key, _localIssuer, _audience, scopes.ToArray());
                return(Created("", results));
            }
            else if (!string.IsNullOrWhiteSpace(_privateSigningCertificatePassword))
            {
                var key     = SigningKey.LoadPrivateSigningCertificate(_privateSigningCertificatePath, _privateSigningCertificatePassword);
                var results = JwtTokenHelper.CreateJwtTokenSigningWithCertificateSecurityKey(user.Id, user.UserName, user.Email, roles, _tokenExpiryMinutes, key, _localIssuer, _audience, scopes.ToArray());
                return(Created("", results));
            }
            else
            {
                var key     = SigningKey.LoadSymmetricSecurityKey(_privateSymmetricKey);
                var results = JwtTokenHelper.CreateJwtTokenSigningWithKey(user.Id, user.UserName, user.Email, roles, _tokenExpiryMinutes, key, _localIssuer, _audience, scopes.ToArray());
                return(Created("", results));
            }
        }
        protected async Task <IActionResult> GenerateJWTToken(TUser user)
        {
            //Add roles
            var roles = await _userManager.GetRolesAsync(user);

            var scopes = (await _userManager.GetClaimsAsync(user)).Where(c => c.Type == "scope").Select(c => c.Value).ToHashSet();

            var ownerRole = await _roleManager.FindByNameAsync("authenticated");

            if (ownerRole != null)
            {
                var roleScopes = (await _roleManager.GetClaimsAsync(ownerRole)).Where(c => c.Type == "scope").Select(c => c.Value).ToList();
                foreach (var scope in roleScopes)
                {
                    scopes.Add(scope);
                }
            }

            //Add role scopes.
            foreach (var roleName in roles)
            {
                var role = await _roleManager.FindByNameAsync(roleName);

                if (role != null)
                {
                    var roleScopes = (await _roleManager.GetClaimsAsync(role)).Where(c => c.Type == "scope").Select(c => c.Value).ToList();
                    foreach (var scope in roleScopes)
                    {
                        scopes.Add(scope);
                    }
                }
            }

            if (!string.IsNullOrWhiteSpace(_privateSigningKeyPath))
            {
                var key     = SigningKey.LoadPrivateRsaSigningKey(_privateSigningKeyPath);
                var results = JwtTokenHelper.CreateJwtTokenSigningWithRsaSecurityKey(user.Id, user.UserName, roles, _tokenExpiryMinutes, key, _localIssuer, "api", scopes.ToArray());
                return(Created("", results));
            }
            else if (!string.IsNullOrWhiteSpace(_privateSigningCertificatePassword))
            {
                var key     = SigningKey.LoadPrivateSigningCertificate(_privateSigningCertificatePassword, _privateSigningCertificatePassword);
                var results = JwtTokenHelper.CreateJwtTokenSigningWithCertificateSecurityKey(user.Id, user.UserName, roles, _tokenExpiryMinutes, key, _localIssuer, "api", scopes.ToArray());
                return(Created("", results));
            }
            else
            {
                var results = JwtTokenHelper.CreateJwtTokenSigningWithKey(user.Id, user.UserName, roles, _tokenExpiryMinutes, _privateSymmetricKey, _localIssuer, "api", scopes.ToArray());
                return(Created("", results));
            }
        }