public TokenProviderOptions() { Path = "/api/token"; Issuer = "ExampleIssuer"; Audience = "ExampleAudience"; Expiration = TimeSpan.FromDays(1); var secretKey = "mysupersecret_secretkey!123"; var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)); SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = "ExampleIssuer", // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = Audience, // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero }; }
public void TokenExpirationTest() { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials, Expiration = TimeSpan.FromMilliseconds(1000) }; var provider = new TokenProvider(options); var token = provider.GenerateUserToken(1, "John Dwo"); var id = provider.ValidateToken(token.access_token); Assert.NotNull(id); Assert.Equal(1, id.Value); }
public void TokenPerformanceTest() { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials }; var provider = new TokenProvider(options); for (int i = 0; i < 128 * 2; i++) { var token = provider.GenerateUserToken(1, "John Dwo"); } Stopwatch stopwatch = Stopwatch.StartNew(); int limit = 128 * 1024; for (int i = 0; i < limit; i++) { var token = provider.GenerateUserToken(i, "John Dwo"); } stopwatch.Stop(); var output = string.Format("{0} tokens/sec", 1000.0 * limit / stopwatch.Elapsed.TotalMilliseconds); Console.WriteLine(output); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { var audienceConfig = Configuration.GetSection("Audience"); var symmetricKeyAsBase64 = audienceConfig["Secret"]; var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64); var signingKey = new SymmetricSecurityKey(keyByteArray); var options = new TokenProviderOptions { Audience = "ExampleAudience", Issuer = "ExampleIssuer", SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256), }; var tokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = options.Issuer, // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = options.Audience, // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero }; loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseJwtBearerAuthentication(new JwtBearerOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, TokenValidationParameters = tokenValidationParameters, }); app.UseMiddleware<CustomTokenProviderMiddleware>(Options.Create(options)); app.UseMvc(); }
/// <summary> /// Generates Defauls SigningCredentials /// SigningCredentials generated from random key using HmacSha256Signature algorithm /// </summary> /// <returns>Generated SigningCredentials</returns> public static SigningCredentials DefaultSigningCredentials() { if (TokenProvider._signingCredentials != null) return TokenProvider._signingCredentials; lock(TokenProvider.s_lock) { if (TokenProvider._signingCredentials != null) return TokenProvider._signingCredentials; var keyForHmacSha256 = Common.Crypto.GetRandomBytes(64); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); _signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); return _signingCredentials; } }
public Startup(IHostingEnvironment env) { var builder = new ConfigurationBuilder() .SetBasePath(env.ContentRootPath) .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true) .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true) .AddEnvironmentVariables(); if (env.IsDevelopment()) { builder.AddUserSecrets(); } Configuration = builder.Build(); _signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration["SecretKey"])); }
private void ConfigureToken(IServiceCollection services) { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials, Expiration = TimeSpan.FromMilliseconds(1000) }; var tokenProvider = new TokenProvider(options); services.AddSingleton(tokenProvider); }
private string GenerateJwtToken(UserTokenVM request) { var claims = new List <Claim> { new Claim("userId", request.UserId.ToString()), new Claim("roleId", request.RoleId.ToString()), new Claim(JwtRegisteredClaimNames.Sub, request.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Auth:JWToken:key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.Now.AddSeconds(double.Parse(_configuration["Auth:JWToken:expireValueSeconds"])); var token = new JwtSecurityToken( _configuration["Auth:JWToken:issuer"], _configuration["Auth:JWToken:issuer"], claims, expires: expires, signingCredentials: creds ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
private string GenerateJwtToken(UserInfo user) { //create claims details based on the user information var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _configuration["Jwt:Subject"]), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()), new Claim("Id", user.UserId.ToString()), new Claim("FirstName", user.FirstName), new Claim("LastName", user.LastName), new Claim("UserName", user.UserName), new Claim("Email", user.Email) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(_configuration["Jwt:Issuer"], _configuration["Jwt:Audience"], claims, expires: DateTime.UtcNow.AddDays(1), signingCredentials: signIn); var jwtToken = new JwtSecurityTokenHandler().WriteToken(token); return(jwtToken); }
private SessionToken BuildToken(Aluno aluno) { var claims = new[] { new Claim(JwtRegisteredClaimNames.UniqueName, aluno.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); // tempo de expiração do token: 1 hora var expiration = DateTime.UtcNow.AddHours(1); JwtSecurityToken token = new JwtSecurityToken( issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds); return(new SessionToken { Id_User = aluno.Id, Token = new JwtSecurityTokenHandler().WriteToken(token) }); }
public string GetToken(User user, bool hasCompany) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSecret)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var expirationTime = DateTime.UtcNow.AddMinutes(_jwtLifespan); var claims = new List <Claim> { new Claim("Id", Convert.ToString(user.Id)), new Claim("Name", Convert.ToString(user.Name)), new Claim("Email", Convert.ToString(user.Email)), new Claim("hasCompany", Convert.ToString(hasCompany)) }; var token = new JwtSecurityToken( issuer: _configuration["Jwt:Site"], audience: _configuration["Jwt:Site"], expires: expirationTime, signingCredentials: credentials, claims: claims ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task GenerateTokenAsync(UserManager <TodoUser> userManager, HttpContext context) { var loginInfo = await JsonSerializer.DeserializeAsync <LoginInfo>(context.Request.Body, _options); var user = await userManager.FindByNameAsync(loginInfo?.UserName); if (user == null || !await userManager.CheckPasswordAsync(user, loginInfo.Password)) { context.Response.StatusCode = StatusCodes.Status401Unauthorized; return; } var claims = new List <Claim>(); if (user.IsAdmin) { claims.Add(new Claim("can_delete", "true")); claims.Add(new Claim("can_view", "true")); } var key = new SymmetricSecurityKey(_jwtSettings.Key); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: _jwtSettings.Issuer, audience: _jwtSettings.Audience, claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds ); context.Response.ContentType = "application/json"; await JsonSerializer.SerializeAsync(context.Response.Body, new { token = new JwtSecurityTokenHandler().WriteToken(token) }); }
private string GenerateJSONWebToken(Usuario userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.NameId, userInfo.Nome), new Claim(JwtRegisteredClaimNames.Email, userInfo.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, userInfo.IdAcessoNavigation.Tipo) }; var token = new JwtSecurityToken ( _config["Jwt:Issuer"], _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddMinutes(120), signingCredentials: credentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public JwtDto GenerateToken <T>(T model) where T : class, new() { var jwtToken = GetJwtModel(); var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtToken.JwtKey)); Type t = model.GetType(); var claims = new List <Claim>(); foreach (var property in t.GetProperties()) { claims.Add(new Claim(property.Name, (string)t.GetProperty(property.Name).GetValue(model) ?? "")); } claims.Add(new Claim(JwtRegisteredClaimNames.Acr, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Exp, new DateTimeOffset(DateTime.Now.AddDays(1)).ToUnixTimeSeconds().ToString())); var token = new JwtSecurityToken( issuer: jwtToken.JwtIssuer, audience: jwtToken.JwtAudience, claims: claims, notBefore: DateTime.Now, expires: DateTime.Now.AddDays(jwtToken.JwtExpireDays), signingCredentials: new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256) ); return(new JwtDto() { Type = JwtBearerDefaults.AuthenticationScheme, AccessToken = new JwtSecurityTokenHandler().WriteToken(token), Expires = DateTime.Now.AddDays(jwtToken.JwtExpireDays) }); }
public string CreateToken(AppUser user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["AppSettings:Token"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
private void ConfigureJwtAuthenticationService(IConfiguration configuration, IServiceCollection services) { var audience = Configuration.GetSection("Audience"); var symmetrickey = audience["secret"]; var byteArray = Encoding.ASCII.GetBytes(symmetrickey); var signingkey = new SymmetricSecurityKey(byteArray); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = signingkey, ValidateIssuer = true, ValidIssuer = audience["issuer"], ValidateAudience = true, ValidAudience = audience["audience"], ValidateLifetime = true, ClockSkew = TimeSpan.FromMinutes(5) }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(o => o.TokenValidationParameters = tokenValidationParameters); }
public IActionResult GenerateToken([FromQuery] string username, [FromQuery] string password) { bool isValidUser = _authService.IsValid(username, password); if (!isValidUser) { return BadRequest("invalid user/pass combination"); } var claims = _authService.GetUserClaims(username).Select(name => new Claim(name, "true")); var key = new SymmetricSecurityKey(JwtSettings.Instance.Key); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: JwtSettings.Instance.Issuer, claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds ); return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) }); }
private string GenerateJSONWebToken(UserModel user) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Email, user.EmailAddress), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, user.Role) }; var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddMinutes(20), signingCredentials: credentials); var encodeToken = new JwtSecurityTokenHandler().WriteToken(token); return(encodeToken); }
public IActionResult Generate() { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, "some_identity_id"), new Claim("teacher says", "he is good boy") }; var secret = Encoding.UTF8.GetBytes(AppConsts.Secret); var key = new SymmetricSecurityKey(secret); var algorithm = SecurityAlgorithms.HmacSha256; var signingCredentials = new SigningCredentials(key, algorithm); var jwt = new JwtSecurityToken(AppConsts.Issuer, AppConsts.Audience, claims, notBefore: DateTime.Now, expires: DateTime.Now.AddHours(12), signingCredentials); var tokenString = new JwtSecurityTokenHandler().WriteToken(jwt); return(Ok(new { access_token = tokenString })); }
// Generates a Json Web Token and returns it to the user. The user should store and use this in every request // For every authorized request use following header: "authorization" and set value to "Bearer your-token-here" private async Task <string> GenerateJwtToken(string email, IdentityUser user, string roleName) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id), new Claim(ClaimTypes.Role, roleName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.Now.AddDays(Convert.ToDouble(_configuration["JwtExpireDays"])); var token = new JwtSecurityToken( _configuration["JwtIssuer"], _configuration["JwtIssuer"], claims, expires: expires, signingCredentials: creds ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task <IActionResult> Post(Customer customer) { if (customer != null && customer.Email != null && customer.Password != null) { var user = await GetUser(customer.Email, customer.Password); if (user != null) { //create claims details based on the user information var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _configuration["Jwt:Subject"]), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()), new Claim("Id", user.CustomerId.ToString()), new Claim("Name", user.Name), new Claim("Email", user.Email) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(_configuration["Jwt:Issuer"], _configuration["Jwt:Audience"], claims, expires: DateTime.UtcNow.AddDays(1), signingCredentials: signIn); return(Ok(new JwtSecurityTokenHandler().WriteToken(token))); } else { return(BadRequest("Invalid credentials")); } } else { return(BadRequest()); } }
public string CreateToken(User user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.Email) }; // generate signing credentials var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("super secret key")); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public static string GenerateToken(string randomString, string secretKey, string issuer, string audience) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey)); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); SecurityTokenDescriptor descriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, randomString), new Claim(MemberPropertyEnum.MemberEmail.ToString(), "*****@*****.**"), }), Expires = DateTime.Now.AddDays(7), Issuer = issuer, Audience = audience, SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256) }; JwtSecurityToken token = handler.CreateJwtSecurityToken(descriptor); token.Payload["favouriteFood"] = "cheese"; return(handler.WriteToken(token)); }
private string CreateJWT(User user) { var secretKey = configuration.GetSection("AppSettings:Key").Value; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey)); var claims = new Claim[] { new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()) }; var signingCredentials = new SigningCredentials( key, SecurityAlgorithms.HmacSha256Signature ); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.UtcNow.AddDays(10), SigningCredentials = signingCredentials }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public IActionResult GetToken() { var claims = new[] { new Claim(ClaimTypes.Name, "Steve"), new Claim(ClaimTypes.Email, Constants.UserEmail) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtSigningKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "yourdomain.com", audience: "yourdomain.com", claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); }
private async Task <string> GenerateJwtTokenAsync(string userName) { var user = await _userManager.FindByEmailAsync(userName); var roles = await _userManager.GetRolesAsync(user); // just for the first time if (user.Email == "*****@*****.**") { user.IsAdmin = true; await _dbContext.SaveChangesAsync(); } var claims = new[] { new Claim(ClaimTypes.Name, user.Name), new Claim("UserId", user.Id.ToString()), (user.IsAdmin) ?new Claim(ClaimTypes.Role, "admin") :new Claim(ClaimTypes.Role, "member") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("M!nAAzManBehtanNist!!!!ValiManKharamUnKharTa@re")); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "M!nA", audience: "M!nA", claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); var stringToken = new JwtSecurityTokenHandler().WriteToken(token); return(stringToken); }
public object GetJwtToken() { var userId = User.Claims.First(x => x.Type == ClaimTypes.NameIdentifier).Value; string key = _configuration.GetValue <string>("Jwt:EncryptionKey"); string issuer = _configuration.GetValue <string>("Jwt:Issuer"); string audience = _configuration.GetValue <string>("Jwt:Audience"); var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var permClaims = new List <Claim>(); permClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); permClaims.Add(new Claim("discordId", userId)); var token = new JwtSecurityToken(issuer, audience, permClaims, null, DateTime.Now.AddDays(30), credentials); var jwtToken = new JwtSecurityTokenHandler().WriteToken(token); return(new { ApiToken = jwtToken }); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username, userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8. GetBytes(_Config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDiscriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDiscriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
private string GenerateTokenbk() { //Header SymmetricSecurityKey _symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Authentication:SecrectKey"])); SigningCredentials signingCredentials = new SigningCredentials(_symmetricSecurityKey, SecurityAlgorithms.HmacSha256); JwtHeader header = new JwtHeader(signingCredentials); //Claims Claim[] claims = new[] { new Claim(ClaimTypes.Name, "Franklin Reveron"), new Claim(ClaimTypes.Role, "Admin"), new Claim(ClaimTypes.Email, "*****@*****.**"), }; //Payload JwtPayload payload = new JwtPayload ( _configuration["Authentication:Issuer"], _configuration["Authentication:Audience"], claims, DateTime.Now, DateTime.UtcNow.AddMinutes(20) ); var token = new JwtSecurityToken(header, payload); return(new JwtSecurityTokenHandler().WriteToken(token)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var audConfig = Configuration.GetSection("Audience"); var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(audConfig["Secret"])); var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, ValidateIssuer = true, ValidIssuer = audConfig["Iss"], ValidateAudience = true, ValidAudience = audConfig["Aud"], ValidateLifetime = true, ClockSkew = TimeSpan.Zero, RequireExpirationTime = true }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = "JwtKey"; options.DefaultChallengeScheme = "JwtKey"; }).AddJwtBearer("JwtKey", x => { x.RequireHttpsMetadata = false; x.TokenValidationParameters = tokenValidationParameters; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.AddLogging(loginBuilder => { loginBuilder.AddConfiguration(Configuration.GetSection("Logging")); loginBuilder.AddConsole(); loginBuilder.AddDebug(); }); services.AddOcelot(Configuration); }
public string GenerateJwtToken([NotNull] UserModel user) { List <Claim> claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Role, UserRole.User.ToString(), UserRole.Admin.ToString()) }; SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.JwtKey)); SigningCredentials credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); DateTime expires = DateTime.Now.AddDays(Convert.ToDouble(_settings.JwtExpireDays)); JwtSecurityToken token = new JwtSecurityToken( _settings.JwtIssuer, _settings.JwtIssuer, claims, expires: expires, signingCredentials: credentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
/// <summary> /// JWT erzeugen. Minimale Claim-Infos: Email und Rolle /// </summary> /// <returns>Token mit Claims</returns> private string GenerateJwtToken(string email, IEnumerable <string> roles) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:SecretKey"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var authClaims = new List <Claim> { new Claim(ClaimTypes.Email, email) }; foreach (string role in roles) { authClaims.Add(new Claim(ClaimTypes.Role, role)); } var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Audience"], claims: authClaims, expires: DateTime.Now.AddMinutes(30), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public object GenerateJwtToken(string email, int id, UserDTO user, IConfiguration _config) { var claims = new [] { new Claim(JwtRegisteredClaimNames.Sub, user.Username), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; var jwtkey = _config["Jwt:Key"]; var issuer = _config["Jwt:JwtIssuer"]; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( _config["Jwt:JwtIssuer"], _config["Jwt:JwtIssuer"], claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); var tokenString = new JwtSecurityTokenHandler().WriteToken(token); return(tokenString); }
public IActionResult RefreshToken(RefreshReq refreshReq) { if (!securityDb.checkIfTokenExists(refreshReq.refreshToken)) { return(NotFound()); } var claims = new[] { new Claim(ClaimTypes.Role, "Employee"), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["SecretKey"])); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512); var token = new JwtSecurityToken ( issuer: "Program", audience: "Ktokolwiek", claims: claims, expires: DateTime.Now.AddMinutes(60), signingCredentials: credentials ); var rToken = Guid.NewGuid(); securityDb.createRefreshToken(rToken); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = rToken })); }
public void ConfigureServices(IServiceCollection services) { services.AddDbContext <ApplicationDbContext> (options => { options.UseSqlServer(Configuration.GetConnectionString("ApplicationConnection")); }); services.AddIdentity <IdentityUser, IdentityRole> ().AddEntityFrameworkStores <ApplicationDbContext> (); services.AddMvc() .AddJsonOptions(opt => { opt.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore; }); var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("this is the secret phrase")); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(cfg => { cfg.RequireHttpsMetadata = false; cfg.SaveToken = true; cfg.TokenValidationParameters = new TokenValidationParameters() { IssuerSigningKey = signingKey, ValidateAudience = false, ValidateIssuer = false, ValidateLifetime = false, ValidateIssuerSigningKey = true }; }); services.AddCors(options => options.AddPolicy("Cors", builder => { builder .AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader(); })); services.AddScoped <IEmployee, EmployeeRepository> (); }
private async Task <string> GenerateJSONWebToken(IdentityUser user) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id) }; var roles = await _userManager.GetRolesAsync(user); claims.AddRange(roles.Select(r => new Claim(ClaimsIdentity.DefaultRoleClaimType, r))); var token = new JwtSecurityToken(_config["Jwt:Issuer"] , _config["Jwt:Issuer"], claims, null, expires: DateTime.Now.AddHours(5), signingCredentials: credentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
private UserToken BuildToken(string email, IList <string> roles) { List <Claim> claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.UniqueName, email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; foreach (var rol in roles) { claims.Add(new Claim(ClaimTypes.Role, rol)); } DateTime expiration = DateTime.UtcNow.AddHours(1); SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:key"])); SigningCredentials creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); JwtSecurityToken token = new JwtSecurityToken(claims: claims, expires: expiration, signingCredentials: creds); return(new UserToken() { Token = new JwtSecurityTokenHandler().WriteToken(token), Expiration = expiration }); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, SagaBus sagaBus, IOptions<OAuth20Configuration> oauthOptions) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseApplicationInsightsRequestTelemetry(); if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseBrowserLink(); } else { app.UseExceptionHandler("/Home/Error"); } app.UseApplicationInsightsExceptionTelemetry(); app.UseStaticFiles(); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = "Obsidian.Cookie", AutomaticChallenge = false, AutomaticAuthenticate = false }); var oauthConfig = oauthOptions.Value; var key = oauthConfig.TokenSigningKey; var signingKey = new SymmetricSecurityKey(Encoding.Unicode.GetBytes(key)); var param = new TokenValidationParameters { AuthenticationType = "Bearer", ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, ValidateIssuer = true, ValidIssuer = oauthConfig.TokenIssuer, ValidAudience = oauthConfig.TokenAudience }; app.UseJwtBearerAuthentication(new JwtBearerOptions { TokenValidationParameters = param, AutomaticAuthenticate = false, AutomaticChallenge = false }); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); MappingConfig.ConfigureQueryModelMapping(); sagaBus.RegisterSagas(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { // Add framework services. services.AddCors(options => { options.AddPolicy("CorsPolicy", builder => builder .AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader() .AllowCredentials()); }); Mapper.Initialize(cfg => { cfg.CreateMap<Pantry, PantryViewModel>().ReverseMap(); cfg.CreateMap<PantryItem, PantryItemViewModel>().ReverseMap(); }); services.AddMvc(config => { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); config.Filters.Add(new AuthorizeFilter(policy)); }); services.AddIdentity<ApplicationUser, IdentityRole>() .AddEntityFrameworkStores<ApplicationDbContext>(); var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions)); // Configure JwtIssuerOptions //TODO: Make sure to put this variable in a config & keep it safe string SecretKey = Configuration["SecretKey"]; Console.WriteLine($"Secret key: {SecretKey}"); _signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SecretKey)); services.Configure<JwtIssuerOptions>(options => { options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)]; options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)]; options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256); }); // Add application services services.AddTransient<PantryService, PantryService>(); services.Configure<IdentityOptions>(options => { // Password settings options.Password.RequireDigit = false; options.Password.RequiredLength = 6; options.Password.RequireNonAlphanumeric = false; options.Password.RequireUppercase = false; options.Password.RequireLowercase = false; // User settings options.User.RequireUniqueEmail = true; }); var sqlConnectionString = Configuration["ConnectionStrings:DataAccessMySqlProvider"]; Console.WriteLine($"sql conn from config file: {sqlConnectionString}"); services.AddDbContext<ApplicationDbContext>(options => options.UseMySQL(sqlConnectionString) ); string currentDirectory = Directory.GetCurrentDirectory(); Console.WriteLine($"Current directory: {currentDirectory}"); }