public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } var signature = new HmacSigningCredentials(_secret); var signingCredentials = new SigningCredentials( signature.SigningKey, signature.SignatureAlgorithm, signature.DigestAlgorithm); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken( _issuer, "Any", data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials); var jwt = new JwtSecurityTokenHandler().WriteToken(token); return(jwt); }
/// <summary> /// Creates a JWT from an Authentication Ticket. /// </summary> /// <param name="data">Authentiction Ticket.</param> /// <returns></returns> public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null; if (string.IsNullOrWhiteSpace(audienceId)) { throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience"); } Audience audience = AudiencesStore.FindAudience(audienceId); string symmetricKeyAsBase64 = audience.Base64Secret; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
private string ISecureDataFormat_Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = AppConfiguration.GetByKey(GlobalLegaSys.ClientId); string symmetricKeyAsBase64 = AppConfiguration.GetByKey(GlobalLegaSys.ClientSecret); dynamic keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); dynamic signingKey = new HmacSigningCredentials(keyByteArray); dynamic issued = data.Properties.IssuedUtc; dynamic expires = data.Properties.ExpiresUtc; dynamic token = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.UtcDateTime, expires.UtcDateTime, signingKey); dynamic handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); dynamic jwt = handler.WriteToken(token); return(jwt); }
/// Generated the token in format JWT /// </summary> /// <param name="data">Data for generated token</param> /// <returns>Token generated</returns> /// <author> Natalia Ladino - [email protected] </author> public string Protect(AuthenticationTicket data) { string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null; if (string.IsNullOrWhiteSpace(audienceId)) { throw new InvalidOperationException(Resources.Message_es.InvalidAudience); } blAUdience = new BlAudience(); Audience audience = blAUdience.GetAudienceByClientId(audienceId); if (!string.IsNullOrEmpty(audience.Secret)) { string symmetricKeyAsBase64 = audience.Secret; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(issuerGenerated, audienceId, data.Identity.Claims, issued.Value.LocalDateTime, expires.Value.LocalDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); } else { throw new InvalidOperationException(Resources.Message_es.ExceptionSecret); } }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var currentUtc = new SystemClock().UtcNow; data.Properties.IssuedUtc = currentUtc; double expirationTimeMin = double.Parse(ConfigurationManager.AppSettings["ExpirationTimeTokenInMin"]); data.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(expirationTimeMin)); var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, currentUtc.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } if (string.IsNullOrWhiteSpace(_audienceId)) { throw new InvalidOperationException("AuthenticationTicket Properties does not include audience"); } var keyByteArray = TextEncodings.Base64Url.Decode(_symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, _audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } // this API serves as Resource and Authorization Server at the same time, // so we are fixing the Audience Id and Audience Secret (Resource Server) in web.config file, // this Audience Id and Secret will be used for HMAC265 and hash the JWT token. (see: AudienceService for generating these) string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; // prepare the raw data for the JSON Web Token which will be issued to the requester by providing the // issuer, audience, user claims, issue date, expiry date, and the signing key which will sign (hash) the JWT payload. var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); // Serialize the JSON Web Token to a string and return it to the requester. var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = data.Properties.Dictionary["AudienceId"]; string symmetricKeyAsBase64 = data.Properties.Dictionary["AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); //var signingKey = new SigningCredentials( // new InMemorySymmetricSecurityKey(keyByteArray), // signatureAlgorithm: "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256", // digestAlgorithm: "http://www.w3.org/2001/04/xmlenc#sha256"); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = System.Configuration.ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = System.Configuration.ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new System.IdentityModel.Tokens.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new System.IdentityModel.Tokens.JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); //this.Unprotect("eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTM4NCJ9.eyJuYW1laWQiOiIyZGMxZTRlMC0xNjdjLTQ4MWQtOTZjMC0zOGQzYmIxNzA5ZDgiLCJ1bmlxdWVfbmFtZSI6IlVzdWFyaW8iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2FjY2Vzc2NvbnRyb2xzZXJ2aWNlLzIwMTAvMDcvY2xhaW1zL2lkZW50aXR5cHJvdmlkZXIiOiJBU1AuTkVUIElkZW50aXR5IiwiQXNwTmV0LklkZW50aXR5LlNlY3VyaXR5U3RhbXAiOiJiNWNiMGMxYi05OWI2LTQ1NmItOWRiMC0xODRiNjE0NzVjNDciLCJyb2xlIjoiVXNlciIsIk15VHlwZSI6IjQ1IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDg5IiwiYXVkIjoiVHdpY2VUYWxlbnQiLCJleHAiOjE0ODk4NTMwNzgsIm5iZiI6MTQ4OTc2NjY3OH0.wuj8cRpwjCr75eyLrPpgvwUk8l0cmR07Cxetm_Ei2_Ym6At32QteM22tqT2hSaph"); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string clientId = ConfigurationManager.AppSettings.Get("ClientIdApi"); if (string.IsNullOrWhiteSpace(clientId)) { throw new InvalidOperationException("AuthenticationTicket.Properties does not include AccessData"); } AccessData accessData = new AccessDataFactory().Get(); string symmetricKeyAsBase64 = accessData.Base64Secret; byte[] keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); HmacSigningCredentials signingKey = new HmacSigningCredentials(keyByteArray); DateTimeOffset?issued = data.Properties.IssuedUtc; DateTimeOffset?expires = data.Properties.ExpiresUtc; JwtSecurityToken token = new JwtSecurityToken(_issuer, clientId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); string jwt = handler.WriteToken(token); new LogWebApiScmFactory().SaveLog("Token", JsonConvert.SerializeObject(token), "Gerando token", string.Format("Token gerado: {0}", jwt), HttpContext.Current); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } var credentials = new HmacSigningCredentials(_secret); // Finally create a Token //var header = new JwtHeader(credentials); var handler = new JwtSecurityTokenHandler(); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; return(new JwtSecurityTokenHandler() .WriteToken(new JwtSecurityToken(_issuer, "Any", data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime , credentials ))); }
public string GenerateDobiToken(DobiBasicInformation dobi) { try { var issuer = WebConfigurationManager.AppSettings["issuer"]; var audience = WebConfigurationManager.AppSettings["aud"]; var key = WebConfigurationManager.AppSettings["secret"]; var identity = new ClaimsIdentity("JWT"); identity.AddClaim(new Claim("dobiId", dobi.DobiId)); identity.AddClaim(new Claim("name", dobi.Name)); identity.AddClaim(new Claim("phone", dobi.Phone)); identity.AddClaim(new Claim("photo", dobi.Photo ?? "")); identity.AddClaim(new Claim(ClaimTypes.Role, "dobi")); var now = DateTime.UtcNow; var expires = now.AddDays(Validity); var symmetricKeyAsBase64 = key; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var token = new JwtSecurityToken(issuer, audience, identity.Claims, now, expires, signingKey); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.WriteToken(token); return(jwtToken); } catch (Exception e) { throw; } }
public string Protect(AuthenticationTicket data) { AppLogger.Instance.LogBegin(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name); try { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = ConfigurationReader.Instance.GetAppSetting(AppSettingKeys.AudienceId); string symmetricKeyAsBase64 = ConfigurationReader.Instance.GetAppSetting(AppSettingKeys.AudienceSecret); var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.DateTime, expires.Value.DateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); AppLogger.Instance.LogEnd(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name); return(jwt); } catch (Exception ex) { AppLogger.Instance.Log(eLogType.Error, ex.ToString()); return(null); } finally { AppLogger.Instance.LogEnd(this.GetType().Name, System.Reflection.MethodInfo.GetCurrentMethod().Name); } }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = "all"; string symmetricKeyAsBase64 = "UHxNtYMRYwvfpO1dS5pWLKL0M2DgOj40EbN4SoBWgfc"; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = "099153c2625149bc8ecb3e85e03f0022"; string symmetricKeyAsBase64 = "IxrAjDoa2FqElO7IhrSrUJELhUckePEPVpaePlS_Xaw"; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
/// <summary> /// Protects the specified data. /// </summary> /// <param name="data">The data.</param> /// <returns></returns> /// <exception cref="System.ArgumentNullException">data</exception> /// <exception cref="System.InvalidOperationException">AuthenticationTicket.Properties does not include audience</exception> public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } var audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; var keyByteArray = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["as:AudienceSecret"]); if (string.IsNullOrWhiteSpace(audienceId) || keyByteArray == null) { throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience and/or keybyte"); } Array.Resize(ref keyByteArray, 48); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } //string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; //string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; //var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); //var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray); //var signatureCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); //var issued = data.Properties.IssuedUtc; //var expires = data.Properties.ExpiresUtc; //var token = new JwtSecurityToken(_issuer, // audienceId, // data.Identity.Claims, // issued.Value.UtcDateTime, // expires.Value.UtcDateTime, // signatureCredentials); //var handler = new JwtSecurityTokenHandler(); //var jwt = handler.WriteToken(token); //return jwt; string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); // var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
internal static ClaimsPrincipal ValidateToken(TokenValidationParameters validationParams, string tokenString, string secretKey) { validationParams.IssuerSigningToken = new BinarySecretSecurityToken(HmacSigningCredentials.ParseKeyString(secretKey)); JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); SecurityToken validatedToken = null; return(tokenHandler.ValidateToken(tokenString, validationParams, out validatedToken)); }
private JwtSecurityToken GetJwtSecurityToken(AuthenticationTicket ticket, Client client) { byte[] securityKey = TextEncodings.Base64Url.Decode(client.Secret); var signingKey = new HmacSigningCredentials(securityKey); DateTimeOffset?issued = ticket.Properties.IssuedUtc; DateTimeOffset?expires = ticket.Properties.ExpiresUtc; var token = new JwtSecurityToken(client.Name, client.ClientId, ticket.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); return(token); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(); } var signingKey = new HmacSigningCredentials(_secret); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; return(new JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, _issuer, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey))); }
private SigningCredentials CreateHmac() { string audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); // 32:HmacSha256 / 48:HmacSha384 / 64:HmacSha512 // var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray); // var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature); return(signingKey); }
public static string GenerateToken(this ClaimsIdentity identity, string audienceId, string symmetricKeyAsBase64, string issuer, DateTimeOffset?issued, DateTimeOffset?expires) { var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var token = new JwtSecurityToken(issuer, audienceId, identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); string jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } var signingKey = new HmacSigningCredentials(_securitySettings.AudienceSecret); var token = new JwtSecurityToken(_securitySettings.Issuer, _securitySettings.AudienceId, data.Identity.Claims, data.Properties.IssuedUtc?.UtcDateTime, data.Properties.ExpiresUtc?.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } var audienceId = ConfigurationManager.AppSettings["as:AudienceId"]; string symmetricKeyAsBase64 = ConfigurationManager.AppSettings["as:AudienceSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; //var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new ApplicationDbContext())); //if(HttpContext.Current != null) //{ // var app = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>(); // var user = app.FindByName(data.Identity.Name); // foreach(var role in roleManager.Roles) // { // if(user.Roles.Any(r=>r.RoleId.Equals(role.Id))) // { // var rClaims = _roleClaims.Where(r => r.RoleId.Equals(role.Id)).ToList(); // foreach(var rClaim in rClaims) // { // var claim = _claims.FirstOrDefault(c=>c.Id == rClaim.ClaimId); // var securityClaim = // new System.Security.Claims.Claim("userClaimsPerRole", claim.ClaimValue); // data.Identity.AddClaim(securityClaim); // } // } // } //} var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public IHttpActionResult refreshToken() { var authHeader = Request.Headers.FirstOrDefault(h => h.Key.Equals("Authorization")); var bearJwtToken = authHeader.Value.FirstOrDefault(); if (string.IsNullOrEmpty(bearJwtToken)) { return(BadRequest("Authorization required")); } var arr = bearJwtToken.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries); if (arr.Length < 2) { return(BadRequest("Invalid Token")); } var jwtTokenStr = arr[1]; var tokenHandler = new JwtSecurityTokenHandler(); var jwtToken = tokenHandler.ReadToken(jwtTokenStr) as JwtSecurityToken; var appConfig = new AppConfig(); var audienceId = appConfig["clientId"]; var issuer = appConfig["issuer"]; var configExpire = appConfig["expireMinutes"]; var claims = jwtToken.Claims; var notBefore = DateTime.Now; double expireMinutes = 0; if (!double.TryParse(configExpire, out expireMinutes)) { expireMinutes = 30; } var expires = notBefore.AddMinutes(expireMinutes); Audience audience = AudiencesStore.FindAudience(audienceId); string symmetricKeyAsBase64 = audience.Base64Secret; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var newToken = new JwtSecurityToken(issuer, audienceId, claims, notBefore, expires, signingKey); var jwt = tokenHandler.WriteToken(newToken); return(Ok(jwt)); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } var signingKey = new HmacSigningCredentials(_secret); //var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(_secret); //var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; return(new JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, "Any", data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey))); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } var signingKey = new HmacSigningCredentials(_secret); // create a HMAC-SHA256 signing key var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var jwt = new JwtSecurityTokenHandler().WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { var clientId = ConfigurationManager.AppSettings["as:ClientId"]; var secret = ConfigurationManager.AppSettings["as:ClientSecret"]; var keyByteArray = TextEncodings.Base64Url.Decode(secret); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, clientId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException(nameof(data)); } //var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(_secret, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256); //var signingKey = new System.IdentityModel.Tokens.SigningCredentials( // new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["secret"])), // System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature); var signingKey = new HmacSigningCredentials(_secret); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; return(new System.IdentityModel.Tokens.JwtSecurityTokenHandler().WriteToken(new JwtSecurityToken(_issuer, null, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey))); }