public string GenerateJwtToken(ClaimsPrincipal principal)
{
var securityStampClaimType = _identityOptions.ClaimsIdentity.SecurityStampClaimType;
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = _identityConfig.Issuer,
Audience = _identityConfig.IssueForAudience,
Subject = new ClaimsIdentity(principal.Claims.Where(x => !new [] { "token_expiry", securityStampClaimType }.Contains(x.Type))),
Expires = DateTime.UtcNow.AddMinutes(principal.GetTokenExpiry()),
SigningCredentials = new SigningCredentials(new RsaSecurityKey(_keyContainer.GetKey().PrivateKey)
{
KeyId = _keyContainer.GetKey().KeyId
}, SecurityAlgorithms.RsaSha512)
};
var tokenHandler = new JwtSecurityTokenHandler();
return(tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)));
}
public async Task <HealthCheckResult> CheckHealthAsync(HealthCheckContext context, CancellationToken cancellationToken = new CancellationToken())
{
var key = _keyContainer.GetKey();
if (key == null)
{
return(HealthCheckResult.Unhealthy("Key isn't generated or doesn't exist"));
}
if (key.CreatedAt + TimeSpan.FromMinutes(10) + TimeSpan.FromSeconds(30) < DateTime.Now)
{
return(HealthCheckResult.Unhealthy("key wasn't generated in last 10 minutes 30 seconds"));
}
var elapsedSinceCreated = DateTime.Now - key.CreatedAt;
return(key.CreatedAt + TimeSpan.FromMinutes(5) + TimeSpan.FromSeconds(30) < DateTime.Now
? HealthCheckResult.Degraded($"key was generated {elapsedSinceCreated} ago")
: HealthCheckResult.Healthy($"key was generated {elapsedSinceCreated} ago"));
}
