public JWTAndRefreshToken Login(string login, string password) { var person = _personRepository.GetPersonByLoginAndPassword(login, password); if (person != null) { ClaimsIdentity identity = GetIdentity(login, password); if (identity == null) { jwt = null; return(null); } DateTime timeNow = DateTime.UtcNow; jwt = new JwtSecurityToken( issuer: JWTOptions.ISSUER, audience: JWTOptions.AUDIENCE, claims: identity.Claims, notBefore: timeNow, expires: timeNow.AddMinutes(1), signingCredentials: new SigningCredentials( JWTOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); string accessToken = new JwtSecurityTokenHandler().WriteToken(jwt); string refreshToken = Guid.NewGuid().ToString(); person.RefreshToken = refreshToken; _personRepository.Update(person); JWTAndRefreshToken JWTAndRefreshToken = new JWTAndRefreshToken { AccessToken = accessToken, RefreshToken = refreshToken }; return(JWTAndRefreshToken); } return(null); }
public async Task <string> GenerateEncodedToken(string email, ClaimsIdentity identity) { var now = DateTime.UtcNow; var user = await _userManager.FindByEmailAsync(email); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, email), new Claim(JwtRegisteredClaimNames.Jti, await JWTOptions.NonceGenerator()), new Claim(JwtRegisteredClaimNames.Iat, UnixEpochDateGenerator.ToUnixEpochDate(now).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(Constants.Strings.JwtClaimIdentifiers.Rol), identity.FindFirst(Constants.Strings.JwtClaimIdentifiers.Id) }; // создаем JWT-токен var jwt = new JwtSecurityToken( issuer: JWTOptions.ISSUER, audience: JWTOptions.AUDIENCE, notBefore: now, claims: claims, expires: now.Add(TimeSpan.FromMinutes(JWTOptions.LIFETIME)), signingCredentials: new SigningCredentials(JWTOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public void InstallServices(IServiceCollection services, IConfiguration configuration) { var JWTOptions = new JWTOptions(); configuration.GetSection(JWTOptions.SectionName).Bind(JWTOptions); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = true; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = JWTOptions.Issuer, ValidateAudience = true, ValidAudience = JWTOptions.Audience, ValidateLifetime = true, ValidateIssuerSigningKey = true, IssuerSigningKey = JWTOptions.GetSymmetricSecurityKey() }; }); }
public JwtSecurityToken CreateJWTToken(UserIdentity identity) { var now = DateTime.UtcNow; var JWTToken = new JwtSecurityToken( issuer: _JWTOptions.Issuer, audience: _JWTOptions.Audience, notBefore: now, claims: GetClaims(identity), expires: now.Add(TimeSpan.FromMinutes(_JWTOptions.LifeTime)), signingCredentials: new SigningCredentials( key: _JWTOptions.GetSymmetricSecurityKey(), algorithm: SecurityAlgorithms.HmacSha256) ); return(JWTToken); }
private void SetupJWT(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = true, ValidIssuer = JWTOptions.ISSUER, ValidateAudience = true, ValidAudience = JWTOptions.AUDIENCE, ValidateLifetime = true, IssuerSigningKey = JWTOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true }; }); services.AddAuthorization(); }