public TokenProviderOptions() { Path = "/api/token"; Issuer = "ExampleIssuer"; Audience = "ExampleAudience"; Expiration = TimeSpan.FromDays(1); var secretKey = "mysupersecret_secretkey!123"; var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)); SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); TokenValidationParameters = new TokenValidationParameters { // The signing key must match! ValidateIssuerSigningKey = true, IssuerSigningKey = signingKey, // Validate the JWT Issuer (iss) claim ValidateIssuer = true, ValidIssuer = "ExampleIssuer", // Validate the JWT Audience (aud) claim ValidateAudience = true, ValidAudience = Audience, // Validate the token expiry ValidateLifetime = true, // If you want to allow a certain amount of clock drift, set that here: ClockSkew = TimeSpan.Zero }; }
public void TokenPerformanceTest() { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials }; var provider = new TokenProvider(options); for (int i = 0; i < 128 * 2; i++) { var token = provider.GenerateUserToken(1, "John Dwo"); } Stopwatch stopwatch = Stopwatch.StartNew(); int limit = 128 * 1024; for (int i = 0; i < limit; i++) { var token = provider.GenerateUserToken(i, "John Dwo"); } stopwatch.Stop(); var output = string.Format("{0} tokens/sec", 1000.0 * limit / stopwatch.Elapsed.TotalMilliseconds); Console.WriteLine(output); }
public void TokenExpirationTest() { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials, Expiration = TimeSpan.FromMilliseconds(1000) }; var provider = new TokenProvider(options); var token = provider.GenerateUserToken(1, "John Dwo"); var id = provider.ValidateToken(token.access_token); Assert.NotNull(id); Assert.Equal(1, id.Value); }
/// <summary> /// Generates Defauls SigningCredentials /// SigningCredentials generated from random key using HmacSha256Signature algorithm /// </summary> /// <returns>Generated SigningCredentials</returns> public static SigningCredentials DefaultSigningCredentials() { if (TokenProvider._signingCredentials != null) return TokenProvider._signingCredentials; lock(TokenProvider.s_lock) { if (TokenProvider._signingCredentials != null) return TokenProvider._signingCredentials; var keyForHmacSha256 = Common.Crypto.GetRandomBytes(64); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); _signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); return _signingCredentials; } }
private void ConfigureToken(IServiceCollection services) { byte[] keyForHmacSha256 = new byte[64]; var randomGen = RandomNumberGenerator.Create(); randomGen.GetBytes(keyForHmacSha256); var securityKey = new SymmetricSecurityKey(keyForHmacSha256); var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var options = new TokenProviderOptions { Issuer = "InColUn", Audience = "All", SigningCredentials = signingCredentials, Expiration = TimeSpan.FromMilliseconds(1000) }; var tokenProvider = new TokenProvider(options); services.AddSingleton(tokenProvider); }
public UserToken BuildToken(string email) { var claims = new[] { new Claim(JwtRegisteredClaimNames.UniqueName, email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtConfig:Secret"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expiration = DateTime.UtcNow.AddHours(1); JwtSecurityToken token = new JwtSecurityToken( issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds); return(new UserToken() { Token = new JwtSecurityTokenHandler().WriteToken(token), Expiration = expiration }); }
public string CreateAccessToken(string username) { var claims = new[] { new Claim(ClaimTypes.Name, username) }; var jwtSecurityKey = Encoding.UTF8.GetBytes(_configuration.GetValue <string>("Settings:JWT:SecurityKey")); var key = new SymmetricSecurityKey(jwtSecurityKey); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.UtcNow.Add(TimeSpan.ParseExact(_configuration.GetSection("Settings:JWT:AccessToken:Expiry").Value, "c", null)); var accessToken = new JwtSecurityToken( _configuration.GetValue <string>("Settings:JWT:Issuer"), _configuration.GetValue <string>("Settings:JWT:Audience"), claims, notBefore: DateTime.UtcNow, expires: expires, signingCredentials: creds ); var accessTokenString = new JwtSecurityTokenHandler().WriteToken(accessToken); return(accessTokenString); }
public string CreateToken(AppUser user) { try { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.UserName) }; var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); } catch (System.Exception e) { return($"{e.Message}"); } }
public string CreateToken(AppUser user) { var claims = new List<Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.UserName) }; // generate signing credentials var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); }
string GenerateJWT(User userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:SecretKey"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userInfo.UserName), new Claim("firstName", userInfo.FirstName.ToString()), new Claim("role", userInfo.UserType), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Audience"], claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: credentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public JwtHandler(IOptions <JwtOptions> options) { _options = options.Value; _issuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.SecretKey)); // !!! NOTE // Another BETTER option would be to use RSA here, because in case of HMAC we need to have same secret key // shared between Identity service and other services like API. // In case of RSA Identity service would have the private/public certificates - private key and public key. // Then it could provide the public key for all of the other services - they only have to verify if token is valid, which // could be done via public key. Private key needs to be used only inside of the Identity service scope, for the singing tokens. _signingCredentials = new SigningCredentials(_issuerSigningKey, SecurityAlgorithms.HmacSha256); _jwtHeader = new JwtHeader(_signingCredentials); _tokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, // Dosen't care which end client will be authenticated ValidIssuer = _options.Issuer, IssuerSigningKey = _issuerSigningKey }; }
public Object GetToken() { string key = "my_secret_key_12345"; var issuer = "http://mysite.com"; var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var permClaims = new List <Claim>(); permClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); permClaims.Add(new Claim("valid", "1")); permClaims.Add(new Claim("userid", "1")); permClaims.Add(new Claim("name", "bilal")); var token = new JwtSecurityToken(issuer, issuer, permClaims, expires: DateTime.Now.AddDays(1), signingCredentials: credentials); var jwt_token = new JwtSecurityTokenHandler().WriteToken(token); return(new { data = jwt_token }); }
public string CreatToken() { var config = ConfigerManager.Instance.Build().GetSwaggerSetting(); var claims = new List <Claim> { // 令牌颁发时间 new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"), // 过期时间 100秒 new Claim(JwtRegisteredClaimNames.Exp, $"{new DateTimeOffset(DateTime.Now.AddSeconds(100)).ToUnixTimeSeconds()}"), new Claim(JwtRegisteredClaimNames.Iss, config.Issuer), // 签发者 }; // 密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config.JwtSecret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); JwtSecurityToken jwt = new JwtSecurityToken( claims: claims,// 声明的集合 signingCredentials: creds); var handler = new JwtSecurityTokenHandler(); var strJWT = handler.WriteToken(jwt); StaticCacher.SetCacher("token", strJWT); return(strJWT); }
private string GenerateJSONWebToken(User userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.UniqueName, userInfo.UserName), new Claim(JwtRegisteredClaimNames.Email, userInfo.UserEmail), new Claim(JwtRegisteredClaimNames.GivenName, userInfo.UserFirstName), new Claim(JwtRegisteredClaimNames.FamilyName, userInfo.UserLastName + " " + userInfo.UserMiddleName), new Claim("Role", userInfo.RoleName.ToString()), new Claim(ClaimTypes.Role, userInfo.RoleName.ToString()) }; var token = new JwtSecurityToken(_config["Jwt:Issuer"], _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddHours(24), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public void CreateToken(AppUser userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim("id", userInfo.Id.ToString()), new Claim(JwtRegisteredClaimNames.Sub, userInfo.UserName), new Claim(JwtRegisteredClaimNames.GivenName, string.Format("{0} {1}", userInfo.FirstName, userInfo.LastName)), new Claim(JwtRegisteredClaimNames.Email, userInfo.Email), //new Claim("role", string.Join(",",userInfo.UserRoles.Select(x=>x.RoleId).ToArray())), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddMinutes(Convert.ToInt32(_config["Jwt:ExpirationTimeMinutes"])), signingCredentials: credentials); userInfo.Token = new JwtSecurityTokenHandler().WriteToken(token); }
private string CreateToken(ApplicationUser _user) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _user.UserName), new Claim(JwtRegisteredClaimNames.Email, _user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddMinutes(60), signingCredentials: credentials); var encodedToken = new JwtSecurityTokenHandler().WriteToken(token); return(encodedToken); }
public string CriarToken(AppUser usuario) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Email, usuario.Email), new Claim(JwtRegisteredClaimNames.GivenName, usuario.DisplayName), }; var credenciais = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = credenciais, Issuer = _config["Token:Issuer"] }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public string CreateToken(User user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.UserName) // Add username as a name id to the jwt token. }; var checksum = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); // var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = checksum }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task<IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) return Unauthorized(); var creds = new SigningCredentials(GetKey(), SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(GetClaims(userFromRepo)), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map<UserForListDto>(userFromRepo); return Ok(new { token = tokenHandler.WriteToken(token), user }); }
public static string GenerateToken(SiteUser user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id) }; var key = GetSymmetricSecurityKey(); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.UtcNow.AddMinutes(LifetimeInMinutes); var token = new JwtSecurityToken( Issuer, Audience, notBefore: DateTime.UtcNow, claims: claims, expires: expires, signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
private string GenerateAccessToken(User user) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id), new Claim(ClaimTypes.Name, user.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); return(tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor))); }
private object GenerateJwtToken(string email, IdentityUser user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.Now.AddDays(Convert.ToDouble(_configuration["JwtExpireDays"])); var token = new JwtSecurityToken( _configuration["JwtIssuer"], _configuration["JwtIssuer"], claims, expires: expires, signingCredentials: creds ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task <IActionResult> Login(UserForLoginDTO userForLoginDTO) { var userFromRepo = await _repo.Login(userForLoginDTO.Username.ToLower(), userForLoginDTO.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDTO>(userFromRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }
public AuthenticatedUserDTO Authenticate(string username, string password) { RegisteredUser user = _userRepository.GetBy(username, password); if (user == null) { return(null); } if (user.Role.Equals("Patient")) { Patient p = (Patient)user; if (p.Blocked || !p.Confirmed) { return(null); } } var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("QKcOa8xPopVOliV6tpvuWmoKn4MOydSeIzUt4W4r1UlU2De7dTUYMlrgv3rU")); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(ClaimTypes.Name, user.Id), new Claim(ClaimTypes.Role, user.Role), new Claim("Role", user.Role) }; var token = new JwtSecurityToken( expires: DateTime.Now.AddMinutes(60), signingCredentials: credentials, claims: claims); string tokenString = new JwtSecurityTokenHandler().WriteToken(token); return(RegisteredUserMapper.RegisteredUserToAuthenticatedUserDTO(user, tokenString)); }
public IActionResult Login(LoginViewModel login) { try { Usuarios usuarioBuscado = UsuarioRepository.BuscarPorEmailESenha(login); if (usuarioBuscado == null) { return(NotFound(new { mensagem = "Eita, deu ruim." })); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, usuarioBuscado.Email), new Claim(JwtRegisteredClaimNames.Jti, usuarioBuscado.IdUsuario.ToString()), }; var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes("roman-chave-autenticacao")); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Roman.WebApi", audience: "Roman.WebApi", claims: claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); } catch (System.Exception ex) { return(BadRequest(new { mensagem = "Erro ao tentar encontrar um usuario" + ex })); } }
//---------------------------------------------------------------- private string GenerateJSONWebToken(UserModel userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); //var token = new JwtSecurityToken(_config["Jwt:Issuer"], // _config["Jwt:Issuer"], // null, // //notBefore:DateTime.Now, // expires: DateTime.Now.AddMinutes(1), // signingCredentials: credentials); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userInfo.Username), new Claim(JwtRegisteredClaimNames.Email, userInfo.EmailAddress), new Claim("DateOfJoin", DateTime.Now.ToString("yyyy-MM-dd")), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var token = new JwtSecurityToken(_config["Jwt:Issuer"], _config["Jwt:Issuer"], claims, // notBefore: DateTime.UtcNow, notBefore: new DateTimeOffset(DateTime.Now).DateTime, expires: new DateTimeOffset(DateTime.Now.AddMinutes(2)).DateTime, //expires: DateTime.UtcNow.AddMinutes(5), //expires: DateTime.UtcNow.AddMilliseconds(30000), // 30 Sec. //expires: TimeSpan.FromMilliseconds(30000), signingCredentials: credentials); token.Payload["profilePicture"] = "http://url/user.jpg"; token.Payload["Ali"] = "Nadjar"; return(new JwtSecurityTokenHandler().WriteToken(token)); }
public string GenerateJWT(LoginResponseModel user) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Email), new Claim(ClaimTypes.GivenName, user.FirstName), new Claim(ClaimTypes.Surname, user.LastName), new Claim(ClaimTypes.DateOfBirth, user.DateOfBirth.Value.ToShortDateString()), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), }; foreach (var role in user.Roles) { claims.Add(new Claim(ClaimTypes.Role, role.Name.ToString())); } var identityClaims = new ClaimsIdentity(); identityClaims.AddClaims(claims); var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["TokenSettings:PrivateKey"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var expires = DateTime.UtcNow.AddHours(_config.GetValue <double>("TokenSettings:ExpirationHours")); var tokenHandler = new JwtSecurityTokenHandler(); var tokenObject = new SecurityTokenDescriptor { Subject = identityClaims, Expires = expires, SigningCredentials = credentials, Issuer = _config["TokenSettings:Issuer"], Audience = _config["TokenSettings:Audiance"], }; var encodedJwt = tokenHandler.CreateToken(tokenObject); return(tokenHandler.WriteToken(encodedJwt)); }
public async Task <IActionResult> Login([FromBody] LoginModel login) { //尝试登陆 var result = await _signInManager.PasswordSignInAsync(login.Email, login.Password, false, false); if (!result.Succeeded) { return(BadRequest(new LoginResult { Successful = false, Error = "用户名或密码错误" })); //如果登陆失败 } //payload var claims = new[] { new Claim(ClaimTypes.Name, login.Email), }; //对称密钥 var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtSecurityKey"])); //密钥做签名 var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); //过期时间 var expiry = DateTime.Now.AddDays(Convert.ToInt32(_configuration["JwtExpiryInDays"])); //生成token var token = new JwtSecurityToken( _configuration["JwtIssuer"], _configuration["JwtAudience"], claims, expires: expiry, signingCredentials: creds ); return(Ok(new LoginResult { Successful = true, Token = new JwtSecurityTokenHandler().WriteToken(token) })); }
public async Task <IActionResult> Login(UserForLoginDTO userForLoginDTO) { var userFromRepo = await this.repositry.Login(userForLoginDTO.UserName.ToLower(), userForLoginDTO.PassWord); if (userFromRepo == null) // user dosn`t exisits in database { return(Unauthorized()); } else { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.UserName), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.config.GetSection("AppSettings:Token").Value)); // SecurityAlgorithms.HmacSha512Signature => security algo ussing to hashing var Credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = Credentials }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); } }
public async Task <IActionResult> Login(UserForLoginParam userForLogin) { var userFromService = await _authService.Login(userForLogin.UserName, userForLogin.Password); if (userFromService == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromService.User_Account), new Claim(ClaimTypes.Name, userFromService.User_Account), new Claim("Factory", userFromService.Factory_ID) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token), user = userFromService })); }
//Funcion para añadir el claim de deshabilitado private IActionResult AddDeshabilitadoClaim(ApplicationUser userInfo, string Nombre, string Apellido, string Id, int Rol, string fuente) { var claims = new[] { new Claim(JwtRegisteredClaimNames.UniqueName, userInfo.Email), new Claim("Rol", "Deshabilitado"), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:SigningKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expiration = DateTime.UtcNow.AddDays(1); if (fuente == "movil") { expiration = DateTime.UtcNow.AddDays(90); } JwtSecurityToken token = new JwtSecurityToken( issuer: "yourdomain.com", audience: "yourdomain.com", claims: claims, expires: expiration, signingCredentials: creds); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = expiration, nombre = Nombre, apellido = Apellido, email = userInfo.Email, id_user = Id, rol = Rol })); }
public async Task <IActionResult> LoginAsync([FromBody] LoginModel user) { User userdb = await _userService.GetUserByNameAsync(user.UserName); if (user == null || userdb == null) { return(BadRequest("Invalid client request")); } if (user.UserName == userdb.UserName && user.Password == userdb.Password) { var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("superSecretKey@345")); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.Role, "Manager"), new Claim(ClaimTypes.NameIdentifier, userdb.Id.ToString()) }; var tokeOptions = new JwtSecurityToken( issuer: "http://localhost:5000", audience: "http://localhost:5000", claims: claims, expires: DateTime.Now.AddMinutes(100), signingCredentials: signinCredentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions); return(Ok(new { Token = tokenString })); } else { return(Unauthorized()); } }
/// <summary> /// Genear el token con la informacion del usuario /// </summary> /// <param name="usuarioInfo">Información del usuario</param> /// <returns></returns> private string GenerarTokenJWT(UsuariInfoDTO usuarioInfo) { // CREAMOS EL HEADER // string secretKey = _configuration["JWT:SecretKey"]; var _symmetricSecurityKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(secretKey) ); var _signingCredentials = new SigningCredentials( _symmetricSecurityKey, SecurityAlgorithms.HmacSha256 ); var _Header = new JwtHeader(_signingCredentials); // CREAMOS LOS CLAIMS // var _Claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.NameId, usuarioInfo.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, usuarioInfo.Email), new Claim(ClaimTypes.Role, usuarioInfo.Rol) }; // CREAMOS EL PAYLOAD // var _Payload = new JwtPayload( issuer: _configuration["JWT:Issuer"], audience: _configuration["JWT:Audience"], claims: _Claims, notBefore: DateTime.Now, expires: DateTime.Now.AddHours(int.Parse(_configuration["JWT:Expire"])) ); // GENERAMOS EL TOKEN // var _Token = new JwtSecurityToken( _Header, _Payload ); return(new JwtSecurityTokenHandler().WriteToken(_Token)); }
/// <summary> /// 创建token /// <para>作 者:蔡亚康</para> /// <para>创建时间:2019-03-06</para> /// </summary> /// <param name="user">登陆的用户实体信息</param> /// <returns>token值</returns> internal String CreateToken(TblHssPassport user) { string privateKey = ClientConfigManager.HssConfig.TokenKey.PrivateKey; //使用私钥加密 int tokenTimestamp = ClientConfigManager.HssConfig.TokenTimestamp; RSA rsa = RSAKeyHelper.CreateRsaProviderFromPrivateKey(privateKey); //Claims(Payload) // Claims 部分包含了一些跟这个 token 有关的重要信息。 JWT 标准规定了一些字段,下面节选一些字段: //iss: The issuer of the token,token 是给谁的 // sub: The subject of the token,token 主题 // exp: Expiration Time。 token 过期时间,Unix 时间戳格式 // iat: Issued At。 token 创建时间, Unix 时间戳格式 // jti: JWT ID。针对当前 token 的唯一标识 // 除了规定的字段外,可以包含其他任何 JSON 兼容的字段。 var key = new RsaSecurityKey(rsa); var creds = new SigningCredentials(key, SecurityAlgorithms.RsaSha256); List <Claim> claims = new List <Claim>(); claims.Add(new Claim(JwtUserId, user.PassporId.ToString())); claims.Add(new Claim(JwtUserName, user.UserCode)); claims.Add(new Claim(JwtOpenId, user.OpenId)); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken( issuer: ISSUER, audience: AUDIENCE, claims: claims, expires: DateTime.Now.AddHours(tokenTimestamp), signingCredentials: creds); string token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); return(token); }
public async Task <IActionResult> Get(string account) { bool checkExistUser = await _systemManagementService.CheckExistUser(account); if (!checkExistUser) { return(NotFound()); } var userFromService = await _authService.GetUser(account); var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromService.USER_GUID.ToString()), new Claim(ClaimTypes.Name, userFromService.NAME) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token), user = userFromService })); }