public static void ValidateAuthorizationHeader(ISettingsProvider settingsProvider, string token, int userId, int tenantId, string eSpaceKey) { var authHeaderParts = token?.Trim().Split(new[] { ' ' }, 2); if (authHeaderParts == null || authHeaderParts.Length != 2) { ThrowTokenValidationFailed("Invalid auth header parts"); } var type = authHeaderParts[0]; var credentials = authHeaderParts[1]; if (!"bearer".EqualsIgnoreCase(type)) { ThrowTokenValidationFailed("Invalid type header"); } SecurityTokenAPI.RequestSecurityTokenPayload payload = SecurityTokenAPI.GetValidatedToken <SecurityTokenAPI.RequestSecurityTokenPayload>(settingsProvider, credentials); if (payload == null) { ThrowTokenValidationFailed("Invalid payload"); } if (userId != 0 && payload.UserId != userId) { ThrowTokenValidationFailed("Invalid userId"); } if (tenantId != 0 && payload.TenantId != tenantId) { ThrowTokenValidationFailed("Invalid tenantId"); } if (payload.ProducerKey != eSpaceKey) { ThrowTokenValidationFailed("Invalid eSpaceKey"); } }
public static string GenerateAuthorizationHeader(ISettingsProvider settingsProvider, string issuer, string audience, int userId, int tenantId) { return($"Bearer {SecurityTokenAPI.GenerateJWTTokenString(settingsProvider, issuer, audience, userId, tenantId, new byte[1])}"); }