public ClaimsPrincipal GetPrincipalFromExpiredToken(string token) { var hmacKey = AESServices.UserHmacKey(Constants.UserNumber, 3); var jwtToken = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey); ClaimsIdentity id = new ClaimsIdentity(jwtToken.Claims, JWTToken.JWT_ID); id.BootstrapContext = jwtToken; ClaimsPrincipal principal = new ClaimsPrincipal(id); return(principal); }
public WebApiToken GenerateJWT(Users user) { var jwtToken = new JWTToken(); jwtToken.AddClaim(ClaimTypes.NameIdentifier, "CPOC"); jwtToken.AddClaim(ClaimTypes.Name, user.EmployeeName); jwtToken.AddClaim(ClaimTypes.Email, user.Email); jwtToken.Issuer = Constants.Issuer; jwtToken.Audience = Constants.Audience; jwtToken.TimeOut = "10"; jwtToken.UserRole = user.Role; jwtToken.IsAdmin = user.IsAdmin; jwtToken.symmetricSignatureKeyString = AESServices.UserHmacKey(Constants.UserNumber, 3); var webApiToken = new WebApiToken(); webApiToken.accessToken = jwtToken; webApiToken.refreshToken = GenerateRefreshToken(); return(webApiToken); }
public static JWTToken ParseJwtToken(string token, ref string SignatureKey) { var parts = token.Split('.'); if (parts.Length != 3) { throw new Exception("Token is not formed properly"); } //var header = Encoding.UTF8.GetString(parts[0].ToByteArray(ref parts[0])); //var claims = Encoding.UTF8.GetString(parts[1].ToByteArray(ref parts[1])); //var inSignature = parts[2].ToByteArray(ref parts[2]); var header = Encoding.UTF8.GetString(parts[0].ToByteArray()); var claims = Encoding.UTF8.GetString(parts[1].ToByteArray()); var inSignature = parts[2].ToByteArray(); var computedSignature = String.Empty; var jwt = new JWTToken(); jwt.symmetricSignatureKeyString = SignatureKey; jwt.mClaims = JsonConvert.DeserializeObject <Dictionary <string, string> >(claims); using (var HMAC = new HMACSHA256(Convert.FromBase64String(SignatureKey))) { var data = String.Format("{0}.{1}", parts[0], parts[1].Trim(System.Convert.ToChar("="))); var signatureBytes = HMAC.ComputeHash(Encoding.UTF8.GetBytes(data)); computedSignature = signatureBytes.ToBase64String(); } var inputSignature = inSignature.ToBase64String(); //doing for now, need to remove below one line later inputSignature = parts[2]; if (!computedSignature.Equals(inputSignature, StringComparison.Ordinal)) { throw new Exception("Invalid Signature"); } return(jwt); }