public ActionResult GetJwtCertificate()
{
var certificate = _jwtOptions.GetCertificate();
var builder = new StringBuilder();
builder.AppendLine("-----BEGIN CERTIFICATE-----");
builder.AppendLine(Convert.ToBase64String(certificate.RawData, Base64FormattingOptions.InsertLineBreaks));
builder.AppendLine("-----END CERTIFICATE-----");
return(Content(builder.ToString(), "application/x-x509-user-cert"));
}
private string IssueToken(TypeToken type, int userId)
{
var now = DateTime.UtcNow;
AuthSession authSession = null;
// General claims
var claims = new List <Claim>
{
new Claim("idUser", Convert.ToString(userId)),
new Claim("nbf", Convert.ToString(DateTimeOffset.Now.ToUnixTimeSeconds()))
};
if (type == TypeToken.Аuthorization)
{
claims.Add(new Claim("type", "Auth"));
authSession = new AuthSession()
{
ExpirationTime = now.Add(TimeSpan.FromMinutes(_tokenSettings.AuthLifetime)),
UserId = userId,
CreatedAt = now
};
}
else
{
claims.Add(new Claim("type", "Session"));
}
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, "Token");
var creds = new SigningCredentials(new X509SecurityKey(_jwtSettings.GetCertificate()), SecurityAlgorithms.RsaSha256);
var jwt = new JwtSecurityToken(
issuer: _tokenSettings.Issuer,
audience: _tokenSettings.Audience,
claims: claimsIdentity.Claims,
signingCredentials: creds);
jwt.Header.Remove("kid");
string token = new JwtSecurityTokenHandler().WriteToken(jwt);
if (type == TypeToken.Аuthorization)
{
authSession.Token = token;
_dbContext.authSessions.Add(authSession);
_dbContext.SaveChanges();
}
return(token);
}