private string GenerateJwtBodySegment(string audience, DateTime absoluteExpiration)
{
StringBuilder jwtBodyBuilder = new StringBuilder();
jwtBodyBuilder.Append(JWT_BODY_AUDIENCE_PART).Append(audience)
.Append(JWT_BODY_EXPIRATION_PART).Append(ToUnixTimeSeconds(absoluteExpiration).ToString(CultureInfo.InvariantCulture));
if (_subject != null)
{
jwtBodyBuilder.Append(JWT_BODY_SUBJECT_PART).Append(_subject).Append(JWT_BODY_WITH_SUBJECT_CLOSING);
}
else
{
jwtBodyBuilder.Append(JWT_BODY_WITHOUT_SUBJECT_CLOSING);
}
return(UrlBase64Converter.ToUrlBase64String(Encoding.UTF8.GetBytes(jwtBodyBuilder.ToString())));
}
private string GenerateToken(string audience, DateTime absoluteExpiration)
{
string jwtInput = _jwtHeaderSegment + JWT_SEPARATOR + GenerateJwtBodySegment(audience, absoluteExpiration);
byte[] jwtInputHash;
using (var sha256Hasher = SHA256.Create())
{
jwtInputHash = sha256Hasher.ComputeHash(Encoding.UTF8.GetBytes(jwtInput));
}
BigInteger[] jwtSignature = _jwtSigner.GenerateSignature(jwtInputHash);
byte[] jwtSignatureFirstSegment = jwtSignature[0].ToByteArrayUnsigned();
byte[] jwtSignatureSecondSegment = jwtSignature[1].ToByteArrayUnsigned();
int jwtSignatureSegmentLength = Math.Max(jwtSignatureFirstSegment.Length, jwtSignatureSecondSegment.Length);
byte[] combinedJwtSignature = new byte[2 * jwtSignatureSegmentLength];
ByteArrayCopyWithPadLeft(jwtSignatureFirstSegment, combinedJwtSignature, 0, jwtSignatureSegmentLength);
ByteArrayCopyWithPadLeft(jwtSignatureSecondSegment, combinedJwtSignature, jwtSignatureSegmentLength, jwtSignatureSegmentLength);
return(jwtInput + JWT_SEPARATOR + UrlBase64Converter.ToUrlBase64String(combinedJwtSignature));
}