/// <summary> /// Create a roles based access token with roles assigned by user /// </summary> /// <param name="user">User as <see cref="ApplicationUser"/></param> /// <param name="expireMinutes">Minutes Token will remain alive as <see cref="double?"/></param> /// <returns>JWT Token as <see cref="string"/></returns> protected async Task <string> CreateJwtTokenAsync(ApplicationUser user, double?expireMinutes = null) { if (string.IsNullOrWhiteSpace(user?.UserName)) { return(null); } var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var userClaims = await UserManagerAgent.GetClaimsAsync(user).ConfigureAwait(false); var userRoles = await UserManagerAgent.GetRolesAsync(user).ConfigureAwait(false); claims.AddRange(userClaims); foreach (var userRole in userRoles) { claims.Add(new Claim(ClaimTypes.Role, userRole)); var role = await RoleManagerAgent.FindByNameAsync(userRole).ConfigureAwait(false); if (role != null) { var roleClaims = await RoleManagerAgent.GetClaimsAsync(role).ConfigureAwait(false); foreach (Claim roleClaim in roleClaims) { claims.Add(roleClaim); } } } double expirationMinutes = expireMinutes ?? double.Parse(ConfigurationAgent["JwtToken:ExpireMinutes"], CultureInfo.CurrentCulture); var token = new JwtSecurityToken ( issuer: ConfigurationAgent["JwtToken:Issuer"], audience: ConfigurationAgent["JwtToken:Audience"], claims: claims, expires: DateTime.UtcNow.AddMinutes(expirationMinutes), notBefore: DateTime.UtcNow, signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationAgent["JwtToken:Key"])), SecurityAlgorithms.HmacSha256) ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task <IActionResult> DeleteRole(string roleName) { var role = await RoleManagerAgent.FindByNameAsync(roleName).ConfigureAwait(false); if (role != null && role.Name != _appSettings.SecRole.Admin) { IdentityResult roleResult = await RoleManagerAgent.DeleteAsync(role).ConfigureAwait(false); if (!roleResult.Succeeded) { throw new Exception(_localizer["ErrorDeleteRole"]); } } return(RedirectToAction("Index", "Admin", new { id = "roles" })); }