public static string CreateToken <TUser, TKey>(this TUser user, Func <DateTimeOffset> timestamps, IEnumerable <Claim> userClaims, TokenFabricationRequest security) where TUser : IUserIdProvider <TKey> where TKey : IEquatable <TKey> { var now = timestamps(); var expires = now.AddSeconds(security.TokenTimeToLiveSeconds); /* * See: https://tools.ietf.org/html/rfc7519#section-4.1 * All claims are optional, but since our JSON conventions elide null values, * We need to ensure any optional claims are emitted as empty strings. */ // JWT.io claims: var sub = user.Id?.ToString() ?? string.Empty; var jti = $"{Guid.NewGuid()}"; var iat = now.ToUnixTimeSeconds().ToString(); var exp = expires.ToUnixTimeSeconds().ToString(); var nbf = now.ToUnixTimeSeconds().ToString(); var iss = security.TokenIssuer ?? string.Empty; var aud = security.TokenAudience ?? string.Empty; var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, sub, ClaimValueTypes.String), new Claim(JwtRegisteredClaimNames.Jti, jti, ClaimValueTypes.String), new Claim(JwtRegisteredClaimNames.Iat, iat, ClaimValueTypes.Integer64), new Claim(JwtRegisteredClaimNames.Nbf, nbf, ClaimValueTypes.Integer64), new Claim(JwtRegisteredClaimNames.Exp, exp, ClaimValueTypes.Integer64) }; claims.AddRange(userClaims); AuthenticationExtensions.MaybeSetSecurityKeys(security); var handler = new JwtSecurityTokenHandler(); if (!security.Encrypt) { var jwt = new JwtSecurityToken(iss, aud, claims, now.UtcDateTime, expires.UtcDateTime, security.SigningKey); return(handler.WriteToken(jwt)); } var descriptor = new SecurityTokenDescriptor { Audience = aud, Issuer = iss, Subject = new ClaimsIdentity(claims), EncryptingCredentials = security.EncryptingKey }; return(handler.CreateEncodedJwt(descriptor)); }
public string CreateToken(IUserIdProvider <TKey> user, IEnumerable <Claim> claims = null) { var identity = user.QuackLike <IUserIdProvider <TKey> >(); var request = new TokenFabricationRequest { TokenIssuer = _tokens.Value.Issuer, TokenAudience = _tokens.Value.Audience, TokenTimeToLiveSeconds = _tokens.Value.TimeToLiveSeconds, SigningKeyString = _tokens.Value.SigningKey, EncryptingKeyString = _tokens.Value.EncryptingKey }; var token = identity.CreateToken <IUserIdProvider <TKey>, TKey>(request, claims, _timestamps); return(token); }
public string CreateToken(IUserIdProvider <TKey> user, IEnumerable <Claim> claims = null) { //var claims = _http.HttpContext.User.Claims; var identity = user.QuackLike <IUserIdProvider <TKey> >(); var request = new TokenFabricationRequest(); request.TokenIssuer = _tokens.Value.Issuer; request.TokenAudience = _tokens.Value.Audience; request.TokenTimeToLiveSeconds = _tokens.Value.TimeToLiveSeconds; request.SigningKeyString = _tokens.Value.SigningKey; request.EncryptingKeyString = _tokens.Value.EncryptingKey; var token = identity.CreateToken <IUserIdProvider <TKey>, TKey>(_timestamps, claims, request); return(token); }