public string CreateLoginJWT(LoginUsr usr, int defCompanyId, int defProjectId, byte defSystemId, UsrCurr curr, UsrImpr impr, string resources, int validSeconds, string guidHandle)
{
Func <byte[], string> base64UrlEncode = (c) => Convert.ToBase64String(c).TrimEnd(new char[] { '=' }).Replace('_', '/').Replace('-', '+');
var utc0 = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
var issueTime = DateTime.Now.ToUniversalTime();
var iat = (int)issueTime.Subtract(utc0).TotalSeconds;
var exp = (int)issueTime.AddSeconds(validSeconds).Subtract(utc0).TotalSeconds; // Expiration time is up to 1 hour, but lets play on safe side
var encryptionKey = GetSessionEncryptionKey(iat.ToString(), usr.UsrId.ToString());
var signingKey = GetSessionSigningKey(iat.ToString(), usr.UsrId.ToString());
RintagiLoginJWT token = new RintagiLoginJWT()
{
iat = iat,
exp = exp,
nbf = iat,
loginToken = CreateEncryptedLoginToken(usr, defCompanyId, defProjectId, defSystemId, curr, impr, resources, encryptionKey),
loginId = usr.UsrId.ToString(),
handle = guidHandle
};
string payLoad = Newtonsoft.Json.JsonConvert.SerializeObject(token);
string header = "{\"typ\":\"JWT\",\"alg\":\"HS256\"}";
HMACSHA256 hmac = new HMACSHA256(System.Text.UTF8Encoding.UTF8.GetBytes(signingKey));
string content = base64UrlEncode(System.Text.UTF8Encoding.UTF8.GetBytes(header)) + "." + base64UrlEncode(System.Text.UTF8Encoding.UTF8.GetBytes(payLoad));
byte[] hash = hmac.ComputeHash(System.Text.UTF8Encoding.UTF8.GetBytes(content));
return(content + "." + base64UrlEncode(hash));
}
public RintagiLoginJWT GetLoginUsrInfo(string jwt)
{
string[] x = (jwt ?? "").Split(new char[] { '.' });
Func <string, byte[]> base64UrlDecode = s => Convert.FromBase64String(s.Replace('-', '+').Replace('_', '/') + (s.Length % 4 > 1 ? new string('=', 4 - s.Length % 4) : ""));
if (x.Length >= 3)
{
try
{
Dictionary <string, string> header = Newtonsoft.Json.JsonConvert.DeserializeObject <Dictionary <string, string> >(System.Text.UTF8Encoding.UTF8.GetString(base64UrlDecode(x[0])));
try
{
RintagiLoginJWT loginJWT = Newtonsoft.Json.JsonConvert.DeserializeObject <RintagiLoginJWT>(System.Text.UTF8Encoding.UTF8.GetString(base64UrlDecode(x[1])));
string signingKey = GetSessionSigningKey(loginJWT.iat.ToString(), loginJWT.loginId.ToString());
bool valid = header["typ"] == "JWT" && header["alg"] == "HS256" && VerifyHS256JWT(x[0], x[1], x[2], signingKey);
if (valid)
{
return(loginJWT);
}
else
{
return(null);
}
}
catch
{
return(null);
}
}
catch { return(null); }
}
else
{
return(null);
}
}
