public ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
{
var hmacKey = AESServices.UserHmacKey(Constants.UserNumber, 3);
var jwtToken = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey);
ClaimsIdentity id = new ClaimsIdentity(jwtToken.Claims, JWTToken.JWT_ID);
id.BootstrapContext = jwtToken;
ClaimsPrincipal principal = new ClaimsPrincipal(id);
return(principal);
}
public WebApiToken GenerateJWT(Users user)
{
var jwtToken = new JWTToken();
jwtToken.AddClaim(ClaimTypes.NameIdentifier, "CPOC");
jwtToken.AddClaim(ClaimTypes.Name, user.EmployeeName);
jwtToken.AddClaim(ClaimTypes.Email, user.Email);
jwtToken.Issuer = Constants.Issuer;
jwtToken.Audience = Constants.Audience;
jwtToken.TimeOut = "10";
jwtToken.UserRole = user.Role;
jwtToken.IsAdmin = user.IsAdmin;
jwtToken.symmetricSignatureKeyString = AESServices.UserHmacKey(Constants.UserNumber, 3);
var webApiToken = new WebApiToken();
webApiToken.accessToken = jwtToken;
webApiToken.refreshToken = GenerateRefreshToken();
return(webApiToken);
}
public static JWTToken ParseJwtToken(string token, ref string SignatureKey)
{
var parts = token.Split('.');
if (parts.Length != 3)
{
throw new Exception("Token is not formed properly");
}
//var header = Encoding.UTF8.GetString(parts[0].ToByteArray(ref parts[0]));
//var claims = Encoding.UTF8.GetString(parts[1].ToByteArray(ref parts[1]));
//var inSignature = parts[2].ToByteArray(ref parts[2]);
var header = Encoding.UTF8.GetString(parts[0].ToByteArray());
var claims = Encoding.UTF8.GetString(parts[1].ToByteArray());
var inSignature = parts[2].ToByteArray();
var computedSignature = String.Empty;
var jwt = new JWTToken();
jwt.symmetricSignatureKeyString = SignatureKey;
jwt.mClaims = JsonConvert.DeserializeObject <Dictionary <string, string> >(claims);
using (var HMAC = new HMACSHA256(Convert.FromBase64String(SignatureKey)))
{
var data = String.Format("{0}.{1}", parts[0], parts[1].Trim(System.Convert.ToChar("=")));
var signatureBytes = HMAC.ComputeHash(Encoding.UTF8.GetBytes(data));
computedSignature = signatureBytes.ToBase64String();
}
var inputSignature = inSignature.ToBase64String();
//doing for now, need to remove below one line later
inputSignature = parts[2];
if (!computedSignature.Equals(inputSignature, StringComparison.Ordinal))
{
throw new Exception("Invalid Signature");
}
return(jwt);
}