internal static string CreteJWTToken() { var cert = new X509SigningCredentials(SecurityHelper.GetCertificate()); var claims = new List <Claim> { new Claim(ClaimTypes.Name, "Hulk"), new Claim(ClaimTypes.Spn, "superhero"), new Claim(ClaimTypes.Thumbprint, cert.Certificate.GetCertHashString()), }; var token = new JwtSecurityToken(SecurityHelper.CertificateValidIssuer, SecurityHelper.CertificateValidAudience, claims, DateTime.UtcNow, DateTime.UtcNow.AddSeconds(10), cert); var tokenHandler = new JwtSecurityTokenHandler(); var tokenData = tokenHandler.WriteToken(token); return(tokenData); }
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { string tokenRaw = string.Empty; try { if (!TryRetrieveToken(request, out tokenRaw)) { return(base.SendAsync(request, cancellationToken)); } var validationParameters = new TokenValidationParameters() { ValidIssuer = SecurityHelper.CertificateValidIssuer, ValidAudience = SecurityHelper.CertificateValidAudience, IssuerSigningToken = new X509SecurityToken(SecurityHelper.GetCertificate()), ValidateLifetime = false, ValidateAudience = true, ValidateIssuer = true, ValidateIssuerSigningKey = true, //ClockSkew = new TimeSpan(40, 0, 0) }; SecurityToken token = new JwtSecurityToken(); ClaimsPrincipal principal = new JwtSecurityTokenHandler().ValidateToken(tokenRaw, validationParameters, out token); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = Thread.CurrentPrincipal; } } catch (Exception ex) { Trace.Write(ex); } return(base.SendAsync(request, cancellationToken)); }