|
static private GetCertificate ( ) : |
||
| return | ||
internal static string CreteJWTToken()
{
var cert = new X509SigningCredentials(SecurityHelper.GetCertificate());
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, "Hulk"),
new Claim(ClaimTypes.Spn, "superhero"),
new Claim(ClaimTypes.Thumbprint, cert.Certificate.GetCertHashString()),
};
var token = new JwtSecurityToken(SecurityHelper.CertificateValidIssuer, SecurityHelper.CertificateValidAudience, claims, DateTime.UtcNow, DateTime.UtcNow.AddSeconds(10), cert);
var tokenHandler = new JwtSecurityTokenHandler();
var tokenData = tokenHandler.WriteToken(token);
return(tokenData);
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
string tokenRaw = string.Empty;
try
{
if (!TryRetrieveToken(request, out tokenRaw))
{
return(base.SendAsync(request, cancellationToken));
}
var validationParameters = new TokenValidationParameters()
{
ValidIssuer = SecurityHelper.CertificateValidIssuer,
ValidAudience = SecurityHelper.CertificateValidAudience,
IssuerSigningToken = new X509SecurityToken(SecurityHelper.GetCertificate()),
ValidateLifetime = false,
ValidateAudience = true,
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
//ClockSkew = new TimeSpan(40, 0, 0)
};
SecurityToken token = new JwtSecurityToken();
ClaimsPrincipal principal = new JwtSecurityTokenHandler().ValidateToken(tokenRaw, validationParameters, out token);
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = Thread.CurrentPrincipal;
}
}
catch (Exception ex)
{
Trace.Write(ex);
}
return(base.SendAsync(request, cancellationToken));
}
