public bool TryValidateToken(string token, out AuthPayload payload)
{
payload = null;
var parts = (token ?? "").Split(".");
if (parts.Length != 2)
{
return(false);
}
byte[] data;
try
{
data = WebEncoders.Base64UrlDecode(parts[0]);
}
catch (FormatException)
{
return(false);
}
var hash = parts[1];
if (hash != ComputeHash(data))
{
return(false);
}
payload = JsonConvert.DeserializeObject <AuthPayload>(Encoding.UTF8.GetString(data));
return(true);
}
public string CreateToken(AuthPayload payload)
{
var data = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payload));
var hash = ComputeHash(data);
return($"{WebEncoders.Base64UrlEncode(data)}.{hash}");
}