public User GetUser(string token)
{
string[] parts = token.Split('.');
if (parts.Length == 3)
{
string signature = "";
using (HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(_secret)))
{
byte[] signatureBytes = hmac.ComputeHash(
Encoding.UTF8.GetBytes(String.Format("{0}.{1}", parts[0], parts[1])));
signature = WebEncoders.Base64UrlEncode(signatureBytes);
}
if (signature == parts[2])
{
string headerJson = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(parts[0]));
string payloadJson = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(parts[1]));
TokenHeader header = JsonConvert.DeserializeObject <TokenHeader>(headerJson);
TokenPayload payload = JsonConvert.DeserializeObject <TokenPayload>(payloadJson);
return(new User()
{
Name = payload.user, Privilege = payload.privilege
});
}
}
return(new User());
}
public string CreateToken(User user)
{
TokenHeader header = new TokenHeader()
{
alg = "HS256", typ = "JWT"
};
TokenPayload payload = new TokenPayload()
{
user = user.Name, privilege = user.Privilege
};
string headerJson = JsonConvert.SerializeObject(header);
byte[] headerJsonBytes = Encoding.UTF8.GetBytes(headerJson);
string payloadJson = JsonConvert.SerializeObject(payload);
byte[] payloadJsonBytes = Encoding.UTF8.GetBytes(payloadJson);
string headerBase64Encoded = WebEncoders.Base64UrlEncode(headerJsonBytes);
string payloadBase64Encoded = WebEncoders.Base64UrlEncode(payloadJsonBytes);
string signature = "";
using (HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(_secret)))
{
byte[] signatureBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(
String.Format("{0}.{1}", headerBase64Encoded, payloadBase64Encoded)));
signature = WebEncoders.Base64UrlEncode(signatureBytes);
}
return((signature.Length > 0)
? String.Format("{0}.{1}.{2}", headerBase64Encoded, payloadBase64Encoded, signature)
: String.Empty);
}