public JwtBearerTokenAuthenticationOptions(JwtOptions jwtOptions)
{
if (jwtOptions == null)
{
throw new ArgumentNullException("jwtOptions");
}
byte[] symmetricKeyBytes = Encoding.UTF8.GetBytes(jwtOptions.JwtSigningKeyAsUtf8);
string symmetricKeyAsBase64 = Convert.ToBase64String(symmetricKeyBytes);
var symmetricKeyIssuerSecurityTokenProvider = new SymmetricKeyIssuerSecurityTokenProvider(
jwtOptions.Issuer, symmetricKeyAsBase64);
var providers = new IIssuerSecurityTokenProvider[]
{
symmetricKeyIssuerSecurityTokenProvider
};
_jwtBearerOptions = new JwtBearerAuthenticationOptions
{
AllowedAudiences = new List<string> { jwtOptions.Audience },
IssuerSecurityTokenProviders = providers
};
_jwtOptions = jwtOptions;
}
public ClaimsPrincipal Validate(string jwtTokenAsBase64, JwtOptions options)
{
var tokenHandler = new JwtSecurityTokenHandler();
string keyAsUtf8 = options.JwtSigningKeyAsUtf8;
byte[] keyAsBytes = Encoding.UTF8.GetBytes(keyAsUtf8);
SecurityToken signingToken = new BinarySecretSecurityToken(keyAsBytes);
var tokenValidationParameters = new TokenValidationParameters
{
IssuerSigningToken = signingToken,
ValidAudience = options.Audience,
ValidIssuer = options.Issuer
};
ClaimsPrincipal principal;
try
{
SecurityToken validatedToken;
principal = tokenHandler.ValidateToken(jwtTokenAsBase64, tokenValidationParameters,
out validatedToken);
}
catch (Exception ex)
{
Debug.Write(ex, "error");
principal = new ClaimsPrincipal(new ClaimsIdentity(authenticationType:""));
}
return principal;
}
public ConsentBuilder(CreateConsentOptions createConsentOptions, HandleConsentOptions consentHandlerOptions,
JwtOptions jwtOptions)
{
if (jwtOptions == null)
{
throw new ArgumentNullException("jwtOptions");
}
_createConsentOptions = createConsentOptions;
_consentHandlerOptions = consentHandlerOptions;
_jwtOptions = jwtOptions;
}
public CustomProviderOptions(JwtOptions jwtOptions, HandleConsentOptions handleConsentOptions)
{
if (jwtOptions == null)
{
throw new ArgumentNullException("jwtOptions");
}
if (handleConsentOptions == null)
{
throw new ArgumentNullException("handleConsentOptions");
}
_jwtOptions = jwtOptions;
_handleConsentOptions = handleConsentOptions;
}
public static SecurityTokenDescriptor CreateSecurityTokenDescriptor(IEnumerable<Claim> claims, JwtOptions options)
{
string keyAsUtf8 = options.JwtSigningKeyAsUtf8;
byte[] keyAsBytes = Encoding.UTF8.GetBytes(keyAsUtf8);
var claimsIdentity = new ClaimsIdentity(claims,
OAuthDefaults.AuthenticationType);
var descriptor = new SecurityTokenDescriptor()
{
SigningCredentials = new SigningCredentials(
new InMemorySymmetricSecurityKey(keyAsBytes),
HmacSha256,
Sha256),
Subject = claimsIdentity,
TokenIssuerName = options.Issuer,
AppliesToAddress = options.Audience
};
return descriptor;
}
public JwtBearerTokenProvider(JwtOptions options)
{
_options = options;
}
public JwtBearerTokenProvider(JwtOptions options)
{
_options = options;
}
