/// <summary> /// Generate access token with a symmetric signing key. /// </summary> /// <param name="webToken">JSON web token.</param> /// <param name="signingKey">Symmetric signing key.</param> /// <returns>OAuth bearer token (self signed)</returns> public static string GenerateAccessToken(JsonWebToken webToken, string signingKey) { return(String.Format( "{0}{1}", JWTTokenHelper.BearerTokenPrefix, JWTTokenHelper.GenerateAssertion(webToken, signingKey))); }
/// <summary> /// Initializes a new instance of the JsonWebToken class, initializes claims from raw values /// </summary> /// <param name="issuerPrincipalId">Service principal id of the issuer.</param> /// <param name="tenantRealm">Realm or context id of the tenant.</param> /// <param name="audienceHostName">Audience host name.</param> /// <param name="audiencePrincipalId">Principal id of the protected resource.</param> /// <param name="nbfTime">DateTime of the NotBefore claim.</param> /// <param name="validityInSeconds">Validity of the token in seconds.</param> public JsonWebToken( string issuerPrincipalId, string tenantRealm, string audienceHostName, string audiencePrincipalId, DateTime nbfTime, long validityInSeconds) : this() { this.Issuer = JWTTokenHelper.GetFormattedPrincipal(issuerPrincipalId, string.Empty, tenantRealm); this.Audience = JWTTokenHelper.GetFormattedPrincipal(audiencePrincipalId, audienceHostName, tenantRealm); this.NotBeforeDateTime = nbfTime; this.ExpirationDateTime = DateTime.Now.ToUniversalTime().AddSeconds(validityInSeconds); }
/// <summary> /// Generates a JWT token for the given tenant, scope /// </summary> /// <param name="issuerPrincipalId">Issuer App principal id.</param> /// <param name="tenantRealm">Tenant context id.</param> /// <param name="audienceHostName">Service host name</param> /// <param name="audiencePrincipalId">Principal id of the protected resource or audience</param> /// <param name="nbfTime">Not valid before time.</param> /// <param name="validityInSeconds">Token validity duration.</param> /// <returns>A JWT token initialized with the basic claims.</returns> public static JsonWebToken GenerateSelfSignedToken( string issuerPrincipalId, string tenantRealm, string audienceHostName, string audiencePrincipalId, DateTime nbfTime, long validityInSeconds) { string issuer = JWTTokenHelper.GetFormattedPrincipal(issuerPrincipalId, string.Empty, tenantRealm); string audience = JWTTokenHelper.GetFormattedPrincipal(audiencePrincipalId, audienceHostName, tenantRealm); DateTime expirationTime = DateTime.Now.ToUniversalTime().AddSeconds(validityInSeconds); return(new JsonWebToken(issuer, audience, nbfTime, expirationTime)); }
/// <summary> /// Generate access token with a symmetric signing key. /// </summary> /// <param name="webToken">JSON web token.</param> /// <param name="signingKey">Symmetric signing key.</param> /// <returns>Self signed assertion.</returns> public static string GenerateAssertion(JsonWebToken webToken, string signingKey) { TokenHeader tokenHeaderContract = new TokenHeader("HS256", String.Empty); string tokenHeader = Base64Utils.Encode(tokenHeaderContract.EncodeToJson()); string tokenBody = Base64Utils.Encode(webToken.EncodeToJson()); string rawToken = string.Format("{0}.{1}", tokenHeader, tokenBody); string signature = Base64Utils.Encode(JWTTokenHelper.SignData(signingKey, rawToken)); string accessToken = string.Format( "{0}.{1}", rawToken, signature); return(accessToken); }
/// <summary> /// Generates a self-signed assertion. /// </summary> /// <param name="webToken">Json web token.</param> /// <param name="signingCert">Signing certificate.</param> /// <returns>Self signed assertion.</returns> public static string GenerateAssertion( JsonWebToken webToken, X509Certificate2 signingCert) { string encodedHash = Base64Utils.Encode(signingCert.GetCertHash()); TokenHeader tokenHeaderContract = new TokenHeader("RS256", encodedHash); string tokenHeader = Base64Utils.Encode(tokenHeaderContract.EncodeToJson()); string tokenBody = Base64Utils.Encode(webToken.EncodeToJson()); string rawToken = string.Format("{0}.{1}", tokenHeader, tokenBody); string hash = Base64Utils.Encode(JWTTokenHelper.SignData(signingCert, rawToken)); string accessToken = string.Format( "{0}.{1}", rawToken, hash); return(accessToken); }