1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.AspNetCore.Identity;
using System.Text;
using System.Security.Claims;
using System.Security.Cryptography;
using BackendPIA.Models;
namespace BackendPIA.Services {
public class TokenGenerator : ITokenGenerator {
private readonly string _key;
public TokenGenerator(string key) {
_key = key;
}
public string Generate(UserAccount user, string role) {
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expiration = DateTime.UtcNow.AddMinutes(5);
//var issuer = _configuration["Jwt:Issuer"];
var claims = new List<Claim> {
new Claim("sid", user.Id),
new Claim("username", user.UserName),
new Claim("email", user.Email),
new Claim(ClaimTypes.Role, role)
};
var descriptor = new JwtSecurityToken(issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds);
return new JwtSecurityTokenHandler().WriteToken(descriptor);
}
public string GenerateRefreshToken() {
byte[] random_number = new byte[16];
RandomNumberGenerator rng = RandomNumberGenerator.Create();
rng.GetBytes(random_number);
return Convert.ToBase64String(random_number);
}
public string? GetPrincipalFromToken(string token) {
var tokenValidationParameters = new TokenValidationParameters {
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_key)),
ValidateLifetime = false
};
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken security_token;
var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out security_token);
var jwtSecurityToken = security_token as JwtSecurityToken;
if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
return null;
var jwt = tokenHandler.ReadJwtToken(token);
return jwt.Claims.Where(c => c.Type == "email").First().Value;
}
}
}
|