using System; using System.IdentityModel.Tokens; using System.Security.Claims; namespace iiie.Authentication.Business.JWT { /// /// Token creation class /// public static class TokenManager { /// /// Create signing credentials to sign the token /// /// The credentials private static SigningCredentials CreateSigningCredentials() { string symmetricKey = AuthProvider.GetCredentialKey(); byte[] keybytes = Convert.FromBase64String(symmetricKey); SecurityKey securityKey = new InMemorySymmetricSecurityKey(keybytes); SigningCredentials signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest); return signingCredentials; } /// /// Create a JWT token /// /// The user /// The user salt /// The token public static string GetToken(string user, string salt) { var stringValidator = AuthProvider.GetValidatorString(); JwtSecurityToken jst = new JwtSecurityToken("urn:" + stringValidator, stringValidator, new [] { new Claim(ClaimTypes.Name, user), new Claim(ClaimTypes.Authentication, salt) }, null, DateTime.Now.AddDays(1), CreateSigningCredentials()); JwtSecurityTokenHandler jh = new JwtSecurityTokenHandler(); return jh.WriteToken(jst); } } }