TokenManager.cs 3.2KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. using System;
  2. using System.Configuration;
  3. using System.IdentityModel.Tokens;
  4. using System.Security.Claims;
  5. using System.ServiceModel.Security.Tokens;
  6. namespace iiie.Authentication.Business.JWT
  7. {
  8. /// <summary>
  9. /// Token creation class
  10. /// </summary>
  11. public static class TokenManager
  12. {
  13. /// <summary>
  14. /// Create signing credentials to sign the token
  15. /// </summary>
  16. /// <returns>The credentials</returns>
  17. private static SigningCredentials CreateSigningCredentials()
  18. {
  19. string symmetricKey = ConfigurationManager.AppSettings["CredentialKey"];
  20. byte[] keybytes = Convert.FromBase64String(symmetricKey);
  21. SecurityKey securityKey = new InMemorySymmetricSecurityKey(keybytes);
  22. SigningCredentials signingCredentials =
  23. new SigningCredentials(securityKey,
  24. SecurityAlgorithms.HmacSha256Signature,
  25. SecurityAlgorithms.Sha256Digest);
  26. return signingCredentials;
  27. }
  28. /// <summary>
  29. /// Create a JWT token
  30. /// </summary>
  31. /// <param name="username">The user username</param>
  32. /// <param name="salt">The user salt</param>
  33. /// <returns>The token</returns>
  34. public static string GetToken(string username, string salt)
  35. {
  36. var stringValidator = ConfigurationManager.AppSettings["StringValidator"];
  37. JwtSecurityToken jst = new JwtSecurityToken("urn:" + stringValidator,
  38. stringValidator,
  39. new []
  40. {
  41. new Claim(ClaimTypes.Name, username),
  42. new Claim(ClaimTypes.Authentication, salt)
  43. }, null, DateTime.Now.AddDays(1),
  44. CreateSigningCredentials());
  45. JwtSecurityTokenHandler jh = new JwtSecurityTokenHandler();
  46. return jh.WriteToken(jst);
  47. }
  48. public static ClaimsPrincipal ParseToken(string token)
  49. {
  50. JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler
  51. {
  52. Configuration = new SecurityTokenHandlerConfiguration()
  53. {
  54. MaxClockSkew = new TimeSpan(0, 1, 0)
  55. }
  56. };
  57. var stringValidator = ConfigurationManager.AppSettings["StringValidator"];
  58. TokenValidationParameters validationParameters = new TokenValidationParameters()
  59. {
  60. RequireSignedTokens = true,
  61. RequireExpirationTime = true,
  62. ValidAudience = stringValidator,
  63. ValidateIssuerSigningKey = true,
  64. ValidIssuer = "urn:" + stringValidator,
  65. IssuerSigningToken = new BinarySecretSecurityToken(Convert.FromBase64String(ConfigurationManager.AppSettings["CredentialKey"]))
  66. };
  67. SecurityToken validateToken;
  68. return tokenHandler.ValidateToken(token, validationParameters, out validateToken);
  69. }
  70. }
  71. }