g4rFw5pg

· 8 years ago · Jan 18, 2018, 12:16 PM
1var tokenHandler = new JwtSecurityTokenHandler();
2        var now = DateTime.UtcNow;
3        var tokenDescriptor = new SecurityTokenDescriptor
4        {
5            Subject = new ClaimsIdentity(new[] {
6            new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String),
7            new Claim("LOA", user.LOA.ToString(), ClaimValueTypes.Integer),
8            new Claim("PartyId", user.PartyId.ToString(), ClaimValueTypes.Integer),
9            new Claim("LoginId", user.LoginId.ToString(), ClaimValueTypes.Integer),
10            new Claim("LOA2Pending", user.LoginId.ToString(), ClaimValueTypes.Boolean)
11        }),
12            Audience = referer.Audience,
13            Issuer = referer.Issuer,
14            Expires = now.AddMinutes(Convert.ToInt32(expireMinutes)),
15            SigningCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256Signature),
16            EncryptingCredentials = new EncryptingCredentials(securityKey, JwtConstants.DirectKeyUseAlg, SecurityAlgorithms.Aes128CbcHmacSha256)
17        };
18        var stoken = tokenHandler.CreateToken(tokenDescriptor);
19        var token = tokenHandler.WriteToken(stoken);
20        return token;
21    }
22	
23public static string GenerateToken(AuthenticationUser user, Referer referer, int expireMinutes = 20)
24    {
25
26        // Load .pfx for Signing - PRIVATE
27        string filepfx = Path.Combine(HttpRuntime.AppDomainAppPath, "certs\ImosCentralAuth.pfx");
28        var certificatePfx = new X509Certificate2(filepfx, "password", X509KeyStorageFlags.MachineKeySet);
29        var key = new X509SecurityKey(certificatePfx);
30
31        //var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(referer.ClientSigningSecret));
32        //var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(referer.ClientSecuritySecret));
33
34        var tokenHandler = new JwtSecurityTokenHandler();
35        var now = DateTime.UtcNow;
36        var tokenDescriptor = new SecurityTokenDescriptor
37        {
38            Subject = new ClaimsIdentity(new[] {
39            new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String),
40            new Claim("LOA", user.LOA.ToString(), ClaimValueTypes.Integer),
41            new Claim("PartyId", user.PartyId.ToString(), ClaimValueTypes.Integer),
42            new Claim("LoginId", user.LoginId.ToString(), ClaimValueTypes.Integer),
43            new Claim("LOA2Pending", user.LoginId.ToString(), ClaimValueTypes.Boolean)
44        }),
45            Audience = referer.Audience,
46            Issuer = referer.Issuer,
47            Expires = now.AddMinutes(Convert.ToInt32(expireMinutes)),
48            SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha512Signature),
49            EncryptingCredentials = new EncryptingCredentials(key as SecurityKey, SecurityAlgorithms.Aes128KW, SecurityAlgorithms.Aes128CbcHmacSha256)
50    };
51        var stoken = tokenHandler.CreateToken(tokenDescriptor);
52        var token = tokenHandler.WriteToken(stoken);
53        return token;
54    }