2using System.Collections.Generic;
3using System.Diagnostics.CodeAnalysis;
4using System.Globalization;
5using System.IdentityModel.Tokens.Jwt;
7using System.Security.Claims;
9using Microsoft.Extensions.Options;
10using Microsoft.IdentityModel.Tokens;
33 signingKey =
new SymmetricSecurityKey(value.ToArray());
35 new SigningCredentials(
37 SecurityAlgorithms.HmacSha256));
72 ArgumentNullException.ThrowIfNull(cryptographySuite);
73 ArgumentNullException.ThrowIfNull(assemblyInformationProvider);
83 ValidateIssuerSigningKey =
true,
84 IssuerSigningKeyResolver = (_, _, _, _) => Enumerable.Repeat(
signingKey, 1),
86 ValidateIssuer =
true,
87 ValidIssuer = assemblyInformationProvider.
AssemblyName.Name,
89 ValidateLifetime =
true,
90 ValidateAudience =
true,
91 ValidAudience = typeof(
TokenResponse).Assembly.GetName().Name,
95 RequireSignedTokens =
true,
97 RequireExpirationTime =
true,
106 ArgumentNullException.ThrowIfNull(user);
108 var uid = user.Require(x => x.Id);
109 var now = DateTimeOffset.UtcNow;
110 var nowUnix = now.ToUnixTimeSeconds();
118 DateTimeOffset notBefore;
119 if (nowUnix == userLastPassworUpdateUnix)
120 notBefore = now.AddSeconds(1);
124 var expiry = now.AddMinutes(serviceLogin
128 var securityToken =
new JwtSecurityToken(
133 Enumerable.Empty<Claim>(),
134 new Dictionary<string, object>
136 { JwtRegisteredClaimNames.Sub, uid.ToString(CultureInfo.InvariantCulture) },
138 notBefore.UtcDateTime,
142 var tokenResponse =
tokenHandler.WriteToken(securityToken);
144 return tokenResponse;
Represents a JWT returned by the API.
DateTimeOffset? LastPasswordUpdate
When PasswordHash was last changed.
SymmetricSecurityKey signingKey
Backing field for SigningKeyBytes.
TokenValidationParameters ValidationParameters
The TokenValidationParameters for the ITokenFactory.
ReadOnlySpan< byte > SigningKeyBytes
Gets or sets the ITokenFactory's signing key bytes.
readonly JwtSecurityTokenHandler tokenHandler
The JwtSecurityTokenHandler used to generate TokenResponse.Bearer strings.
string CreateToken(User user, bool serviceLogin)
Create a TokenResponse for a given user .A new token string.
TokenFactory(ICryptographySuite cryptographySuite, IAssemblyInformationProvider assemblyInformationProvider, IOptions< SecurityConfiguration > securityConfigurationOptions)
Initializes a new instance of the TokenFactory class.
readonly IOptions< SecurityConfiguration > securityConfigurationOptions
The IOptions<TOptions> of SecurityConfiguration for the TokenFactory.
JwtHeader tokenHeader
The JwtHeader for generating tokens.
Contains various cryptographic functions.
byte[] GetSecureBytes(uint amount)
Generates a secure set of bytes.
For creating TokenResponses.