Last active
March 24, 2021 11:29
-
-
Save changhuixu/a89c9eed3ae5271396ab70ce2e72d36e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class JwtAuthManager : IJwtAuthManager | |
{ | |
public IImmutableDictionary<string, RefreshToken> UsersRefreshTokensReadOnlyDictionary => _usersRefreshTokens.ToImmutableDictionary(); | |
private readonly ConcurrentDictionary<string, RefreshToken> _usersRefreshTokens; // can store in a database or a distributed cache | |
private readonly JwtTokenConfig _jwtTokenConfig; | |
private readonly byte[] _secret; | |
public JwtAuthManager(JwtTokenConfig jwtTokenConfig) | |
{ | |
_jwtTokenConfig = jwtTokenConfig; | |
_usersRefreshTokens = new ConcurrentDictionary<string, RefreshToken>(); | |
_secret = Encoding.ASCII.GetBytes(jwtTokenConfig.Secret); | |
} | |
public JwtAuthResult GenerateTokens(string username, Claim[] claims, DateTime now) | |
{ | |
var shouldAddAudienceClaim = string.IsNullOrWhiteSpace(claims?.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.Aud)?.Value); | |
var jwtToken = new JwtSecurityToken( | |
_jwtTokenConfig.Issuer, | |
shouldAddAudienceClaim ? _jwtTokenConfig.Audience : string.Empty, | |
claims, | |
expires: now.AddMinutes(_jwtTokenConfig.AccessTokenExpiration), | |
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(_secret), SecurityAlgorithms.HmacSha256Signature)); | |
var accessToken = new JwtSecurityTokenHandler().WriteToken(jwtToken); | |
var refreshToken = new RefreshToken | |
{ | |
UserName = username, | |
TokenString = GenerateRefreshTokenString(), | |
ExpireAt = now.AddMinutes(_jwtTokenConfig.RefreshTokenExpiration) | |
}; | |
_usersRefreshTokens.AddOrUpdate(refreshToken.TokenString, refreshToken, (s, t) => refreshToken); | |
return new JwtAuthResult | |
{ | |
AccessToken = accessToken, | |
RefreshToken = refreshToken | |
}; | |
} | |
private static string GenerateRefreshTokenString() | |
{ | |
var randomNumber = new byte[32]; | |
using var randomNumberGenerator = RandomNumberGenerator.Create(); | |
randomNumberGenerator.GetBytes(randomNumber); | |
return Convert.ToBase64String(randomNumber); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment