changhuixu/JwtAuthManager.cs

## JwtAuthManager.cs
public class JwtAuthManager : IJwtAuthManager
{
    public IImmutableDictionary<string, RefreshToken> UsersRefreshTokensReadOnlyDictionary => _usersRefreshTokens.ToImmutableDictionary();
    private readonly ConcurrentDictionary<string, RefreshToken> _usersRefreshTokens;  // can store in a database or a distributed cache
    private readonly JwtTokenConfig _jwtTokenConfig;
    private readonly byte[] _secret;

    public JwtAuthManager(JwtTokenConfig jwtTokenConfig)
    {
        _jwtTokenConfig = jwtTokenConfig;
        _usersRefreshTokens = new ConcurrentDictionary<string, RefreshToken>();
        _secret = Encoding.ASCII.GetBytes(jwtTokenConfig.Secret);
    }

    public JwtAuthResult GenerateTokens(string username, Claim[] claims, DateTime now)
    {
        var shouldAddAudienceClaim = string.IsNullOrWhiteSpace(claims?.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.Aud)?.Value);
        var jwtToken = new JwtSecurityToken(
            _jwtTokenConfig.Issuer,
            shouldAddAudienceClaim ? _jwtTokenConfig.Audience : string.Empty,
            claims,
            expires: now.AddMinutes(_jwtTokenConfig.AccessTokenExpiration),
            signingCredentials: new SigningCredentials(new SymmetricSecurityKey(_secret), SecurityAlgorithms.HmacSha256Signature));
        var accessToken = new JwtSecurityTokenHandler().WriteToken(jwtToken);

        var refreshToken = new RefreshToken
        {
            UserName = username,
            TokenString = GenerateRefreshTokenString(),
            ExpireAt = now.AddMinutes(_jwtTokenConfig.RefreshTokenExpiration)
        };
        _usersRefreshTokens.AddOrUpdate(refreshToken.TokenString, refreshToken, (s, t) => refreshToken);

        return new JwtAuthResult
        {
            AccessToken = accessToken,
            RefreshToken = refreshToken
        };
    }

    private static string GenerateRefreshTokenString()
    {
        var randomNumber = new byte[32];
        using var randomNumberGenerator = RandomNumberGenerator.Create();
        randomNumberGenerator.GetBytes(randomNumber);
        return Convert.ToBase64String(randomNumber);
    }
}
	public class JwtAuthManager : IJwtAuthManager
	{
	public IImmutableDictionary<string, RefreshToken> UsersRefreshTokensReadOnlyDictionary => _usersRefreshTokens.ToImmutableDictionary();
	private readonly ConcurrentDictionary<string, RefreshToken> _usersRefreshTokens; // can store in a database or a distributed cache
	private readonly JwtTokenConfig _jwtTokenConfig;
	private readonly byte[] _secret;

	public JwtAuthManager(JwtTokenConfig jwtTokenConfig)
	{
	_jwtTokenConfig = jwtTokenConfig;
	_usersRefreshTokens = new ConcurrentDictionary<string, RefreshToken>();
	_secret = Encoding.ASCII.GetBytes(jwtTokenConfig.Secret);
	}

	public JwtAuthResult GenerateTokens(string username, Claim[] claims, DateTime now)
	{
	var shouldAddAudienceClaim = string.IsNullOrWhiteSpace(claims?.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.Aud)?.Value);
	var jwtToken = new JwtSecurityToken(
	_jwtTokenConfig.Issuer,
	shouldAddAudienceClaim ? _jwtTokenConfig.Audience : string.Empty,
	claims,
	expires: now.AddMinutes(_jwtTokenConfig.AccessTokenExpiration),
	signingCredentials: new SigningCredentials(new SymmetricSecurityKey(_secret), SecurityAlgorithms.HmacSha256Signature));
	var accessToken = new JwtSecurityTokenHandler().WriteToken(jwtToken);

	var refreshToken = new RefreshToken
	{
	UserName = username,
	TokenString = GenerateRefreshTokenString(),
	ExpireAt = now.AddMinutes(_jwtTokenConfig.RefreshTokenExpiration)
	};
	_usersRefreshTokens.AddOrUpdate(refreshToken.TokenString, refreshToken, (s, t) => refreshToken);

	return new JwtAuthResult
	{
	AccessToken = accessToken,
	RefreshToken = refreshToken
	};
	}

	private static string GenerateRefreshTokenString()
	{
	var randomNumber = new byte[32];
	using var randomNumberGenerator = RandomNumberGenerator.Create();
	randomNumberGenerator.GetBytes(randomNumber);
	return Convert.ToBase64String(randomNumber);
	}
	}