Skip to content

Instantly share code, notes, and snippets.

@mrnkr

mrnkr/TokenService.cs

Created April 8, 2020 02:56
Show Gist options
  • Save mrnkr/3a369aed7268be9ca7f2d44e34c17343 to your computer and use it in GitHub Desktop.
Save mrnkr/3a369aed7268be9ca7f2d44e34c17343 to your computer and use it in GitHub Desktop.
Download ZIP
This is how I create jwt tokens in C#
Raw
TokenService.cs
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
namespace TwoDrive.Core
{
public class TokenService
{
private IConfiguration Config { get; }
public TokenService(IConfiguration config)
{
Config = config;
}
public string CreateTokenForUser(string uid)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, uid),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Config["Jwt:SigningKey"]));
var expiryInMinutes = Convert.ToInt32(Config["Jwt:ExpiryInMinutes"]);
var token = new JwtSecurityToken(
issuer: Config["Jwt:Site"],
audience: "access",
expires: DateTime.UtcNow.AddMinutes(expiryInMinutes),
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256Signature),
claims: claims
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
}
@mrnkr
Copy link
Author

mrnkr commented Apr 8, 2020

And this is how I validate them

using System.Text;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using TwoDrive.Core;
using TwoDrive.Persistence.UnitOfWork;

namespace TwoDrive.Api
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(options =>
            {
                options.SaveToken = false;
                options.RequireHttpsMetadata = true;
                options.TokenValidationParameters = new TokenValidationParameters()
                {
                    ValidateIssuer = true,
                    ValidateAudience = true,
                    ValidAudience = "access",
                    ValidIssuer = Configuration["Jwt:Site"],
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:SigningKey"]))
                };
            });
        }

        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            app.UseCustomExceptionHandlingMiddleware();
            
            if (!env.IsDevelopment())
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseCors();
            app.UseAuthentication();
            app.UseMvc();
        }
    }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment