Selector/Selector.Web/Auth/JwtTokenService.cs
2023-01-21 16:17:46 +00:00

61 lines
1.9 KiB
C#

using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using Selector.Model;
namespace Selector.Web.Auth;
public class JwtTokenService
{
private readonly UserManager<ApplicationUser> _userManager;
private readonly IOptions<JwtOptions> _options;
public JwtTokenService(UserManager<ApplicationUser> userManager, IOptions<JwtOptions> options)
{
_userManager = userManager;
_options = options;
}
public async Task<JwtSecurityToken> CreateJwtToken(ApplicationUser user)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = roles.Select(r => new Claim("roles", r));
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id),
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Name, user.UserName),
new Claim("uid", user.Id)
}
.Union(userClaims)
.Union(roleClaims);
var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.Value.Key));
var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256);
var jwtSecurityToken = new JwtSecurityToken(
issuer: _options.Value.Issuer,
audience: _options.Value.Audience,
claims: claims,
expires: DateTime.UtcNow.Add(_options.Value.Expiry),
signingCredentials: signingCredentials);
return jwtSecurityToken;
}
}