JWTTokenHelper

 

using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Text;

 

public class TokenHelper
{
public const string _issuer = "ABC;
public const string _audience = "123";
public const string SecurityKey = "1234567890abcdefghijklm-1234567890abcdefghijklm";
public const string Header = "Authorization";

public const string Algorithm = SecurityAlgorithms.EcdsaSha256;

public const string PrivateKey = "RUNTMiAAAAB+19CWQAZPstZeIs2ePJzq5Rz3QyUREuMKu5z1GafhtZth+ZkzBvU+EgK6yxWkD3FRQtLKV1p36NAEB0s88Dku6RSsa1Yj0vIPtdMbQ9dOkFluDTt7T0Vs0glC8TPxri8=";
public const string Publickey = "RUNTMSAAAAB+19CWQAZPstZeIs2ePJzq5Rz3QyUREuMKu5z1GafhtZth+ZkzBvU+EgK6yxWkD3FRQtLKV1p36NAEB0s88Dku";

public static Dictionary<ECCurve, string> Curves = new Dictionary<ECCurve, string>
{
{ ECCurve.NamedCurves.nistP256, "ES256" },
{ ECCurve.NamedCurves.nistP384, "ES384" },
{ ECCurve.NamedCurves.nistP521, "ES512" }
};
private static (string privateKey, string publicKey) CreateKey(ECCurve curve)
{
var ecdsa = new ECDsaCng();
ecdsa.GenerateKey(curve);

byte[] privateKeyByte = ecdsa.Key.Export(CngKeyBlobFormat.EccPrivateBlob);
string privateKey = Convert.ToBase64String(privateKeyByte);

byte[] publicKeyByte = ecdsa.Key.Export(CngKeyBlobFormat.EccPublicBlob);
string publicKey = Convert.ToBase64String(publicKeyByte);

return (privateKey, publicKey);
}
public static bool ValidateTokenAsync(string token, string key)
{
var tokenHandler = new JwtSecurityTokenHandler();
byte[] privateKeyBytes = Convert.FromBase64String(key);
var cngKey = CngKey.Import(privateKeyBytes, CngKeyBlobFormat.EccPublicBlob);
ECDsaCng ecdsa = new ECDsaCng(cngKey);
var signingKey = new ECDsaSecurityKey(ecdsa);
var validationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,

ValidateIssuer = true,
ValidIssuer = _issuer,

ValidateAudience = true,
ValidAudience = _audience,

ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};

try
{
var principal = tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
var jwtPayload = ((JwtSecurityToken)validatedToken).Payload.SerializeToJson();
return validatedToken is JwtSecurityToken;
}
catch
{
return false;
}
}

public static string CreateJwtToken(string securityKey, string algorithm)
{
var tokenHandler = new JwtSecurityTokenHandler();

byte[] privateKeyBytes = Convert.FromBase64String(securityKey);
var cngKey = CngKey.Import(privateKeyBytes, CngKeyBlobFormat.EccPrivateBlob);
ECDsaCng ecdsa = new ECDsaCng(cngKey);

var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = _issuer,
Audience = _audience,
SigningCredentials = new SigningCredentials(new ECDsaSecurityKey(ecdsa), algorithm),
Claims = new Dictionary<string, object> { { "Domain", "MIKFS" }, { "UserName", "Kyin" } },
Expires = DateTime.UtcNow.AddDays(1),
};

var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}

public static bool ValidateTokenAsync(string token, string issuer, string audience, string securityKey)
{
var tokenHandler = new JwtSecurityTokenHandler();
var keyBytes = Encoding.ASCII.GetBytes(securityKey);
var signingKey = new SymmetricSecurityKey(keyBytes);
var validationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,

ValidateIssuer = true,
ValidIssuer = issuer,

ValidateAudience = true,
ValidAudience = audience,

ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};

try
{
var principal = tokenHandler.ValidateToken(token, validationParameters, out var validatedToken);
return validatedToken is JwtSecurityToken;
}
catch
{
return false;
}
}

public static string CreateJwtToken(string issuer, string audience, string securityKey)
{
var tokenHandler = new JwtSecurityTokenHandler();
var keyBytes = Encoding.ASCII.GetBytes(securityKey);
var key = new SymmetricSecurityKey(keyBytes);

var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = issuer,
Audience = audience,
SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256),
Claims = new Dictionary<string, object> { { "Domain", "ABC" }, { "UserName", "Kyin" } },
Expires = DateTime.UtcNow.AddDays(1),
};

var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
}