TimetableDesigner/TimetableDesigner.Backend.Services.Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

auth token endpoint finished

Browse Source
This commit is contained in:
Mateusz Skoczek
2026-02-06 00:10:00 +01:00
Unverified
parent c5823dc6fc
commit 81455ab636
7 changed files with 49 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
TimetableDesigner.Backend.Services.Authentication.Core/Helpers/TokenHelper.cs Normal file
View File

@@ -0,0 +1,96 @@
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using TimetableDesigner.Backend.Services.Authentication.Database;
using TimetableDesigner.Backend.Services.Authentication.Database.Model;
using JwtRegisteredClaimNames = Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames;
namespace TimetableDesigner.Backend.Services.Authentication.Core.Helpers;
public class TokenHelper : ITokenHelper
{
private readonly IConfiguration _configuration;
public TokenHelper(IConfiguration configuration)
{
_configuration = configuration;
}
public string GenerateAccessToken(long accountId)
{
IConfigurationSection accessTokenSettings = _configuration.GetSection("Tokens")
.GetSection("AccessToken");
int lifetime = accessTokenSettings.GetSection("Lifetime")
.GetValue<int>("Normal");
DateTimeOffset expirationDate = DateTimeOffset.UtcNow.AddMinutes(lifetime);
string stringKey = accessTokenSettings.GetValue<string>("Key")!;
byte[] encodedKey = Encoding.UTF8.GetBytes(stringKey);
SymmetricSecurityKey key = new SymmetricSecurityKey(encodedKey);
string algorithm = accessTokenSettings.GetValue<string>("Algorithm")!;
SecurityTokenDescriptor descriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(
[
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Sub, accountId.ToString()),
new Claim(JwtRegisteredClaimNames.Exp, expirationDate.UtcTicks.ToString())
]),
Issuer = accessTokenSettings.GetValue<string>("Issuer"),
Audience = accessTokenSettings.GetValue<string>("Audience"),
SigningCredentials = new SigningCredentials(key, algorithm),
Expires = expirationDate.UtcDateTime,
};
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
handler.InboundClaimTypeMap.Clear();
SecurityToken token = handler.CreateToken(descriptor);
return handler.WriteToken(token);
}
public bool ValidateExpiredAccessToken(string accessToken)
{
IConfigurationSection accessTokenSettings = _configuration.GetSection("Tokens")
.GetSection("AccessToken");
string stringKey = accessTokenSettings.GetValue<string>("Key")!;
byte[] encodedKey = Encoding.UTF8.GetBytes(stringKey);
SymmetricSecurityKey key = new SymmetricSecurityKey(encodedKey);
string algorithm = accessTokenSettings.GetValue<string>("Algorithm")!;
TokenValidationParameters tokenValidation = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateLifetime = false,
ValidIssuer = accessTokenSettings.GetValue<string>("Issuer"),
ValidAudience = accessTokenSettings.GetValue<string>("Audience"),
IssuerSigningKey = key,
ClockSkew = TimeSpan.FromMinutes(1),
};
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
tokenHandler.ValidateToken(accessToken, tokenValidation, out SecurityToken validatedToken);
JwtSecurityToken? jwtSecurityToken = validatedToken as JwtSecurityToken;
return jwtSecurityToken is not null && jwtSecurityToken.Header.Alg.Equals(algorithm, StringComparison.InvariantCultureIgnoreCase);
}
public DateTimeOffset CalculateRefreshTokenExpirationDate(bool isExtendable = true)
{
string lifetimeSection = isExtendable ? "Extended" : "Normal";
int lifetime = _configuration.GetSection("Tokens")
.GetSection("RefreshToken")
.GetSection("Lifetime")
.GetValue<int>(lifetimeSection);
return DateTimeOffset.UtcNow.AddMinutes(lifetime);
}
}