GetClaim added to JwtUtility

VahidFarahmandian · Sep 28, 2023 · 80affce · 80affce
1 parent 5d04247
commit 80affce
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 17 deletions.
diff --git a/01-Core/Jinget.Core/Types/JwtModel.cs b/01-Core/Jinget.Core/Types/JwtModel.cs
@@ -1,9 +1,12 @@
-namespace Jinget.Core.Types
+using System;
+
+namespace Jinget.Core.Types
 {
     public class JwtModel
     {
         public string SecretKey { get; set; }
         public string Issuer { get; set; }
         public string Audience { get; set; }
+        public DateTime NotBefore { get; set; } = DateTime.Now;
     }
 }
diff --git a/01-Core/Jinget.Core/Utilities/JwtUtility.cs b/01-Core/Jinget.Core/Utilities/JwtUtility.cs
@@ -13,7 +13,7 @@ namespace Jinget.Core.Utilities
 {
     public class JwtUtility
     {
-        public static JwtSecurityToken Read(string token, string scheme = "Bearer")
+        public static JwtSecurityToken? Read(string token, string scheme = "Bearer")
         {
             try
             {
@@ -34,8 +34,8 @@ public static JwtSecurityToken Read(string token, string scheme = "Bearer")
         /// <param name="validissuer">Expected issuer. It is expected that token was issued for this issuer</param>
         /// <param name="minuteOffset">The given token is valid if it is valid for the next <paramref name="minuteOffset" /> minute(s)</param>
         public static async Task<bool> IsValidAsync(string token,
-            IEnumerable<string> validAudiences = null,
-            string validissuer = null,
+            IEnumerable<string>? validAudiences = null,
+            string? validissuer = null,
             int minuteOffset = 5)
         {
             var result = await new JwtSecurityTokenHandler().ValidateTokenAsync(token, new TokenValidationParameters()
@@ -54,7 +54,7 @@ public static async Task<bool> IsValidAsync(string token,
 
                 ValidateAudience = true,
                 ValidAudiences = validAudiences,
-                AudienceValidator = (IEnumerable<string> audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) =>
+                AudienceValidator = (IEnumerable<string>? audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) =>
                 {
                     if (validAudiences != null && validAudiences.Any())
                     {
@@ -89,16 +89,30 @@ public static async Task<bool> IsValidAsync(string token,
         }
 
         /// <summary>
-        /// Create a new JWT token
+        /// get given claim info stored inside the given token
         /// </summary>
-        public static string Generate(string username, string[] roles, JwtModel options, int expirationInMinute = 15)
+        /// <returns></returns>
+        public static IEnumerable<Claim>? GetClaim(string token, string claim)
         {
-            if (string.IsNullOrWhiteSpace(options.SecretKey) || options.SecretKey.Length < 32)
+            try
             {
-                throw new Exception("key should be a string with at least 32 chars");
+                var info = Read(token);
+                if (info != null)
+                    return info.Claims.Where(x => x.Type == claim);
+                else
+                    return null;
+            }
+            catch
+            {
+                return null;
             }
-            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(options.SecretKey));
-            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+        }
+
+        /// <summary>
+        /// Create a new JWT token
+        /// </summary>
+        public static string Generate(string username, string[] roles, JwtModel options, int expirationInMinute = 15)
+        {
             var claims = new List<Claim>
             {
                 new Claim(ClaimTypes.NameIdentifier,username),
@@ -107,12 +121,27 @@ public static string Generate(string username, string[] roles, JwtModel options,
             {
                 claims.Add(new Claim(ClaimTypes.Role, item));
             }
-            var token = new JwtSecurityToken(options.Issuer,
+            return Generate(claims, options, expirationInMinute);
+        }
+
+        /// <summary>
+        /// Create a new JWT token
+        /// </summary>
+        public static string Generate(IEnumerable<Claim> claims, JwtModel options, int expirationInMinute = 15)
+        {
+            if (string.IsNullOrWhiteSpace(options.SecretKey) || options.SecretKey.Length < 32)
+            {
+                throw new Exception("key should be a string with at least 32 chars");
+            }
+            var token = new JwtSecurityToken(
+                options.Issuer,
                 options.Audience,
                 claims,
-                expires: DateTime.Now.AddMinutes(expirationInMinute),
-                signingCredentials: credentials);
-
+                options.NotBefore,
+                DateTime.Now.AddMinutes(expirationInMinute),
+                new SigningCredentials(
+                    new SymmetricSecurityKey(Encoding.UTF8.GetBytes(options.SecretKey)),
+                    SecurityAlgorithms.HmacSha256));
 
             return new JwtSecurityTokenHandler().WriteToken(token);
         }

diff --git a/Tests/Jinget.Core.Tests/Utilities/JwtUtilityTests.cs b/Tests/Jinget.Core.Tests/Utilities/JwtUtilityTests.cs
@@ -1,7 +1,7 @@
-using Jinget.Core.Utilities;
-using Microsoft.IdentityModel.Tokens;
+using Microsoft.IdentityModel.Tokens;
 using Microsoft.VisualStudio.TestTools.UnitTesting;
 using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
@@ -57,5 +57,15 @@ public void should_create_a_valid_jwt_token()
             Assert.AreEqual(tokenInfo.Claims.First(x => x.Type == ClaimTypes.NameIdentifier).Value, "vahid");
             Assert.AreEqual(tokenInfo.Claims.First(x => x.Type == ClaimTypes.Role).Value, "role1,role2");
         }
+
+        [TestMethod()]
+        public void should_return_specific_claim_from_token()
+        {
+            string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaXNzIjoiSmluZ2V0IiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjIwMTYyMzkwMjIsImF1ZCI6IkppbmdldC5UZXN0In0.e-GVmjCsuP6sv7csybQZbVp5HenQ1UT5AhzafYSlMFU";
+            string expectedResult = "1234567890";
+            var result = JwtUtility.GetClaim(token, JwtRegisteredClaimNames.Sub);
+
+            Assert.AreEqual(expectedResult, result.First().Value);
+        }
     }
 }