|
|
using Common.Models.DigitalSignature; using JsonWebToken; using Microsoft.Extensions.Logging; using SignatureAPI.Controllers; using System; using System.Configuration; using System.IO;
namespace SignatureAPI { public class Utlis {
private readonly ILogger<BracController> _logger; private string publicKeyLocation {get;set;} private string privateKeyLocation { get; set; }
public Utlis() { privateKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "keys\\Brac", "Jme_private_uat.pem"); publicKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "Keys\\Brac", "BBL_public.pem"); } public Utlis(ILogger<BracController> logger) { _logger = logger; privateKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "keys\\Brac", "Jme_private_uat.pem"); publicKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "Keys\\Brac", "BBL_public.pem");
}
//public static string MapPath(string path)
//{
// return Path.Combine(AppDomain.CurrentDomain.BaseDirectory,
// path);
//}
public static string ReadWebConfig(string key, string defVal) { try { return ConfigurationManager.AppSettings[key].ToString() == null ? defVal : ConfigurationManager.AppSettings[key].ToString(); } catch { return defVal; } }
public JwtResponse CreateToken(string payload) { JwtResponse jwtResponse = new JwtResponse();
_logger.LogInformation(payload); try { // RSA key for signing
string pem = File.ReadAllText(privateKeyLocation); var signatureKey = Jwk.FromPem(pem);
// RSA key for encryption
pem = File.ReadAllText(publicKeyLocation); var encryptionKey = Jwk.FromPem(pem);
string issuer = "jme"; string subject = "api";
var now = DateTime.Now; var unixTimeSeconds = new DateTimeOffset(now).ToUnixTimeSeconds();
var jws = new JwsDescriptor() { SigningKey = signatureKey, Algorithm = SignatureAlgorithm.RsaSha256, ExpirationTime = now.AddMinutes(1440), IssuedAt = now, Issuer = issuer, NotBefore = DateTime.Now, Subject = subject, Payload = new JwtObject() }; jws.Payload.Add("Payload", payload); jws.AddClaim("iss", issuer);
// Creates a JWE descriptor with all its properties
var descriptor = new JweDescriptor<JwsDescriptor>() { EncryptionKey = encryptionKey, EncryptionAlgorithm = EncryptionAlgorithm.Aes256CbcHmacSha512, Algorithm = KeyManagementAlgorithm.RsaOaep256, Payload = jws };
// Generates the UTF-8 string representation of the JWT
var writer = new JwtWriter(); var token = writer.WriteTokenString(descriptor);
jwtResponse.Id = token; jwtResponse.Extra = unixTimeSeconds.ToString(); jwtResponse.ResponseCode = "0"; return jwtResponse; } catch (Exception ex) { _logger.LogError(ex.ToString());
jwtResponse.ResponseCode = "1"; jwtResponse.Msg = ex.ToString(); return jwtResponse; } }
public JwtResponse ExtractPayloadFromToken(string token) { JwtResponse jwtResponse = new JwtResponse(); _logger.LogInformation(token); // string jwtResponse = string.Empty;
try { // RSA key for verification
string pem = File.ReadAllText(publicKeyLocation); var signatureKey = Jwk.FromPem(pem);
// RSA key for decryption
pem = File.ReadAllText(privateKeyLocation); var decryptionKey = Jwk.FromPem(pem);
string issuer = "jme";
var policy = new TokenValidationPolicyBuilder() .RequireSignature(signatureKey, SignatureAlgorithm.RsaSha256) .Build();
var reader = new JwtReader(decryptionKey); var result = reader.TryReadToken(token, policy); if (result.Succedeed) { JwtProperty jwtProp = new JwtProperty(); var hasPayload = result.Token?.Payload?.TryGetValue("Payload", out jwtProp);
if (hasPayload != null && hasPayload.Value) { jwtResponse.Data = jwtProp.Value; jwtResponse.Extra = token; jwtResponse.ResponseCode = "0"; } } return jwtResponse; } catch (Exception ex) { // write exception logs to database
_logger.LogError(ex.ToString()); jwtResponse.ResponseCode = "1"; jwtResponse.Msg = ex.ToString(); return jwtResponse; } } } }
|