using Common.Models.DigitalSignature; using JsonWebToken; using Microsoft.Extensions.Logging; using SignatureAPI.Controllers; using System; using System.Configuration; using System.IO; namespace SignatureAPI { public class Utlis { private readonly ILogger _logger; private string publicKeyLocation {get;set;} private string privateKeyLocation { get; set; } public Utlis() { privateKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "keys\\Brac", "Jme_private_uat.pem"); publicKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "Keys\\Brac", "BBL_public.pem"); } public Utlis(ILogger logger) { _logger = logger; privateKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "keys\\Brac", "Jme_private_uat.pem"); publicKeyLocation = Path.Combine(Directory.GetCurrentDirectory(), "Keys\\Brac", "BBL_public.pem"); } //public static string MapPath(string path) //{ // return Path.Combine(AppDomain.CurrentDomain.BaseDirectory, // path); //} public static string ReadWebConfig(string key, string defVal) { try { return ConfigurationManager.AppSettings[key].ToString() == null ? defVal : ConfigurationManager.AppSettings[key].ToString(); } catch { return defVal; } } public JwtResponse CreateToken(string payload) { JwtResponse jwtResponse = new JwtResponse(); _logger.LogInformation(payload); try { // RSA key for signing string pem = File.ReadAllText(privateKeyLocation); var signatureKey = Jwk.FromPem(pem); // RSA key for encryption pem = File.ReadAllText(publicKeyLocation); var encryptionKey = Jwk.FromPem(pem); string issuer = "jme"; string subject = "api"; var now = DateTime.Now; var unixTimeSeconds = new DateTimeOffset(now).ToUnixTimeSeconds(); var jws = new JwsDescriptor() { SigningKey = signatureKey, Algorithm = SignatureAlgorithm.RsaSha256, ExpirationTime = now.AddMinutes(1440), IssuedAt = now, Issuer = issuer, NotBefore = DateTime.Now, Subject = subject, Payload = new JwtObject() }; jws.Payload.Add("Payload", payload); jws.AddClaim("iss", issuer); // Creates a JWE descriptor with all its properties var descriptor = new JweDescriptor() { EncryptionKey = encryptionKey, EncryptionAlgorithm = EncryptionAlgorithm.Aes256CbcHmacSha512, Algorithm = KeyManagementAlgorithm.RsaOaep256, Payload = jws }; // Generates the UTF-8 string representation of the JWT var writer = new JwtWriter(); var token = writer.WriteTokenString(descriptor); jwtResponse.Id = token; jwtResponse.Extra = unixTimeSeconds.ToString(); jwtResponse.ResponseCode = "0"; return jwtResponse; } catch (Exception ex) { _logger.LogError(ex.ToString()); jwtResponse.ResponseCode = "1"; jwtResponse.Msg = ex.ToString(); return jwtResponse; } } public JwtResponse ExtractPayloadFromToken(string token) { JwtResponse jwtResponse = new JwtResponse(); _logger.LogInformation(token); // string jwtResponse = string.Empty; try { // RSA key for verification string pem = File.ReadAllText(publicKeyLocation); var signatureKey = Jwk.FromPem(pem); // RSA key for decryption pem = File.ReadAllText(privateKeyLocation); var decryptionKey = Jwk.FromPem(pem); string issuer = "jme"; var policy = new TokenValidationPolicyBuilder() .RequireSignature(signatureKey, SignatureAlgorithm.RsaSha256) .Build(); var reader = new JwtReader(decryptionKey); var result = reader.TryReadToken(token, policy); if (result.Succedeed) { JwtProperty jwtProp = new JwtProperty(); var hasPayload = result.Token?.Payload?.TryGetValue("Payload", out jwtProp); if (hasPayload != null && hasPayload.Value) { jwtResponse.Data = jwtProp.Value; jwtResponse.Extra = token; jwtResponse.ResponseCode = "0"; } } return jwtResponse; } catch (Exception ex) { // write exception logs to database _logger.LogError(ex.ToString()); jwtResponse.ResponseCode = "1"; jwtResponse.Msg = ex.ToString(); return jwtResponse; } } } }