Create JWT token from code

Questions
1

How can I create a JWT token for a user and work with [OnlyJwtAuthorization] from backend without the user calling /Litium/OAuth/token endpoint?

Litium version: 7.0

2

Can you explain your scenario? It is possible to create the JWT from code, it’s little depend on your scenario if that will work for you.

3

I have a controller that gets a socialSecurityNumber.
Using dataquery to get the user.
If we find the user I want to generate a login token that we sent back to the client side where it can use it to fetch more data using that token

4

I will not recommend this because of the security aspect that you with a single non secret input parameter will create a JWT that will identify you as that user.

Something like this should create your JWT for the user.

using System;
using System.Configuration;
using System.Linq;
using System.Web.Configuration;
using Litium.Customers;
using Litium.Data;
using Litium.Data.Queryable;
using Litium.Security;
using Litium.Web.Security.OAuth;
using Microsoft.Owin.Security;

namespace LoginTest
{
    public class TicketService
    {
        private readonly SecurityContextService _securityContextService;
        private readonly DataService _dataService;
        private readonly PersonService _personService;
        private readonly TimeSpan _ticketExpiration;

        public TicketService(
            SecurityContextService securityContextService,
            DataService dataService,
            PersonService personService)
        {
            _securityContextService = securityContextService;
            _dataService = dataService;
            _personService = personService;

            var stateSession = (SessionStateSection)ConfigurationManager.GetSection("system.web/sessionState");
            _ticketExpiration = stateSession.Timeout;
        }

        public string GetTicket(string socialSecurityNumber)
        {
            using var q = _dataService.CreateQuery<Person>()
                .Filter(f => f.Field("socialSecurityNumber", "eq", socialSecurityNumber))
                .Take(1);

            var personSystemId = q
                .ToSystemIdList()
                .FirstOrDefault();

            if (personSystemId == Guid.Empty)
            {
                return null;
            }

            var person = _personService.Get(personSystemId);
            if (person == null)
            {
                return null;
            }

            var identity = _securityContextService.CreateClaimsIdentity(person.LoginCredential.Username, person.SystemId);
            var properties = new AuthenticationProperties
            {
                IssuedUtc = DateTime.UtcNow,
                ExpiresUtc = DateTime.UtcNow.Add(_ticketExpiration)
            };

            var ticket = new AuthenticationTicket(identity, properties);
            return OAuthServiceExtensions.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
        }
    }
}

Note: This may not work in Litium 8

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.