using DocuMed.Domain.Models.Settings; using Microsoft.Extensions.Options; using System.IdentityModel.Tokens.Jwt; using System.Text; namespace DocuMed.Core.BaseServices; public class JwtService( IOptionsSnapshot siteSettings, SignInManager userSignInManager, RoleManager roleManager) : IJwtService { private readonly SiteSettings _siteSettings = siteSettings.Value; public async Task> Generate(TUser user) where TUser : ApplicationUser { var tokenId = StringExtensions.GetId(8); var claims = await GetClaims(user, tokenId); return BaseGenerate(user, claims); } public async Task> Generate(TUser user) where TUser : ApplicationUser { var tokenId = StringExtensions.GetId(8); var claims = await GetClaims(user, tokenId); return BaseGenerate(user, claims); } private AccessToken BaseGenerate(TUser user, List claims) where TUser : ApplicationUser { var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey); var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey), SecurityAlgorithms.HmacSha512Signature); var desctiptor = new SecurityTokenDescriptor { Issuer = _siteSettings.JwtSettings.Issuer, Audience = _siteSettings.JwtSettings.Audience, IssuedAt = DateTime.Now, NotBefore = DateTime.Now, Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay), SigningCredentials = signingCredintial, Subject = new ClaimsIdentity(claims) }; var handler = new JwtSecurityTokenHandler(); var token = new AccessToken(handler.CreateJwtSecurityToken(desctiptor)); token.User = user; return token; } private AccessToken BaseGenerate(TUser user, List claims) where TUser : ApplicationUser { var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey); var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey), SecurityAlgorithms.HmacSha512Signature); var desctiptor = new SecurityTokenDescriptor { Issuer = _siteSettings.JwtSettings.Issuer, Audience = _siteSettings.JwtSettings.Audience, IssuedAt = DateTime.Now, NotBefore = DateTime.Now, Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay), SigningCredentials = signingCredintial, Subject = new ClaimsIdentity(claims) }; var handler = new JwtSecurityTokenHandler(); var token = new AccessToken(handler.CreateJwtSecurityToken(desctiptor)); token.User = user.Adapt(); return token; } private async Task> GetClaims(TUser baseUser, string jwtId) where TUser : ApplicationUser { var clFac = (await userSignInManager.ClaimsFactory.CreateAsync(baseUser)); var claims = new List(); claims.Add(new Claim("JwtID", jwtId)); claims.Add(new Claim(ClaimTypes.Name, baseUser.UserName)); claims.Add(new Claim(ClaimTypes.NameIdentifier, baseUser.Id.ToString())); if (baseUser.Email != null) claims.Add(new Claim(ClaimTypes.Email, baseUser.Email)); claims.Add(new Claim(ClaimTypes.Gender, baseUser.Gender == 0 ? "Female" : "Mail")); return claims; } private async Task> GetClaims(TUser baseUser, string jwtId, string roleId) where TUser : ApplicationUser { var applicationRole = await roleManager.FindByIdAsync(roleId); var roleClaims = await roleManager.GetClaimsAsync(applicationRole); var claims = new List(); claims.Add(new Claim(ClaimTypes.Name, baseUser.UserName)); claims.Add(new Claim(ClaimTypes.NameIdentifier, baseUser.Id.ToString())); claims.Add(new Claim(ClaimTypes.Role, applicationRole.EnglishName)); if (baseUser.Email != null) claims.Add(new Claim(ClaimTypes.Email, baseUser.Email)); claims.AddRange(roleClaims); claims.Add(new Claim("JwtID", jwtId)); claims.Add(new Claim(ClaimTypes.Gender, baseUser.Gender == 0 ? "Female" : "Mail")); return claims; } }