Api-PWA/DocuMed.Core/BaseServices/JwtService.cs

using DocuMed.Domain.Models.Settings;
using Microsoft.Extensions.Options;
using System.IdentityModel.Tokens.Jwt;
using System.Text;

namespace DocuMed.Core.BaseServices;

public class JwtService(
    IOptionsSnapshot<SiteSettings> siteSettings,
    SignInManager<ApplicationUser> userSignInManager,
    RoleManager<ApplicationRole> roleManager)
    : IJwtService
{
    private readonly SiteSettings _siteSettings = siteSettings.Value;

    public async Task<AccessToken<TUser>> Generate<TUser>(TUser user) where TUser : ApplicationUser
    {
        var tokenId = StringExtensions.GetId(8);
        var claims = await GetClaims(user, tokenId);
        return BaseGenerate(user, claims);

    }

    public async Task<AccessToken<TUserDto>> Generate<TUserDto, TUser>(TUser user) where TUser : ApplicationUser
    {
        var tokenId = StringExtensions.GetId(8);
        var claims = await GetClaims(user, tokenId);
        return BaseGenerate<TUserDto, TUser>(user, claims);
    }




    private AccessToken<TUser> BaseGenerate<TUser>(TUser user, List<Claim> claims) where TUser : ApplicationUser
    {
        var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey);
        var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey), SecurityAlgorithms.HmacSha512Signature);

        var desctiptor = new SecurityTokenDescriptor
        {
            Issuer = _siteSettings.JwtSettings.Issuer,
            Audience = _siteSettings.JwtSettings.Audience,
            IssuedAt = DateTime.Now,
            NotBefore = DateTime.Now,
            Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay),
            SigningCredentials = signingCredintial,
            Subject = new ClaimsIdentity(claims)
        };
        var handler = new JwtSecurityTokenHandler();
        var token = new AccessToken<TUser>(handler.CreateJwtSecurityToken(desctiptor));
        token.User = user;
        return token;
    }
    private AccessToken<TUserDto> BaseGenerate<TUserDto, TUser>(TUser user, List<Claim> claims) where TUser : ApplicationUser
    {
        var secretKey = Encoding.UTF8.GetBytes(_siteSettings.JwtSettings.SecretKey);
        var signingCredintial = new SigningCredentials(new SymmetricSecurityKey(secretKey), SecurityAlgorithms.HmacSha512Signature);

        var desctiptor = new SecurityTokenDescriptor
        {
            Issuer = _siteSettings.JwtSettings.Issuer,
            Audience = _siteSettings.JwtSettings.Audience,
            IssuedAt = DateTime.Now,
            NotBefore = DateTime.Now,
            Expires = DateTime.Now.AddDays(_siteSettings.JwtSettings.ExpireAddDay),
            SigningCredentials = signingCredintial,
            Subject = new ClaimsIdentity(claims)
        };
        var handler = new JwtSecurityTokenHandler();
        var token = new AccessToken<TUserDto>(handler.CreateJwtSecurityToken(desctiptor));
        token.User = user.Adapt<TUserDto>();
        return token;
    }


    private async Task<List<Claim>> GetClaims<TUser>(TUser baseUser, string jwtId) where TUser : ApplicationUser
    {
        var clFac = (await userSignInManager.ClaimsFactory.CreateAsync(baseUser));
        var claims = new List<Claim>();
        claims.Add(new Claim("JwtID", jwtId));
        claims.Add(new Claim(ClaimTypes.Name, baseUser.UserName));
        claims.Add(new Claim(ClaimTypes.NameIdentifier, baseUser.Id.ToString()));
        if (baseUser.Email != null)
            claims.Add(new Claim(ClaimTypes.Email, baseUser.Email));
        if(baseUser.UniversityId != null)
            claims.Add(new Claim("UniversityId",baseUser.UniversityId.ToString() ?? string.Empty ));
        claims.Add(new Claim(ClaimTypes.Gender, baseUser.Gender == 0 ? "Female" : "Mail"));
        return claims;

    }

    private async Task<List<Claim>> GetClaims<TUser>(TUser baseUser, string jwtId, string roleId) where TUser : ApplicationUser
    {
        var applicationRole = await roleManager.FindByIdAsync(roleId);
        var roleClaims = await roleManager.GetClaimsAsync(applicationRole);
        var claims = new List<Claim>();
        claims.Add(new Claim(ClaimTypes.Name, baseUser.UserName));
        claims.Add(new Claim(ClaimTypes.NameIdentifier, baseUser.Id.ToString()));
        claims.Add(new Claim(ClaimTypes.Role, applicationRole.EnglishName));
        if (baseUser.Email != null)
            claims.Add(new Claim(ClaimTypes.Email, baseUser.Email));
        if (baseUser.UniversityId != null)
            claims.Add(new Claim("UniversityId", baseUser.UniversityId.ToString() ?? string.Empty));
        claims.AddRange(roleClaims);
        claims.Add(new Claim("JwtID", jwtId));
        claims.Add(new Claim(ClaimTypes.Gender, baseUser.Gender == 0 ? "Female" : "Mail"));
        return claims;

    }

}