From 152c7b148c64e36e40a6ffb8e202245046784a9e Mon Sep 17 00:00:00 2001
From: D4VID <d4vid@d4vid.xyz>
Date: Wed, 20 Mar 2024 21:14:47 +0100
Subject: [PATCH] Generating tokens

---
 OAuthServer/Controllers/OAuthController.cs | 24 +++++++++
 OAuthServer/Program.cs                     | 21 ++------
 OAuthServer/Services/JwtService.cs         | 57 ++++++++++++++++++++++
 3 files changed, 85 insertions(+), 17 deletions(-)
 create mode 100644 OAuthServer/Controllers/OAuthController.cs
 create mode 100644 OAuthServer/Services/JwtService.cs

diff --git a/OAuthServer/Controllers/OAuthController.cs b/OAuthServer/Controllers/OAuthController.cs
new file mode 100644
index 0000000..6c5141a
--- /dev/null
+++ b/OAuthServer/Controllers/OAuthController.cs
@@ -0,0 +1,24 @@
+using Microsoft.AspNetCore.Mvc;
+using OAuthServer.Services;
+
+namespace OAuthServer.Controllers;
+
+[ApiController]
+public class OAuthController : ControllerBase
+{
+    private readonly ILogger<OAuthController> _logger;
+    private readonly JwtService _jwt;
+
+    public OAuthController(ILogger<OAuthController> logger, JwtService jwt)
+    {
+        _logger = logger;
+        _jwt = jwt;
+    }
+
+    [HttpPost]
+    [Route("get-token")]
+    public ActionResult GenerateToken()
+    {
+        return Ok(_jwt.GenerateToken());
+    }
+}
\ No newline at end of file
diff --git a/OAuthServer/Program.cs b/OAuthServer/Program.cs
index 9653dbd..b4496ce 100644
--- a/OAuthServer/Program.cs
+++ b/OAuthServer/Program.cs
@@ -7,6 +7,7 @@ using Microsoft.EntityFrameworkCore;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
 using OAuthServer;
+using OAuthServer.Services;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -55,23 +56,7 @@ builder.Services.AddIdentity<IdentityUser, IdentityRole>(options => { options.St
     .AddDefaultTokenProviders();
 
 // Load the signing key from a file if it exists or create a new one
-var rsaKey = RSA.Create();
-const string jwtKeyPath = ".aspnet/jwt-key";
-string home = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
-string fullPath = Path.Combine(home, jwtKeyPath);
-if (File.Exists(fullPath))
-{
-    rsaKey.ImportRSAPrivateKey(File.ReadAllBytes(fullPath), out _);
-}
-else
-{
-    string? dirName = Path.GetDirectoryName(fullPath);
-    if (!string.IsNullOrEmpty(dirName))
-        Directory.CreateDirectory(dirName);
-
-    var privateKey = rsaKey.ExportRSAPrivateKey();
-    File.WriteAllBytes(fullPath, privateKey);
-}
+var rsaKey = JwtService.GetSigningKey();
 
 // Add the JWT authentication method
 builder.Services.AddAuthentication().AddJwtBearer("OAuthToken", options =>
@@ -151,6 +136,8 @@ builder.Services.AddAuthorization(options =>
     );
 });
 
+builder.Services.AddSingleton<JwtService>();
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
diff --git a/OAuthServer/Services/JwtService.cs b/OAuthServer/Services/JwtService.cs
new file mode 100644
index 0000000..3b36d15
--- /dev/null
+++ b/OAuthServer/Services/JwtService.cs
@@ -0,0 +1,57 @@
+using System.Security.Claims;
+using System.Security.Cryptography;
+using Microsoft.IdentityModel.JsonWebTokens;
+using Microsoft.IdentityModel.Tokens;
+
+namespace OAuthServer.Services;
+
+public class JwtService
+{
+    private readonly RSA _rsaKey;
+    
+    public JwtService()
+    {
+        _rsaKey = GetSigningKey();
+    }
+
+    public static RSA GetSigningKey()
+    {
+        RSA rsaKey = RSA.Create();
+        const string jwtKeyPath = ".aspnet/jwt-key";
+        string home = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile);
+        string fullPath = Path.Combine(home, jwtKeyPath);
+        if (File.Exists(fullPath))
+        {
+            rsaKey.ImportRSAPrivateKey(File.ReadAllBytes(fullPath), out _);
+        }
+        else
+        {
+            string? dirName = Path.GetDirectoryName(fullPath);
+            if (!string.IsNullOrEmpty(dirName))
+                Directory.CreateDirectory(dirName);
+
+            var privateKey = rsaKey.ExportRSAPrivateKey();
+            File.WriteAllBytes(fullPath, privateKey);
+        }
+
+        return rsaKey;
+    }
+
+    public string GenerateToken()
+    {
+        var handler = new JsonWebTokenHandler();
+        var key = new RsaSecurityKey(_rsaKey);
+        var token = handler.CreateToken(new SecurityTokenDescriptor
+        {
+            Subject = new ClaimsIdentity(new[]
+            {
+                new Claim(JwtRegisteredClaimNames.Sub, "user1"),
+                new Claim("role", "External"),
+                new Claim("scope", "scope:1")
+            }),
+            Expires = DateTime.UtcNow.AddDays(10),
+            SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha256)
+        });
+        return token;
+    }
+}
\ No newline at end of file