30 lines
1.1 KiB
C#
30 lines
1.1 KiB
C#
using System.Security.Cryptography;
|
|
using System.Text;
|
|
using System.Text.Json;
|
|
|
|
namespace Acl.Infrastructure;
|
|
|
|
/// <summary>Mints a ZGW (vng-api-common) JWT: HS256 over the standard claims.</summary>
|
|
internal static class ZgwToken
|
|
{
|
|
public static string Mint(string clientId, string secret)
|
|
{
|
|
var header = B64Url(JsonSerializer.SerializeToUtf8Bytes(new { alg = "HS256", typ = "JWT" }));
|
|
var payload = B64Url(JsonSerializer.SerializeToUtf8Bytes(new
|
|
{
|
|
iss = clientId,
|
|
iat = DateTimeOffset.UtcNow.ToUnixTimeSeconds(),
|
|
client_id = clientId,
|
|
user_id = "acl",
|
|
user_representation = "acl",
|
|
}));
|
|
var signingInput = $"{header}.{payload}";
|
|
using var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
|
|
var signature = B64Url(hmac.ComputeHash(Encoding.UTF8.GetBytes(signingInput)));
|
|
return $"{signingInput}.{signature}";
|
|
}
|
|
|
|
private static string B64Url(byte[] bytes) =>
|
|
Convert.ToBase64String(bytes).TrimEnd('=').Replace('+', '-').Replace('/', '_');
|
|
}
|