CleanArchitecture-template/MyNewProjectName.Infrastructure/Identity/JwtTokenGenerator.cs

// using MyNewProjectName.Application.Interfaces;
// using MyNewProjectName.Domain.Entities;
// using Microsoft.Extensions.Options;
// using Microsoft.IdentityModel.Tokens;
// using System.IdentityModel.Tokens.Jwt;
// using System.Security.Claims;
// using System.Security.Cryptography;
// using System.Text;
// using MyNewProjectName.Application.Interfaces.Common;

// namespace MyNewProjectName.Infrastructure.Identity;

// public class JwtTokenGenerator : IJwtTokenGenerator
// {
//     private readonly JwtSettings _jwtSettings;

//     public JwtTokenGenerator(IOptions<JwtSettings> jwtOptions)
//     {
//         _jwtSettings = jwtOptions.Value;
//     }

//     public string GenerateAccessToken(User user, List<string> roles, Guid tenantId)
//     {
//         var tokenHandler = new JwtSecurityTokenHandler();
//         var key = Encoding.UTF8.GetBytes(_jwtSettings.Secret);

//         var claims = new List<Claim>
//         {
//             new(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
//             new(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
//             new(JwtRegisteredClaimNames.Email, user.Email ?? string.Empty),
//             new("id", user.Id.ToString()),
//             new("tenantId", tenantId.ToString())
//         };

//         foreach (var role in roles)
//         {
//             claims.Add(new Claim(ClaimTypes.Role, role));
//         }

//         var tokenDescriptor = new SecurityTokenDescriptor
//         {
//             Subject = new ClaimsIdentity(claims),
//             Expires = DateTime.UtcNow.AddMinutes(_jwtSettings.AccessTokenExpirationMinutes),
//             Issuer = _jwtSettings.Issuer,
//             Audience = _jwtSettings.Audience,
//             SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
//         };

//         var token = tokenHandler.CreateToken(tokenDescriptor);
//         return tokenHandler.WriteToken(token);
//     }

//     public string GenerateRefreshToken()
//     {
//         var randomNumber = new byte[32];
//         using var rng = RandomNumberGenerator.Create();
//         rng.GetBytes(randomNumber);
//         return Convert.ToBase64String(randomNumber);
//     }

//     public ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
//     {
//         var tokenValidationParameters = new TokenValidationParameters
//         {
//             ValidateAudience = false,
//             ValidateIssuer = false,
//             ValidateIssuerSigningKey = true,
//             IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Secret)),
//             ValidateLifetime = false
//         };

//         var tokenHandler = new JwtSecurityTokenHandler();
//         var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out var securityToken);

//         if (securityToken is not JwtSecurityToken jwtSecurityToken ||
//             !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
//         {
//             throw new SecurityTokenException("Invalid token");
//         }

//         return principal;
//     }
// }