ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

Task 5: TokenService + unit tests (7/7 pass)

Browse Source 
- ITokenService: GenerateAccessToken / GenerateRefreshToken / HashToken
- TokenService: JWT (HS256, 15-min), 64-byte CSPRNG refresh, SHA-256 hex hash
  - Role claims use short JWT name role (v7.x JsonWebTokenHandler compatible)
- TokenServiceTests: 7 xUnit tests, payload decoded via Base64Url+System.Text.Json
  to avoid Microsoft.IdentityModel 7.1.2/7.5.2 version-mismatch issues

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Chris Chen
2026-05-26 17:34:56 -07:00
parent b335867b30
commit f74563bb36
4 changed files with 261 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/ROLAC.API/Services/ITokenService.cs
+15
View File
@@ -0,0 +1,15 @@
using ROLAC.API.Entities;
namespace ROLAC.API.Services;
public interface ITokenService
{
/// <summary>Generates a signed HS256 JWT containing userId, email, and roles claims.</summary>
string GenerateAccessToken(AppUser user, IList<string> roles);
/// <summary>Generates a cryptographically-random 64-byte base64 string (the raw token value).</summary>
string GenerateRefreshToken();
/// <summary>Returns the SHA-256 hex hash of the raw token. Always hash before storing to DB.</summary>
string HashToken(string rawToken);
}