JwtTokenBuilder class
Fluent utility to create any flavour of JWS/JWE in one line.
public sealed class JwtTokenBuilder
Public Members
| name | description |
|---|---|
| JwtTokenBuilder() | The default constructor. |
| static New() | Creates a new instance of JwtTokenBuilder. |
| Algorithm { get; } | Gets the algorithm used for signing the JWT token. |
| Audience { get; } | Gets the audience of the JWT token. |
| Issuer { get; } | Gets the issuer of the JWT token. |
| AddClaim(…) | Adds a claim to the JWT token. |
| AddHeader(…) | Adds a custom header to the JWT token. |
| Build() | Builds the JWT token and returns a JwtBuilderResult containing the token, signing key, and validity period. |
| CloneBuilder() | Creates a new token builder instance by cloning the current configuration. |
| EncryptWithCertificate(…) | Encrypts the JWT using the provided X.509 certificate. |
| EncryptWithPemPublic(…) | Encrypts the JWT using a PEM-encoded RSA public key. |
| EncryptWithSecret(…) | Encrypts the JWT using a symmetric key provided as a byte array. |
| EncryptWithSecretB64(…) | Encrypts the JWT using a symmetric key provided as a Base64Url-encoded string. |
| EncryptWithSecretHex(…) | Encrypts the JWT using a symmetric key provided as a hexadecimal string. |
| NotBefore(…) | Sets the ‘not before’ (nbf) claim for the JWT token. |
| RenewJwt(…) | Renews a JWT token from the current request context, optionally extending its lifetime. (2 methods) |
| SignWithCertificate(…) | Sign with an X.509 certificate (must have private key). |
| SignWithRsaPem(…) | Signs the JWT using an RSA private key provided in PEM format. |
| SignWithSecret(…) | Signs the JWT using a symmetric key provided as a Base64Url-encoded string. |
| SignWithSecretHex(…) | Signs the JWT using a symmetric key provided as a hexadecimal string. |
| SignWithSecretPassphrase(…) | Signs the JWT using a symmetric key derived from the provided passphrase. |
| ValidFor(…) | Sets the lifetime (validity period) of the JWT token. |
| WithAudience(…) | Sets the audience of the JWT token. |
| WithIssuer(…) | Sets the issuer of the JWT token. |
| WithSubject(…) | Sets the subject (‘sub’ claim) of the JWT token. |
Examples
// PowerShell usage: $builder = [Kestrun.Security.JwtTokenBuilder]::New() $token = $builder .WithSubject(‘admin’) .WithIssuer(‘https://issuer’) .WithAudience(‘api’) .SignWithSecret(‘uZ6zDP3CGK3rktmVOXQk8A’) # base64url .EncryptWithCertificate($cert,’RSA-OAEP’,’A256GCM’) .Build() Write-Output $token
See Also
- namespace Kestrun.Jwt