public IActionResult SignIn([FromQuery] string login = "", [FromQuery] string password = "")
        {
            if (string.IsNullOrEmpty(login) || string.IsNullOrEmpty(password))
            {
                return(BadRequest());
            }

            var user = db.Users
                       .Where(u => u.Login == login)
                       .Where(u => u.Password == Security.ValidatePassword(password, u.Salt))
                       .SingleOrDefault();

            if (user == null)
            {
                return(BadRequest("Неправильно введен login или password"));
            }
            else
            {
                return(Ok(new
                {
                    id_user = user.Id,
                    user.Name,
                    user.Surname,
                    token = Jwt.CreateToken(user.Login, user.Role, signingSymmetricKey)
                }));
            }
        }
        public async Task <Response> SignIn(CollaboratorViewModel model)
        {
            try
            {
                Collaborator _collaborator = null;
                if (!string.IsNullOrEmpty(model.Email))
                {
                    _collaborator = await this._repository.GetByEmail(model.Email);
                }

                if (_collaborator != null)
                {
                    bool authorized = Crypto.ComparePassword(model.Password, new Encoded(_collaborator.Password));

                    if (authorized)
                    {
                        var _model = this._mapper.Map <CollaboratorViewModel>(_collaborator);
                        var _auth  = new Auth <CollaboratorViewModel>(Jwt.CreateToken(model.Email), _model);
                        return(Ok(_auth, HttpMessage.Login_Authorized));
                    }
                    else
                    {
                        return(Unauthorized("A conta informada é inválida!"));
                    }
                }
                else
                {
                    return(Unauthorized("A conta informada é inválida!"));
                }
            }
            catch (Exception except)
            {
                return(await InternalServerError(except.Message));
            }
        }
Beispiel #3
0
        public Response <JwtDto> Login(string account, string password)
        {
            var response = new Response <JwtDto>();

            var user = students.SingleOrDefault(t => t.Account == account);

            if (user != null)
            {
                if (user.Password.Equals(password))
                {
                    response.Msg = "登录成功";

                    var token = new JwtDto()
                    {
                        AccessToken  = Jwt.CreateToken(user, TokenType.AccessToken),
                        RefreshToken = Jwt.CreateToken(user, TokenType.RefreshToken)
                    };

                    response.Data = token;
                }
                else
                {
                    response.Status = 400;
                    response.Msg    = "用户密码不正确!";
                }
            }
            else
            {
                response.Status = 400;
                response.Msg    = "用户名不存在!";
            }

            return(response);
        }
 public Task <Result <LoginResponse> > Get(LoginUserRequest req)
 => _db.QuerySingle <AccountRecord>(@"SELECT UserId, Password FROM NotifyApp.Users WHERE IsDisabled = 0 AND Email = @email", new { email = req.Email })
 .Then(x => BCrypt.Net.BCrypt.Verify(req.Password, x.Password)
             ? Result.Success(x)
             : Result.Errored <AccountRecord>(ResultStatus.InvalidRequest, "Unauthorized"))
 .Then(x => new LoginResponse {
     Token = Jwt.CreateToken(_secret, x.UserId.ToString().PadLeft(16), req.Email)
 });
Beispiel #5
0
        public Response <string> RefreshToken(string refreshToken)
        {
            Student student;
            var     response = new Response <string>();

            if (Jwt.ValidateRefreshToken(refreshToken.ToStringX().Replace("Bearer ", ""), out student))
            {
                response.Data = Jwt.CreateToken(student, TokenType.AccessToken);
            }
            else
            {
                response.Status = 401;
                response.Msg    = "Unauthorized";
            }

            return(response);
        }
Beispiel #6
0
        public void should_generate_jwt()
        {
            var mockAppId         = "ffffffff-ffff-ffff-ffff-ffffffffffff";
            var mockRsaPrivateKey = @"-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCRgWt83vGoI2vx+BIu1R39nLDvGLEvC8R4drrIvsiJkAvIlVZt
PlbeoifYJGDQwtlAR3a8i+B3/AP5tZEoWw+z+VWLX50aRjzHyTn22ih8OeGDoiBw
N3ysCTfQ/x8sDER6uSn8ElxfB9AEZTcRA+4rCRbmj+YLV/Nm+qSNoOIM4wIDAQAB
AoGAC8IZnY2mmZ/DKVqSnZY7RjNTWP710odw6QsvLOm96t/pE9x9j3ZqLrOL5LuL
11Lnm3oq7jGfghKrf5JcmJZDPnhWoGgZvtqFizt1l6y1GY/xlooWhOzEuK9kIrBS
PDhOjnvmLrQIB88Rjgq0LkxjNYsCa5d1zslkB2SfM7sOF4ECQQDkEzk/J0KnAa14
+T00BD5apQsDMU7Tz3aPA1IbmqsKY6wOuHcxrFBMmw3crce6jjq32w36samIPSwG
ucf/JngtAkEAo1IjyJLlVlFA74lGTJTbZ5drrotoYm/YeAnbe6Rhj6pXDfz+lVdQ
5ta/B0TKa1UEgx7pHs39Tmpl2IdfC5ozTwJBANVvL/lrsjI7na1CAQZ2miuVm9Kn
CA+rbFW1U9dFTJ7yW4eDFPhFOvgVeklzzx9EDqsTsedS70XxiQvaO9EInRkCQFKn
TELCzNvNTU6sq24wW4VmpXF1TgObVPMTEgfV3iYF7/69Td4ojWH1xkGYd9Sv9xOg
vhv/5bUctaRKhjhp9pMCQE8BLxzAMlS81dobP3GrCRLdlN/y9R7pu2hyURFFXUw5
j0hq3fgBZz1QLpLxY3TfkM3oFDVhpGvskzjINLk6hxc=
-----END RSA PRIVATE KEY-----";
            var tok = Jwt.CreateToken(mockAppId, mockRsaPrivateKey);

            Assert.IsFalse(string.IsNullOrEmpty(tok));
        }
Beispiel #7
0
        private static string DoRequest(Uri uri, Credentials creds = null)
        {
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = HttpMethod.Get,
            };

            SetUserAgent(ref req, creds);
            // attempt bearer token auth
            req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                              Jwt.CreateToken(appId, appKeyPath));

            using (LogProvider.OpenMappedContext("VersionedApiRequest.DoRequest", uri.GetHashCode()))
            {
                Logger.Debug($"GET {uri}");

                var sendTask = Configuration.Instance.Client.SendAsync(req);
                sendTask.Wait();

                if (!sendTask.Result.IsSuccessStatusCode)
                {
                    Logger.Error($"FAIL: {sendTask.Result.StatusCode}");

                    if (string.Compare(Configuration.Instance.Settings["appSettings:Nexmo.Api.EnsureSuccessStatusCode"],
                                       "true", StringComparison.OrdinalIgnoreCase) == 0)
                    {
                        sendTask.Result.EnsureSuccessStatusCode();
                    }
                }

                string json;
                var    readTask = sendTask.Result.Content.ReadAsStreamAsync();
                readTask.Wait();
                using (var sr = new StreamReader(readTask.Result))
                {
                    json = sr.ReadToEnd();
                }
                Logger.Debug(json);
                return(json);
            }
        }
Beispiel #8
0
        /// <summary>
        /// Send a request to the versioned Nexmo API.
        /// Do not include credentials in the parameters object. If you need to override credentials, use the optional Credentials parameter.
        /// </summary>
        /// <param name="method">HTTP method (POST, PUT, DELETE, etc)</param>
        /// <param name="uri">The URI to communicate with</param>
        /// <param name="payload">Parameters required by the endpoint (do not include credentials)</param>
        /// <param name="creds">(Optional) Overridden credentials for only this request</param>
        /// <returns></returns>
        public static NexmoResponse DoRequest(string method, Uri uri, object payload, Credentials creds = null)
        {
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = new HttpMethod(method),
            };

            SetUserAgent(ref req, creds);

            // do we need to use basic auth?
            // TODO / HACK: this is a newer auth method that needs to be incorporated better in the future
            if (uri.AbsolutePath.StartsWith("/accounts/") || uri.AbsolutePath.StartsWith("/v2/applications"))
            {
                var authBytes = Encoding.UTF8.GetBytes(creds.ApiKey + ":" + creds.ApiSecret);
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic",
                                                                                                  Convert.ToBase64String(authBytes));
            }
            else
            {
                // attempt bearer token auth
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                                  Jwt.CreateToken(appId, appKeyPath));
            }

            var data = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(payload,
                                                                           Formatting.None, new JsonSerializerSettings {
                DefaultValueHandling = DefaultValueHandling.Ignore
            }));

            req.Content = new ByteArrayContent(data);
            req.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/json");

            using (LogProvider.OpenMappedContext("VersionedApiRequest.DoRequest", uri.GetHashCode()))
            {
                Logger.Debug($"{method} {uri} {payload}");
                var sendTask = Configuration.Instance.Client.SendAsync(req);
                sendTask.Wait();

                if (!sendTask.Result.IsSuccessStatusCode)
                {
                    Logger.Error($"FAIL: {sendTask.Result.StatusCode}");

                    if (string.Compare(Configuration.Instance.Settings["appSettings:Nexmo.Api.EnsureSuccessStatusCode"],
                                       "true", StringComparison.OrdinalIgnoreCase) == 0)
                    {
                        sendTask.Result.EnsureSuccessStatusCode();
                    }

                    return(new NexmoResponse
                    {
                        Status = sendTask.Result.StatusCode
                    });
                }

                string json;
                var    readTask = sendTask.Result.Content.ReadAsStreamAsync();
                readTask.Wait();
                using (var sr = new StreamReader(readTask.Result))
                {
                    json = sr.ReadToEnd();
                }
                Logger.Debug(json);
                return(new NexmoResponse
                {
                    Status = sendTask.Result.StatusCode,
                    JsonResponse = json
                });
            }
        }
Beispiel #9
0
        /// <summary>
        /// Sends a GET request to the Nexmo API using a JWT and returns the full HTTP resonse message
        /// this is primarily for pulling a raw stream off an API call -e.g. a recording
        /// </summary>
        /// <param name="uri"></param>
        /// <param name="creds"></param>
        /// <returns>HttpResponseMessage</returns>
        /// <exception cref="NexmoHttpRequestException">thrown if an error is encountered when talking to the API</exception>
        public static HttpResponseMessage DoGetRequestWithJwt(Uri uri, Credentials creds)
        {
            var logger     = Logger.LogProvider.GetLogger(LOGGER_CATEGORY);
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = HttpMethod.Get
            };

            SetUserAgent(ref req, creds);

            req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                              Jwt.CreateToken(appId, appKeyPath));

            logger.LogDebug($"GET {uri}");

            var result = Configuration.Instance.Client.SendAsync(req).Result;

            try
            {
                result.EnsureSuccessStatusCode();
                return(result);
            }
            catch (HttpRequestException ex)
            {
                logger.LogError($"FAIL: {result.StatusCode}");
                throw new NexmoHttpRequestException(ex.Message, ex)
                      {
                          HttpStatusCode = result.StatusCode
                      };
            }
        }
Beispiel #10
0
        /// <summary>
        /// Send a request to the versioned Nexmo API.
        /// Do not include credentials in the parameters object. If you need to override credentials, use the optional Credentials parameter.
        /// </summary>
        /// <param name="method">HTTP method (POST, PUT, DELETE, etc)</param>
        /// <param name="uri">The URI to communicate with</param>
        /// <param name="payload">Parameters required by the endpoint (do not include credentials)</param>
        /// <param name="authType">Authorization type used on the API</param>
        /// <param name="creds">(Optional) Overridden credentials for only this request</param>
        /// <exception cref="NexmoHttpRequestException">thrown if an error is encountered when talking to the API</exception>
        public static T DoRequestWithJsonContent <T>(string method, Uri uri, object payload, AuthType authType, Credentials creds)
        {
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];
            var apiKey     = (creds?.ApiKey ?? Configuration.Instance.Settings["appSettings:Nexmo.api_key"])?.ToLower();
            var apiSecret  = creds?.ApiSecret ?? Configuration.Instance.Settings["appSettings:Nexmo.api_secret"];
            var logger     = Logger.LogProvider.GetLogger(LOGGER_CATEGORY);

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = new HttpMethod(method),
            };

            SetUserAgent(ref req, creds);

            if (authType == AuthType.Basic)
            {
                var authBytes = Encoding.UTF8.GetBytes(apiKey + ":" + apiSecret);
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic",
                                                                                                  Convert.ToBase64String(authBytes));
            }
            else if (authType == AuthType.Bearer)
            {
                // attempt bearer token auth
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                                  Jwt.CreateToken(appId, appKeyPath));
            }
            else if (authType == AuthType.Query)
            {
                var sb = BuildQueryString(new Dictionary <string, string>(), creds);
                req.RequestUri = new Uri(uri + (sb.Length != 0 ? "?" + sb : ""));
            }
            else
            {
                throw new ArgumentException("Unkown Auth Type set for function");
            }
            var json = JsonConvert.SerializeObject(payload,
                                                   Formatting.None, new JsonSerializerSettings {
                DefaultValueHandling = DefaultValueHandling.Ignore
            });

            logger.LogDebug($"Request URI: {uri}");
            logger.LogDebug($"JSON Payload: {json}");
            var data = Encoding.ASCII.GetBytes(json);

            req.Content = new ByteArrayContent(data);
            req.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/json");
            var json_response = SendHttpRequest(req).JsonResponse;

            return(JsonConvert.DeserializeObject <T>(json_response));
        }
Beispiel #11
0
        /// <summary>
        /// Sends an HTTP GET request to the Nexmo API without any additional parameters
        /// </summary>
        /// <typeparam name="T"></typeparam>
        /// <param name="uri"></param>
        /// <param name="authType"></param>
        /// <param name="creds"></param>
        /// <exception cref="NexmoHttpRequestException">Thrown if the API encounters a non-zero result</exception>
        private static T SendGetRequest <T>(Uri uri, AuthType authType, Credentials creds)
        {
            var logger     = Logger.LogProvider.GetLogger(LOGGER_CATEGORY);
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];
            var apiKey     = (creds?.ApiKey ?? Configuration.Instance.Settings["appSettings:Nexmo.api_key"])?.ToLower();
            var apiSecret  = creds?.ApiSecret ?? Configuration.Instance.Settings["appSettings:Nexmo.api_secret"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = HttpMethod.Get
            };

            SetUserAgent(ref req, creds);

            if (authType == AuthType.Basic)
            {
                var authBytes = Encoding.UTF8.GetBytes(apiKey + ":" + apiSecret);
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic",
                                                                                                  Convert.ToBase64String(authBytes));
            }
            else if (authType == AuthType.Bearer)
            {
                req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                                  Jwt.CreateToken(appId, appKeyPath));
            }
            logger.LogDebug($"GET {uri}");
            var json = SendHttpRequest(req).JsonResponse;

            return(JsonConvert.DeserializeObject <T>(json));
        }
Beispiel #12
0
        private static string DoRequest(Uri uri, Credentials creds = null)
        {
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = HttpMethod.Get,
            };

            SetUserAgent(ref req);
            // attempt bearer token auth
            req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                              Jwt.CreateToken(appId, appKeyPath));

            using (Configuration.Instance.ApiLogger.BeginScope("VersionedApiRequest.DoRequest {0}", uri.GetHashCode()))
            {
                Configuration.Instance.ApiLogger.LogDebug($"GET {uri}");

                var sendTask = Configuration.Instance.Client.SendAsync(req);
                sendTask.Wait();

                //if (!sendTask.Result.IsSuccessStatusCode)
                //    throw new Exception("Error while retrieving resource.");

                string json;
                var    readTask = sendTask.Result.Content.ReadAsStreamAsync();
                readTask.Wait();
                using (var sr = new StreamReader(readTask.Result))
                {
                    json = sr.ReadToEnd();
                }
                Configuration.Instance.ApiLogger.LogDebug(json);
                return(json);
            }
        }
Beispiel #13
0
        /// <summary>
        /// Send a request to the versioned Nexmo API.
        /// Do not include credentials in the parameters object. If you need to override credentials, use the optional Credentials parameter.
        /// </summary>
        /// <param name="method">HTTP method (POST, PUT, DELETE, etc)</param>
        /// <param name="uri">The URI to communicate with</param>
        /// <param name="payload">Parameters required by the endpoint (do not include credentials)</param>
        /// <param name="creds">(Optional) Overridden credentials for only this request</param>
        /// <returns></returns>
        public static NexmoResponse DoRequest(string method, Uri uri, object payload, Credentials creds = null)
        {
            var appId      = creds?.ApplicationId ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"];
            var appKeyPath = creds?.ApplicationKey ?? Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"];

            var req = new HttpRequestMessage
            {
                RequestUri = uri,
                Method     = new HttpMethod(method),
            };

            SetUserAgent(ref req);
            // attempt bearer token auth
            req.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer",
                                                                                              Jwt.CreateToken(appId, appKeyPath));

            var data = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(payload));

            req.Content = new ByteArrayContent(data);
            req.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/json");

            using (Configuration.Instance.ApiLogger.BeginScope("ApiRequest.DoRequest {0}", uri.GetHashCode()))
            {
                Configuration.Instance.ApiLogger.LogDebug($"{method} {uri} {payload}");
                var sendTask = Configuration.Instance.Client.SendAsync(req);
                sendTask.Wait();

                if (!sendTask.Result.IsSuccessStatusCode)
                {
                    Configuration.Instance.ApiLogger.LogError($"FAIL: {sendTask.Result.StatusCode}");
                    return(new NexmoResponse
                    {
                        Status = sendTask.Result.StatusCode
                    });
                }

                string json;
                var    readTask = sendTask.Result.Content.ReadAsStreamAsync();
                readTask.Wait();
                using (var sr = new StreamReader(readTask.Result))
                {
                    json = sr.ReadToEnd();
                }
                Configuration.Instance.ApiLogger.LogDebug(json);
                return(new NexmoResponse
                {
                    Status = sendTask.Result.StatusCode,
                    JsonResponse = json
                });
            }
        }
Beispiel #14
0
        public void should_generate_jwt()
        {
            var tok = Jwt.CreateToken(Configuration.Instance.Settings["appSettings:Nexmo.Application.Id"], Configuration.Instance.Settings["appSettings:Nexmo.Application.Key"]);

            Assert.IsFalse(string.IsNullOrEmpty(tok));
        }