public LoginResponse AuthenticateUser(LoginRequest loginRequest)
{
var loginResponse = new LoginResponse();
if (!userRepository.IsUserExists(loginRequest.UserName))
{
return(loginResponse);
}
loginResponse.IsUserExists = true;
if (!userRepository.IsUserCredentialsValid(loginRequest.UserName, loginRequest.Password))
{
return(loginResponse);
}
var user = userRepository.GetUserDetails(loginRequest.UserName);
var jwtTokenRequest = new JwtTokenRequest
{
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
JsonWebToken = landmarkService.GetJsonWebTokenSection()
};
loginResponse.Token = jwtTokenService.GenerateJwtToken(jwtTokenRequest);
return(loginResponse);
}
public async Task RequestTokenAsync_SendCorrectRequest_ReturnToken()
{
const string expectedToken = "TestToken";
var expectedTokenRequest = new JwtTokenRequest
{
UserName = "******",
Password = "******",
Domain = "domain"
};
var mockHttpClientContext = new MockHttpClientContext();
mockHttpClientContext
.Respond()
.ReturnJson(new { specificAuthToken = expectedToken });
var jwtClient = new JwtClient(mockHttpClientContext.CreateClient());
var tokenInfo =
await jwtClient.RequestTokenAsync(new Uri("http://test.com/auth"), expectedTokenRequest);
Assert.Equal(expectedToken, tokenInfo);
mockHttpClientContext
.CallShouldBeMade("http://test.com/auth")
.WithVerb(HttpMethod.Post)
.WithContentType(ContentMediaTypes.Application.Json)
.WithContentText(JsonSerializer.Serialize(expectedTokenRequest,
new JsonSerializerOptions()
{
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
}));
}
public async Task <IActionResult> Login(JwtTokenRequest request)
{
if (request == null)
{
return(BadRequest("Invalid client request"));
}
var rResult = await _authService.AuthenticateRequest(request);
return(Ok(rResult));
}
public async Task <JwtRequestResult> AuthenticateRequest(JwtTokenRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var requestResult = new JwtRequestResult()
{
Succeeded = false,
UserData = null
};
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
return(requestResult);
}
var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (!result.Succeeded)
{
return(requestResult);
}
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenModel.Secret));
var signingCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(ClaimTypes.Email, request.Email)
};
var jwt = new JwtSecurityToken(
issuer: _tokenModel.Issuer,
audience: _tokenModel.Audience,
claims: claims,
expires: DateTime.Now.AddMinutes(_tokenModel.AccessExpiration),
signingCredentials: signingCredentials);
requestResult.UserData = new UserDataDto()
{
Id = user.Id,
Name = user.UserName
};
requestResult.Succeeded = true;
requestResult.Token = new JwtSecurityTokenHandler().WriteToken(jwt);
return(requestResult);
}
private Task <JwtToken> CreateJwtTokenAsync()
{
var jwtRequest = new JwtTokenRequest
{
Audience = new List <string> {
_application.ClientId.ToString()
},
Subject = _user.UserId.ToString()
};
return(_jwtTokenFactory.CreateJwtTokenAsync(jwtRequest));
}
private async Task CreateJwtTokenAsync()
{
var jwtRequest = new JwtTokenRequest
{
Audience = new List <string> {
_code.ClientId.ToString()
},
Subject = _code.UserId?.ToString(),
Scope = _code.Scope
};
_jwtToken = await _jwtTokenFactory.CreateJwtTokenAsync(jwtRequest);
}
private Task <JwtToken> CreateJwtTokenAsync()
{
var jwtRequest = new JwtTokenRequest
{
Audience = new List <string> {
_refreshToken.Application.ClientId.ToString()
},
Subject = _refreshToken.UserId.ToString(),
Scope = _scope
};
return(_jwtTokenFactory.CreateJwtTokenAsync(jwtRequest));
}
public HandleResult HandleRequest(JwtTokenRequest request)
{
var user = context.Users.Where(x => x.UserName == request.User && x.Password == request.Password).FirstOrDefault();
if (user != null)
{
return(new HandleResult {
Success = true
});
}
return(new HandleResult {
Success = false, Message = "Invalid user / password"
});
}
public HandleResult HandleRequest(JwtTokenRequest request)
{
if (request.User == "admin" && request.Password == "admin")
{
return(new HandleResult {
Success = true
});
}
else
{
return(new HandleResult {
Success = false, Message = "Invalid user/password"
});
}
}
public async Task <IActionResult> Token([FromBody] JwtTokenRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = GenerateClaimsIdentity(request.Name, request.Name);
var jwt = new JwtTokenResponse
{
Id = identity.Claims.Single(c => c.Type == Constants.UserIdClaimTypeName).Value,
AccessToken = await GenerateEncodedToken(request.Name, identity),
ExpiresIn = (long)_jwtIssuerOptions.ValidFor.TotalSeconds
};
return(Ok(jwt));
}
public string GenerateJwtToken(JwtTokenRequest request)
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(request.JsonWebToken.SecretKey));
var signinCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim> {
new Claim(ClaimTypes.Email, request.Email),
new Claim(ClaimTypes.Name, request.FirstName),
new Claim(ClaimTypes.Surname, request.LastName)
};
var tokeOptions = new JwtSecurityToken(
issuer: request.JsonWebToken.Domain,
audience: request.JsonWebToken.Domain,
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: signinCredentials
);
var token = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
return(token);
}
public void GenerateJwtToken_Should_generate_and_return_token()
{
// Arrange
jwtTokenSerivce = new JwtTokenService();
var request = new JwtTokenRequest()
{
Email = "*****@*****.**",
FirstName = "first",
LastName = "last",
JsonWebToken = new JsonWebToken
{
Domain = "",
SecretKey = "thisIsSecrectKeyValue"
}
};
// Act
var response = jwtTokenSerivce.GenerateJwtToken(request);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Length > 50);
}
public Task <JwtTokenResponse> GetToken([FromBody] JwtTokenRequest request, CancellationToken cancellationToken) => Send(request, cancellationToken);
public async Task <JwtTokenResponse> GetJwtToken(JwtTokenRequest request, CancellationToken cancellationToken)
{
var token = await GetJwtToken(request.Username !, request.Password !, cancellationToken);
return(new JwtTokenResponse(token));
}
