private string GetJWTToken(MUserTokenClaimsClass userTokenClaims)
{
SigningCredentials credentials;
{
byte[] bytes = System.Text.Encoding.ASCII.GetBytes(GlobalData.Current.Jwt["Key"]); // SecureStringWrapper(KeysJWT[userInfo.AppID]))
credentials = new SigningCredentials(new SymmetricSecurityKey(bytes), SecurityAlgorithms.HmacSha256Signature);
}
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
List <Claim> listClaims = userTokenClaims.GetType()
.GetProperties(System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.Public)
.Where(x => x.Name != "Roles")
.Select(x => {
string typeOfData = ClaimValueTypes.String;
switch (x.PropertyType.Name)
{
case "String": typeOfData = ClaimValueTypes.String; break;
case "Int32": typeOfData = ClaimValueTypes.Integer32; break;
case "Boolean": typeOfData = ClaimValueTypes.Boolean; break;
default: typeOfData = ClaimValueTypes.String; break;
}
return(new Claim(x.Name, Convert.ToString(x.GetValue(userTokenClaims)), typeOfData));
}).ToList();
foreach (string x in userTokenClaims.Roles)
{
listClaims.Add(new Claim("Roles", x, ClaimValueTypes.String));
}
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor {
Subject = new ClaimsIdentity(listClaims),
Issuer = GlobalData.Current.Jwt["Issuer"],
Expires = DateTime.UtcNow.AddDays(1),
Audience = GlobalData.Current.Jwt["Audience"],
SigningCredentials = credentials
};
SecurityToken sectoken = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(sectoken));
}
public ObjectResult Login([FromBody] SMUserCredentials data)
{
SMGenericResponse response = new SMGenericResponse()
{
Status = "Success",
Message = "Credentials Correct"
};
try {
SMUserCredentials credentials = data.CleanData();
MCredentialsCheckResultClass result = CheckCredentials(credentials);
switch (CastToEnum <HttpStatusCode>(result.Result))
{
case HttpStatusCode.BadRequest: {
response.Status = "Error";
response.Message = result.Message;
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.BadRequest));
}
case HttpStatusCode.InternalServerError: {
response.Status = "Error";
response.Message = result.Message;
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.InternalServerError));
}
case HttpStatusCode.Unauthorized: {
response.Status = "Error";
response.Message = result.Message;
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.Unauthorized));
}
case HttpStatusCode.Accepted: {
response.Status = "Success";
response.Message = "The user has valid access";
result = SearchUserInfoLDAP(credentials);
if (result.Result == null)
{
response.Status = "Error";
response.Message = result.Message;
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.InternalServerError));
}
List <string> roles = (List <string>)result.Result;
if (roles.Count <= 0)
{
response.Status = "Error";
response.Message = "The user has no valid access roles to this application";
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.Unauthorized));
}
RosterMeta4 rosterMeta4 = dBContext.RosterMeta4.Include(i => i.User).First(f => f.NetworkLogin == credentials.Username);
if (!rosterMeta4.Status)
{
response.Status = "Error";
response.Message = "The user has no access permission due inactivity";
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.Forbidden));
}
MUserTokenClaimsClass userTokenClaims = null;
try {
if (rosterMeta4.User == null)
{
rosterMeta4.User = new Users()
{
EmployeeNumber = rosterMeta4.EmployeeNumber,
DateFirstLogin = DateTime.Now,
DateLastLogin = DateTime.Now
};
}
else
{
rosterMeta4.User.DateLastLogin = DateTime.Now;
}
dBContext.SaveChanges();
roles.AddRange(GetExtraRoles(rosterMeta4));
userTokenClaims = new MUserTokenClaimsClass()
{
FullName = rosterMeta4.FullName,
NetworkLogin = rosterMeta4.NetworkLogin,
UserID = rosterMeta4.User.ID,
EmployeeNumber = rosterMeta4.EmployeeNumber,
EmployeeNumberSup = rosterMeta4.EmployeeNumberSup,
ClientIP = Request.HttpContext.Connection.RemoteIpAddress.ToString(),
Roles = roles.Distinct().ToList(),
TokenV = 1.0
};
} catch (Exception) {
response.Status = "Error";
response.Message = "Error fetching App/User extra info from requests";
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.InternalServerError));
}
response.Data = GetJWTToken(userTokenClaims);
}
break;
default: {
response.Status = "Error";
response.Message = "Internal server error authenticating with Active Directory (Unknow)";
response.Data = null;
return(BuildResponseObjectResult(response, (int)HttpStatusCode.InternalServerError));
}
}
} catch (Exception e) {
response.SetErrorInfo(e);
}
return(BuildResponseObjectResult(response));
}
