Beispiel #1
0
        public string GenerateTokenForAudience(string audienceName, string secret)
        {
            //audienceName = username
            //Το secret πρέπει να ειναι base64 string του Sha512 του secret(password) του audience
            string password = string.Empty;

            using (var context = new TPDMSDbModel())
            {
                password = context.admUsers.Where(u => u.Username == audienceName)
                           .Select(u => u.Password).FirstOrDefault();
                if (string.IsNullOrWhiteSpace(secret))
                {
                    return(null);
                }
            }
            var result = SI.Identity.Helpers.SecurityHelper.GetHashedPassword(audienceName, secret);

            if (result != password)
            {
                return(null);
            }

            //secret = password:audienceName
            secret = $"{result}:{audienceName}";
            using (var dbContext = new TPDMSDbContext(WebApiConfig.Options))
            {
                var SpecificUser = dbContext.admUsers.FirstOrDefault(x => x.Username == audienceName && x.Password == password);
                //TODO: Να πάρουμε τον issuer και το expiresInMinutes από configuration
                int tokenDuration = SpecificUser.TokenDuration ?? 30;
                return(CreateToken(audienceName, secret, "self", tokenDuration));
            }
        }
Beispiel #2
0
        private TokenValidationParameters GetValidationParametersForAudience(string audienceName)
        {
            string signingkey = null;

            using (var context = new TPDMSDbModel())
            {
                signingkey = context.admUsers.Where(u => u.Username == audienceName)
                             .Select(u => u.Password).FirstOrDefault();
                if (string.IsNullOrWhiteSpace(signingkey))
                {
                    return(null);
                }
            }
            signingkey = $"{signingkey}:{audienceName}";
            var tokenValidationParameters = new TokenValidationParameters()
            {
                ValidAudiences   = new string[] { audienceName },
                ValidIssuers     = new string[] { "self", },
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingkey))
            };

            return(tokenValidationParameters);
        }