public string GenerateToken(UserIdentification model)
{
this.CheckSettingIsSettedUp();
if (model is null)
{
throw new ArgumentException("Arguments to create token are not valid.");
}
Claim[] claims = new Claim[2];
claims[0] = new Claim(ClaimTypes.NameIdentifier, value: model.UserId.ToString());
claims[1] = new Claim(ClaimTypes.Name, value: model.UserName);
SecurityTokenDescriptor securityTokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddMinutes(Convert.ToInt32(this.jwtSetting.ExpireMinutes)),
SigningCredentials = new SigningCredentials(GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha512)
};
JwtSecurityTokenHandler jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
SecurityToken securityToken = jwtSecurityTokenHandler.CreateToken(securityTokenDescriptor);
return(jwtSecurityTokenHandler.WriteToken(securityToken));
}
public async Task <int> SaveIdentification(UserIdentification userIdentification)
{
try
{
var documentUrl = $"[DOCUMENTURL]/{userIdentification.Identifier}.{userIdentification.FileExtension.Replace(".", "")}";
File.WriteAllBytes(documentUrl, userIdentification.ByteData);
var user = await GetExistingUser(new User { Id = userIdentification.UserId });
user.IdentityDocumentUrl = documentUrl;
var result = await _repository.Update(user);
if (result != 1)
{
throw new DataException($"Expected to update 1 user, but instead updated {result}");
}
return(user.Id);
}
catch (DbUpdateException ex)
{
throw new DataException("Error occured while saving identification", ex.InnerException);
}
}
public async Task <bool> ExecuteAsync(UserIdentification input)
{
// Do nothing for recovery flow
// var relatedItem = await _cacheItemService.GetCacheItemByContextAsync(input.Context);
// if (relatedItem.ChallengeType == ChallengeType.Recover)
// return false;
bool result;
if (string.IsNullOrWhiteSpace(input.UserIdentifier))
{
result = false;
}
else if (!input.AuthenticatorType.HasValue)
{
result = await _userHandlerAdapter.IsUserExistsAsync(input.UserIdentifier);
}
else
{
result = input.AuthenticatorType switch
{
ExtAuthenticatorType.Fido2 =>
await _userHandlerAdapter.IsFido2UserExistsAsync(input.UserIdentifier),
_ => false
}
};
return(result);
}
public string Authenticate(string username, string password)
{
User user = ValidateUserPassword(username, password);
Save(user);
UserIdentification identification = new UserIdentification(user.Id, user.Username);
return(AuthorizationProvider.GenerateToken(user.Id, user.Username));
}
public ActionResult <UserIdentification> GetTokenData([FromQuery] string token)
{
if (string.IsNullOrEmpty(token))
{
return(BadRequest(new { message = "Token is required" }));
}
UserIdentification userIdentification = this.jwtService.GetUserIdentification(token);
return(Ok(userIdentification));
}
public static UserIdentification GetUserIdentification()
{
HttpContext httpContext = GetHttpContext();
if (httpContext != null)
{
UserIdentification identification = AuthorizationProvider.GetUserIdentification(httpContext.User);
identification.RequestPath = httpContext.Request.Path;
identification.Address = httpContext.Connection.RemoteIpAddress.ToString();
return(identification);
}
return(UserIdentification.NoUser());
}
public ActionResult <AuthResponseModel> Authenticate([FromBody] UserModel model)
{
UserIdentification userInfo = this.userService.Authenticate(model.UserName, model.Password);
if (userInfo is null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
string token = this.jwtService.GenerateToken(userInfo);
Response.Cookies.Append("X-Access-Token", token, new CookieOptions()
{
HttpOnly = true, SameSite = SameSiteMode.Strict
});
return(Ok(new AuthResponseModel(token, userInfo.UserId, userInfo.UserName)));
}
public void GetNewUserdata()
{
if (_client == null)
{
return;
}
var userId = new UserIdentification {
Usertoken = UserData.Usertoken, Secret = "????"
};
var req = new UserDataRequest {
UserIdent = userId, Username = UserData.Username
};
var ud = _client.Call.GetPublicUserdata(req);
//WAAAAA. Make sure not to overwrite the usertoken
UserData = new UserData {
Username = UserData.Username, Usertoken = UserData.Usertoken, Elo = ud.Elo
};
}
private List <Claim> GetClaims(UserIdentification user)
{
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Email, user.Email));
claims.Add(new Claim(ClaimTypes.Name, user.FirtName + " " + user.LastName));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Email));
var roles = new[] { "Admin", "Citizin", "Worker" };
var groups = new[] { "Admin", "Citizin", "Worker" };
foreach (var item in roles)
{
claims.Add(new Claim(ClaimTypes.Role, item));
}
foreach (var item in groups)
{
claims.Add(new Claim("Groups", item));
}
return(claims);
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View());
}
UserIdentification userIdenti = new UserIdentification();
userIdenti.FirtName = "Martin";
userIdenti.LastName = "Aybar";
userIdenti.UserName = model.Email;
userIdenti.Email = model.Email;
if (ModelState.IsValid) //This is JS validation and Model validation
{
if (true) //Check the database, this should be replaced with the
//result of your DB call after providing the username and password
{
List <Claim> claims = GetClaims(userIdenti); //Get the claims from the headers or
//db or your user store
if (null != claims)
{
SignIn(claims);
return(RedirectToAction("Index", "Home"));
}
ModelState.AddModelError("", "Invalid username or password.");
}
else
{
ModelState.AddModelError("", "No User of that email address.");
}
}
return(View(model));
}
private void settingsPage_ID_GetID_Exec_Click(object sender, RoutedEventArgs e)
{
var identification = new UserIdentification();
settingsPage_ID_ID_TextBox.Text = identification.GetMachineID();
}
private void settingsPage_Save_Exec_Click(object sender, RoutedEventArgs e)
{
var configModel = new ConfigModel();
var dataHandler = new EncryptDataHandler(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + @"\SP\data");
var fileManagement = new FileManagement();
if (_settings.ShutDownEnable)
{
configModel.ShutDownEnable = _settings.ShutDownEnable;
configModel.ShutDownOption = windowsManagement_ShutDownOption_ComboBox.SelectedItem.GetType().GetProperty("Value")?.GetValue(windowsManagement_ShutDownOption_ComboBox.SelectedItem, null).ToString();
configModel.ShutDownTime = int.Parse(windowsManagement_ShutDownTime_TextBox.Text);
}
if (_settings.ListProcessesEnable)
{
configModel.ListProcessesEnable = _settings.ListProcessesEnable;
}
if (_programList.Count != 0)
{
configModel.ProgramBlockList = _programList;
}
if (_settings.WebHistoryEnable)
{
configModel.WebHistoryEnable = _settings.WebHistoryEnable;
configModel.WebHistoryQueryLimit = int.Parse(windowsMonitoring_WebHistory_QueryLimit_TextBox.Text);
configModel.WebHistoryPath = _pathToWebBrowser;
}
if (_settings.PrtScrnEnable)
{
configModel.PrtScrnEnable = _settings.PrtScrnEnable;
configModel.PrtScrnQualityOption = windowsMonitoring_PrtScrn_Quality_TextBox.SelectedItem.GetType().GetProperty("Value")?.GetValue(windowsMonitoring_PrtScrn_Quality_TextBox.SelectedItem, null).ToString();
configModel.PrtScrInterval = int.Parse(windowsMonitoring_PrtScrn_Offset_TextBox.Text);
}
if (_scanDirectory.Count != 0)
{
configModel.FileDirectoryList = _scanDirectory;
configModel.FileDirectoryExtension = windowsMonitoring_FileDirectory_EXT_TextBox.Text;
configModel.RemovableDevicesEnable = _settings.RemovableDevicesEnable;
}
if (ProtectLicenseKey(settingsPage_CC_Key_TextBox.Password).Length == 0 || settingsPage_CC_URL_TextBox.Text.Length == 0 || settingsPage_ID_ID_TextBox.Text.Length == 0 || settingsPage_TP_Offset_TexBox.Text.Length == 0)
{
MessageBox.Show("Brak wszystkich wymaganych danych!");
return;
}
configModel.OfflineMode = _settings.OfflineMode;
configModel.AddressCc = settingsPage_CC_URL_TextBox.Text;
configModel.License = fileManagement.Base64Encode(dataHandler.EncryptText(ProtectLicenseKey(settingsPage_CC_Key_TextBox.Password)));
configModel.IntervalTime = int.Parse(settingsPage_TP_Offset_TexBox.Text);
fileManagement.CreateFile(null, "config.bin", Encoding.ASCII.GetBytes(JsonSerializer.Serialize(configModel)), true);
HttpClient client = new HttpClient();
if (_settings.OfflineMode.Equals(false))
{
var identification = new UserIdentification();
StringBuilder urlBuilder = new StringBuilder(settingsPage_CC_URL_TextBox.Text + "/api/1.1/users/" + settingsPage_CC_Key_TextBox.Password + "/" + settingsPage_ID_ID_TextBox.Text);
client.SetDeviceID(urlBuilder.ToString());
}
using (StreamWriter sw = File.CreateText(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + @"\SP\data\debug.bin"))
{
sw.WriteLine(settingsPage_ID_ID_TextBox.Text);
}
MessageBox.Show("Zapisano ustawienia, uruchom ponownie program!");
}
