public static Boolean IsUserHasPermission(string accessToken, string formName, string permissionName)
{
var stream = accessToken;
var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(stream);
var tokenS = handler.ReadToken(stream) as JwtSecurityToken;
List <string> jsonStrPermissions = tokenS.Claims.Where(claim => claim.Type == "role").Select(a => a.Value).ToList();
int permissionValue = 0;
foreach (string permission in jsonStrPermissions)
{
JwtTokenObject result = JsonConvert.DeserializeObject <JwtTokenObject>(permission);
if (result.FormName == formName)
{
permissionValue += PermissionValueDict[result.Permission];
}
}
;
if (permissionValue >= PermissionValueDict[permissionName])
{
return(true);
}
else
{
return(false);
}
}
public static TokenObjectModel GetGoogleAccesToken(string code)
{
string url = ConfigurationManager.AppSettings["google_auth_url"];
WebClient wc = new WebClient();
wc.QueryString.Add("code", code);
wc.QueryString.Add("client_id", ConfigurationManager.AppSettings["client_id"]);
wc.QueryString.Add("client_secret", ConfigurationManager.AppSettings["client_secret"]);
wc.QueryString.Add("redirect_uri", ConfigurationManager.AppSettings["redirect_uri"]);
wc.QueryString.Add("grant_type", ConfigurationManager.AppSettings["grant_type"]);
if (code == null)
{
return(null);
}
else
{
var data = wc.UploadValues(url, "POST", wc.QueryString);
var responseString = UnicodeEncoding.UTF8.GetString(data);
GoogleTokenObjectModel token = JsonConvert.DeserializeObject <GoogleTokenObjectModel>(responseString);
var stream = token.id_token;
var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(stream);
var tokenS = handler.ReadToken(stream) as JwtSecurityToken;
string sub = tokenS.Claims.First(claim => claim.Type == "sub").Value;
string email = tokenS.Claims.First(claim => claim.Type == "email").Value;
string name = tokenS.Claims.First(claim => claim.Type == "name").Value;
UserObjectModel userObj = new UserObjectModel(name, email, sub);
TokenObjectModel tokenObj = new TokenObjectModel();
bool isUserExists = UserHelper.IsUserRegistered(sub);
bool registerSuccess = false;
if (!isUserExists)
{
registerSuccess = UserHelper.RegisterUser(userObj) ? true : false;
}
if (isUserExists | registerSuccess)
{
userObj = UserHelper.getUserBySubKey(userObj.Sub);
CreateUserSession(userObj);
tokenObj = TokenHelper.createToken(userObj);
tokenObj = TokenHelper.getTokenByAuthorizationCode(tokenObj.AuthorizationCode);
UserTokensObjectModel userTokenObj = new UserTokensObjectModel(userObj.UserId, tokenObj.TokenId);
bool success = UserTokensHelper.MapUserToken(userTokenObj);
}
return(tokenObj);
}
}
public static bool TryValidateToken
(
string plainTextSecurityKey
, string token
, out JwtSecurityToken validatedPlainToken
, out ClaimsPrincipal claimsPrincipal
)
{
var r = false;
validatedPlainToken = null;
claimsPrincipal = null;
try
{
var tokenHandler = new System
.IdentityModel
.Tokens
.Jwt
.JwtSecurityTokenHandler();
var jst = ((JwtSecurityToken)tokenHandler.ReadToken(token));
var signingKey = new Microsoft
.IdentityModel
.Tokens
.SymmetricSecurityKey
(
Encoding
.UTF8
.GetBytes
(
plainTextSecurityKey
)
);
var tokenValidationParameters = new TokenValidationParameters()
{
ValidIssuer = jst.Issuer,
ValidateIssuer = true,
ValidAudiences = jst.Audiences,
ValidateAudience = true,
IssuerSigningKey = signingKey,
ValidateIssuerSigningKey = true,
ValidateLifetime = false
};
claimsPrincipal = tokenHandler
.ValidateToken
(
token
, tokenValidationParameters
, out var validatedPlainToken0
);
validatedPlainToken = validatedPlainToken0 as JwtSecurityToken;
r = true;
}
catch (Exception e)
{
Console.WriteLine(e);
}
return(r);
}