Beispiel #1
0
        public JwtTokenRequestResult ProcessByUserProfileId()
        {
            int profileLoginId;

            if (_userProfileId.IsAuthenticated(out profileLoginId))
            {
                var jwt = _jwtTokenCache.Get(GetKeyByUserProfileId(profileLoginId));
                if (jwt != null)
                {
                    return(jwt);
                }

                var authority = _securityConfiguration.Authority;
                if (!string.IsNullOrEmpty(authority))
                {
                    var clientId       = _securityConfiguration.ClientId;
                    var clientPassword = _securityConfiguration.ClientPassword;
                    var clientScope    = _securityConfiguration.ClientScope;

                    if (!string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(clientPassword))
                    {
                        var disco = new DiscoveryClient(authority)
                        {
                            Policy = { RequireHttps = DetermineRequireHttps(_securityConfiguration) }
                        };

                        var result = disco.GetAsync().Result;
                        if (result.IsError)
                        {
                            _internalLogger.AppendLog(result.Error);
                            return(null);
                        }

                        var tokenClient = new TokenClient(result.TokenEndpoint, clientId, clientPassword);

                        var tokenResponse = tokenClient.RequestResourceOwnerPasswordAsync(profileLoginId.ToString(),
                                                                                          profileLoginId.ToString(), clientScope).Result;

                        if (!tokenResponse.IsError)
                        {
                            _internalLogger.AppendLog("Access token generated: " + tokenResponse.AccessToken);

                            var jwtResult = new JwtTokenRequestResult
                            {
                                AccessToken = tokenResponse.AccessToken,
                                ExpiresIn   = tokenResponse.ExpiresIn,
                                TokenType   = tokenResponse.TokenType
                            };

                            _jwtTokenCache.Add(GetKeyByUserProfileId(profileLoginId), jwtResult);

                            return(jwtResult);
                        }

                        _internalLogger.AppendLog("Token response error: " + tokenResponse.ErrorDescription);
                    }
                    else
                    {
                        _internalLogger.AppendLog("TAGov.Common.Security configuration(s) are missing!");
                    }
                }
                else
                {
                    _internalLogger.AppendLog("TAGov.Common.Security.Authority missing!");
                }
            }

            return(null);
        }
Beispiel #2
0
        public JwtTokenRequestResult ProcessByUserProfileId()
        {
            int profileLoginId;

            if (_userProfileId.IsAuthenticated(out profileLoginId))
            {
                var jwt = _jwtTokenCache.Get(GetKeyByUserProfileId(profileLoginId));
                if (jwt != null)
                {
                    return(jwt);
                }
                var clientId       = _securityConfiguration.AzureAdClientId;
                var clientPassword = _securityConfiguration.AzureAdClientPassword;
                var resourceId     = _securityConfiguration.AzureAdResourceId;

                if (!string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(clientPassword))
                {
                    using (HttpClient client = new HttpClient())
                    {
                        client.BaseAddress = new Uri(AzureAdBaseUrl);

                        List <KeyValuePair <string, string> > formData =
                            new List <KeyValuePair <string, string> >
                        {
                            new KeyValuePair <string, string>("grant_type", "client_credentials"),
                            new KeyValuePair <string, string>("client_id", clientId),
                            new KeyValuePair <string, string>("client_secret", clientPassword),
                            new KeyValuePair <string, string>("resource", resourceId)
                        };

                        HttpContent content = new FormUrlEncodedContent(formData);
                        var         result  = client.PostAsync($"/{TenantId}/oauth2/token", content).Result;

                        if (!result.IsSuccessStatusCode && result.StatusCode == HttpStatusCode.Unauthorized)
                        {
                            _internalLogger.AppendLog("Token response error: The client Id/Secret is invalid.");
                            return(null);
                        }

                        var tokenResponse = result.IsSuccessStatusCode ? result.Content.ReadAsStringAsync().Result : string.Empty;

                        if (string.IsNullOrEmpty(tokenResponse))
                        {
                            _internalLogger.AppendLog("Token response error: " + tokenResponse);
                            return(null);
                        }

                        var token = JsonConvert.DeserializeObject <AzureAdTokenResponse>(tokenResponse);

                        var jwtResult = new JwtTokenRequestResult
                        {
                            AccessToken = token.AccessToken,
                            ExpiresIn   = token.ExpiresOn,
                            TokenType   = token.TokenType
                        };


                        _jwtTokenCache.Add(GetKeyByUserProfileId(profileLoginId), jwtResult);

                        return(jwtResult);
                    }
                }

                _internalLogger.AppendLog("TAGov.AzureAd configuration(s) are missing!");
            }

            return(null);
        }