Beispiel #1
0
        /// <summary>
        /// Cria um token a partir de um usuário.
        /// </summary>
        /// <param name="authResult"></param>
        internal static AuthResult CreateToken(AuthResult authResult)
        {
            SecurityTokenDescriptor descriptor = JWTHandler.CreateSecurityTokenDescriptor(authResult);
            SecurityToken           token      = _tokenHandler.CreateToken(descriptor);

            authResult.ExpiresIn  = Convert.ToInt64((token.ValidTo - _epochDate).TotalMilliseconds);
            authResult.AcessToken = _tokenHandler.WriteToken(token);
            authResult.TokenType  = "JWT";
            return(authResult);
        }
Beispiel #2
0
        /// <summary>
        /// Validação da segurança dos webservices
        /// </summary>
        /// <param name="actionContext"></param>
        /// <returns></returns>
        protected override bool IsAuthorized(HttpActionContext actionContext)
        {
            JWTAuthorize autorize = actionContext.ActionDescriptor.GetCustomAttributes <JWTAuthorize>().FirstOrDefault();

            AuthResult result = JWTHandler.ValidateToken();

            if (result.AuthStatus == AuthStatus.OK)
            {
                List <Claim> roleClaims = new List <Claim>();

                //Recupera as roles do usuário
                string roles = result.TokenClaims.Claims.Where(c => c.Type.Equals(ClaimTypes.Role)).Select(r => r.Value).FirstOrDefault();
                if (!string.IsNullOrWhiteSpace(roles))
                {
                    string[] splitedRoles = roles.Split(";".ToCharArray(), StringSplitOptions.RemoveEmptyEntries);
                    foreach (string role in splitedRoles)
                    {
                        roleClaims.Add(new Claim(ClaimTypes.Role, role));
                    }
                }

                //Adiciona as roles separadas
                ClaimsIdentity identity = new ClaimsIdentity(result.TokenClaims.Identity, roleClaims, result.TokenClaims.Identity.AuthenticationType, ClaimTypes.Name, ClaimTypes.Role);

                ClaimsPrincipal mappedPrincipal = new ClaimsPrincipal(identity);
                Thread.CurrentPrincipal = mappedPrincipal;
                if (HttpContext.Current != null)
                {
                    HttpContext.Current.User = mappedPrincipal;
                }
            }
            else if (result.AuthStatus != AuthStatus.ANONYMOUS)
            {
                HttpResponseMessage response = actionContext.Request.CreateResponse(HttpStatusCode.BadRequest, result);
                response.Headers.Add("WWW-Authenticate", "xBasic realm=\"\"");
                throw new HttpResponseException(response);
            }
            else if (result.AuthStatus == AuthStatus.ANONYMOUS)
            {
                if (autorize != null)
                {
                    HttpResponseMessage response = actionContext.Request.CreateResponse(HttpStatusCode.BadRequest, result);
                    response.Headers.Add("WWW-Authenticate", "xBasic realm=\"\"");
                    throw new HttpResponseException(response);
                }
            }

            return(base.IsAuthorized(actionContext));
        }