public AuthResult Login(LoginRequest loginRequest)
{
AuthResult authResult = new AuthResult();
try
{
authResult = AccountHandler.Login(loginRequest);
if (authResult.AuthStatus == AuthStatus.OK)
{
authResult = JWTHandler.CreateToken(authResult);
}
}
catch (Exception ex)
{
Logger.LogException(ex);
authResult.AuthStatus = AuthStatus.ERROR;
}
if (authResult.AuthStatus != AuthStatus.OK)
{
ServiceHelper.ThrowBadRequest <AuthResult>(Request, authResult);
}
return(authResult);
}
public async Task <HttpResponse> CreateAccount(
[HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req,
ILogger log)
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
User user = JsonConvert.DeserializeObject <User>(requestBody);
try
{
user = await AccountService.CreateAccount(user);
string jwt;
try
{
jwt = JWTHandler.GetJWT(user);
}
catch (Exception e)
{
log.LogError("Failed to generate token", e);
throw;
}
return(await GenerateResponse(jwt, user, req));
}
catch (Exception)
{
throw;
}
}
public AuthResult ChangePassword(ChangePwdRequest changePwdRequest)
{
AuthResult authResult = null;
try
{
int userId = ServiceHelper.CurrentUserId;
authResult = AccountHandler.ChangePassword(userId, changePwdRequest.CurrentPwd, changePwdRequest.NewPassword);
if (authResult.AuthStatus == AuthStatus.OK)
{
authResult = JWTHandler.CreateToken(authResult);
}
}
catch (Exception ex)
{
Logger.LogException(ex);
authResult.AuthStatus = AuthStatus.ERROR;
}
if (authResult.AuthStatus != AuthStatus.OK)
{
ServiceHelper.ThrowBadRequest <AuthResult>(Request, authResult);
}
return(authResult);
}
public async Task <HttpResponse> Login(
[HttpTrigger(AuthorizationLevel.Function, "get", Route = null)] HttpRequest req,
ILogger log)
{
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
User user = JsonConvert.DeserializeObject <User>(requestBody);
string jwt;
try
{
User userFromRespons = await AccountService.Login(user);
try
{
jwt = JWTHandler.GetJWT(userFromRespons);
return(await GenerateResponse(jwt, userFromRespons, req));
}
catch (Exception e)
{
log.LogError("Failed to generate token", e);
throw;
}
}
catch (Exception)
{
var context = req.HttpContext;
var response = context.Response;
response.StatusCode = 401;
await response.WriteAsync("Failed to authorize");
return(response);
}
}
public AuthController(ILogger <AuthController> logger, IUserService service, IConfiguration configuration, JWTHandler jWTHandler)
{
Service = service;
Configuration = configuration;
_JWTHandler = jWTHandler;
_logger = logger;
}
public HttpResponseMessage Login()
{
var headers = Request.Headers;
string parameter = headers?.Authorization?.Parameter;
string scheme = headers?.Authorization?.Scheme;
if ((!scheme.Equals("Basic", StringComparison.OrdinalIgnoreCase)) && parameter == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorised User"));
}
Encoding encode = Encoding.UTF8;
byte[] encodedCreds = Convert.FromBase64String(parameter);
string[] decodedCreds = encode.GetString(encodedCreds).Split(':');
string username = decodedCreds[0];
string password = decodedCreds[1];
if (CheckUser(username, password))
{
string jwt = JWTHandler.GenerateToken(username);
//headers.Remove("Authorization");
headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", jwt);
return(Request.CreateResponse(HttpStatusCode.OK, jwt));
}
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Unauthorised User"));
}
public void authenticate()
{
JWTHandler jwtHandler = new JWTHandler();
jwt = jwtHandler.generateJWT(symConfig);
sessionAuthenticate();
kmAuthenticate();
}
public void RSAAuthTest()
{
SymConfigLoader symConfigLoader = new SymConfigLoader();
symConfig = symConfigLoader.loadFromFile("C:/Users/Michael/Documents/Visual Studio 2017/Projects/apiClientDotNet/apiClientDotNetTest/Resources/testConfig.json");
JWTHandler jwtHandler = new JWTHandler();
jwtHandler.generateJWT(symConfig);
}
public void ForGivenRsaConfig_CanReadConfigAndCreateJwt()
{
var symConfigLoader = new SymConfigLoader();
var configPath = System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Resources", "config.json");
var symConfig = symConfigLoader.loadFromFile(configPath);
var jwtHandler = new JWTHandler();
var jwt = jwtHandler.generateJWT(symConfig);
Assert.IsNotNull(jwt);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
var wire = new WireDI(services);
wire.DoInjection();
JWTHandler.RegisterAuth(services);
DisableAutoValidation(services);
services.AddControllers();
services.AddMvc();
}
public IActionResult LoginUser(LoginVM login)
{
if (ModelState.IsValid)
{
IActionResult response = new JsonResult("");
var user = new LoginViewModel(_db).AuthenticateUser(login);
if (user != null)
{
var tokenString = new JWTHandler(_config).GenerateJSONWebToken(user);
return(Ok(new { token = tokenString }));
}
return(NotFound());
}
else
{
return(ValidationProblem());
}
}
public IActionResult LoginUser([FromForm] LoginVM login)
{
if (ModelState.IsValid)
{
var user = new LoginViewModel(_db).AuthenticateUser(login);
if (user != null)
{
var tokenString = new JWTHandler(_config).GenerateJSONWebToken(user);
HttpContext.Session.SetString("token", tokenString);
return(Ok(new { Token = tokenString }));
}
return(Forbid());
}
else
{
return(NotFound());
}
}
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
bool isValid = false;
var token = filterContext.HttpContext.Session.GetString("token");
if (!string.IsNullOrEmpty(token))
{
string role = new JWTHandler(_config).ValidateToken(token).FindFirstValue(ClaimTypes.Role);
foreach (var r in allowedroles)
{
if (r == role)
{
isValid = true;
}
}
}
if (!isValid)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Account", controller = "Login", action = "Unauthorize" }));
}
}
public void GenerateTest()
{
var tokenHandler = new JWTHandler();
var token = tokenHandler.GenerateAccessToken(new Entities.Member()
{
ID = 1,
Name = "John Doe",
Email = "*****@*****.**",
OptionalEmail = "",
DateOfBirth = DateTime.Now,
Gender = "Male",
MobileNumber = "",
Password = "******"
});
var handler = new JwtSecurityTokenHandler();
var jwtToken = handler.ReadJwtToken(token);
var x = jwtToken.Claims.Count();
Assert.IsTrue(jwtToken.Claims.Count() == 6);
}
public AuthMiddleware(RequestDelegate next, JWTHandler _jWTHandler, UserModelService _userModelService)
{
jWTHandler = _jWTHandler;
userModelService = _userModelService;
_next = next;
}
public AuthController(ApplicationUserManager userManager, ApplicationSignInManager signInManager, JWTHandler jwt)
{
this.userManager = userManager;
this.signInManager = signInManager;
this.jwt = jwt;
}
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
var headers = context.Request.Headers;
var scheme = headers?.Authorization?.Scheme;
var parameter = headers?.Authorization?.Parameter;
if (scheme == null || parameter == null)
{
context.ErrorResult = new AuthenticationFailureRequest("Header not found", context.Request);
return;
}
if (!scheme.Equals("Bearer", StringComparison.OrdinalIgnoreCase) || string.IsNullOrEmpty(parameter))
{
context.ErrorResult = new AuthenticationFailureRequest("Token not found", context.Request);
return;
}
JWTHandler handler = new JWTHandler();
var principal = await handler.GetPrincipal(parameter);
if (principal == null)
{
context.ErrorResult = new AuthenticationFailureRequest("Claims not found", context.Request);
return;
}
ClaimsIdentity identity = principal.Identity as ClaimsIdentity;
if (identity == null)
{
context.ErrorResult = new AuthenticationFailureRequest("Identity not found", context.Request);
return;
}
if (!identity.IsAuthenticated)
{
context.ErrorResult = new AuthenticationFailureRequest("Not authenticated", context.Request);
return;
}
var userClaim = identity.FindFirst(ClaimTypes.Name);
var userName = userClaim?.Value;
if (string.IsNullOrEmpty(userName))
{
context.ErrorResult = new AuthenticationFailureRequest("No UserName found", context.Request);
return;
}
else
{
//check db for the user name and if it exists bring back the other essential claims such as
//email,address,isAdmin,Department
ClaimsPrincipal Allprincipal = await GetAdditionalClaims(userName, cancellationToken);
if (Allprincipal != null)
{
context.Principal = Allprincipal;
var x = Thread.CurrentPrincipal;
return;
}
else
{
context.ErrorResult = new AuthenticationFailureRequest("UserName is not Valid", context.Request);
}
}
}
public AuthController(UserModelService _userModelService, JWTHandler _JWTCreator, ModelStateSerializer _modelStateSerializer)
{
JWTHandler = _JWTCreator;
modelStateSerializer = _modelStateSerializer;
userModelService = _userModelService;
}
public MyAccount(JWTHandler jwtHandler, IAccountService accountService)
{
JWTHandler = jwtHandler;
AccountService = accountService;
}
public MyRestaurants(JWTHandler jwtHandler, IRestaurantService restaurantService)
{
JWTHandler = jwtHandler;
RestaurantService = restaurantService;
}
public void GetSecretKeyTest()
{
var key = JWTHandler.GetSecretKey();
Assert.AreEqual(key, "akusayangkamuselamanyah");
}
