public void ReturnIfTokenIsValid_Success() { var token = "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImhlbGxvQHdvcmxkMi5jb20iLCJuYmYiOjE1NjIwMzY4NDYsImV4cCI6MTU2MjAzNjkwNiwiaWF0IjoxNTYyMDM2ODQ2fQ.-XzUhLSWAvdg2r_yotfz4cD9Tty3byTs_6jkUyS0kQY"; var jwtMock = new Mock <Jwt>(_tokenConfigurations.Object); var payload = new JwtDto(); payload.unique_name = "*****@*****.**"; Xunit.Assert.Equal(payload.unique_name, jwtMock.Object.DecodeToken(token).unique_name); }
public override void OnActionExecuting(ActionExecutingContext actionContext) { var authHeader = actionContext.HttpContext.Request.Headers[AUTHORIZATION_HEADER]; if (!authHeader.Any() || authHeader.FirstOrDefault() == null) { actionContext.Result = new UnauthorizedResult(); } else { var authType = authHeader.FirstOrDefault().Split(' ')[0]; if (authType != BEARER_AUTHENTICATION) { actionContext.Result = new UnauthorizedResult(); } else { try { var serializedJwt = authHeader.FirstOrDefault().Split(' ')[1]; var secretInBytes = Convert.FromBase64String(_settings.Security.JwtSecret); var decodedToken = Jose.JWT.Decode(serializedJwt, secretInBytes, Jose.JwsAlgorithm.HS256); JwtDto jwt = Newtonsoft.Json.JsonConvert.DeserializeObject <JwtDto>(decodedToken); var userFound = _userRepository.GetByUsername(jwt.Subject); if (userFound == null) { actionContext.Result = new UnauthorizedResult(); } var now = DateTimeOffset.UtcNow.ToUnixTimeSeconds(); if (jwt.NotBefore > now || now > jwt.Expires) { actionContext.Result = new UnauthorizedResult(); } //IF NO EXCEPTIONS THEN CARRY ON... } catch { actionContext.Result = new UnauthorizedResult(); } } } }
public async Task <JwtDto> GetJwtAsync() { if (_jwt is null) { return(null); } if (IsExpired()) { _jwt = await AccountService.Instance.RefreshAccessToken(_jwt.RefreshToken); } return(_jwt); }
private async Task <string> GetJwt() { LoginRequest loginRequest = new LoginRequest() { Login = "******", Password = "******" }; HttpResponseMessage response = await Client.PostAsJsonAsync("/api/login/", loginRequest); string responseContent = await response.Content.ReadAsStringAsync(); JwtDto jwt = JsonConvert.DeserializeObject <JwtDto>(responseContent); return(jwt.Token); }
public async Task <IActionResult> Login(CreateUserDto login) { var ar = await CallAsync(async() => await _garageService.LoginAsync(login)); if (ar == null) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Sub, ar.ResponseResult.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, ar.ResponseResult.Email), new Claim(ClaimTypes.Locality, ar.ResponseResult.GarageContextId.ToString()) }; var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddHours(2), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var newToken = tokenHandler.WriteToken(token); JwtDto jwt = new JwtDto { AuthToken = newToken, Id = ar.ResponseResult.Id, ExpiresIn = 2880 }; var result = _garageService.WhoAmI(jwt); return(Ok(new ApiResponse <WhoAmIDto> () { ResponseResult = result.ResponseResult, ResponseStatusCode = result.ResponseStatusCode })); }
public async Task <IActionResult> LoginAsync([FromBody] LoginUserDto user) { try { await _authService.LoginAsync(user); UserDto userAuth = await _userService.GetAsync(user.Email); JwtDto token = _jwtHandler.CreateToken(userAuth.Id, userAuth.Role); return(Ok(new { token = token.Token, user = userAuth })); } catch (Exception ex) { Logger.Error("[Login] Error: {@ex}", ex); return(BadRequest(ex.Message)); } }
public async Task <UserDto> GetUserToken(string token) { JwtDto payload = _jwt.DecodeToken(token); var cache = _repositoryFacade.GetCache(payload.unique_name.ToString()); if (cache == null) { User user = await _userManager.FindByEmailAsync(payload.unique_name.ToString()); UserDto map = _mapper.Map <UserDto>(user); return(map); } UserDto userDto = JsonConvert.DeserializeObject <UserDto>(cache); return(userDto); }
public async Task Register_UserAndPasswordAreValid_GeneratesJwt() { var registerDto = new RegisterDto { Email = "email", Password = "******" }; var expectedResult = new JwtDto(); _userManagerMock.Setup(p => p.CreateAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email), registerDto.Password)) .ReturnsAsync(IdentityResult.Success); _userManagerMock.Setup(p => p.AddToRoleAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email), RolesConstants.User)) .ReturnsAsync(IdentityResult.Success); _jwtServiceMock.Setup(p => p.GenerateJwtAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email))).ReturnsAsync(expectedResult); JwtDto actualResult = await _accountService.Register(registerDto); Assert.AreEqual(expectedResult, actualResult); }
public string BuildToken(JwtDto model) { Claim[] claims = new[] { new Claim(ClaimTypes.Name, model.UserName), new Claim(ClaimTypes.Sid, model.Id) }; var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtSettings.SecretKey)); var creds = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: JwtSettings.Issuer, audience: JwtSettings.Audience, claims: claims, expires: DateTime.Now.AddMinutes(JwtSettings.ExpiressTime), signingCredentials: creds); var resultToken = new JwtSecurityTokenHandler().WriteToken(token); return(resultToken); }
public ApiResponse <WhoAmIDto> WhoAmI(JwtDto authToken) { var ar = new ApiResponse <WhoAmIDto>(); var identityId = authToken.Id; var user = _uow.UserRepository.GetAll(false) .FirstOrDefault(x => x.Id == identityId); if (user == null) { return(new ApiResponse <WhoAmIDto>(RestStatusCode.BadRequest)); } var person = _uow.PersonRepository.GetAll(false).FirstOrDefault(x => x.Id == user.PersonId); var garageId = person.GarageContextId; ar.ResponseResult = new WhoAmIDto { Id = user.Id, AuthorizationToken = authToken, MainClaims = $"_{garageId}" }; if (person.PersonType == 0) { ar.ResponseResult.RedirectType = AuthRedirectType.AccountWithoutAccess; } else { ar.ResponseResult.RedirectType = person.PersonType == PersonTypeEnum.Boss ? AuthRedirectType.BossAccountWithAccess : AuthRedirectType.EmployeeAccountWithAccess; } ar.ResponseStatusCode = RestStatusCode.OK; return(ar); }
public static void SetJwt(this IMemoryCache cache, Guid tokenId, JwtDto jwt, TimeSpan expiryTime) => cache.Set(GetJwtKey(tokenId), jwt, expiryTime);
public void SetJwt(JwtDto jwt) { _jwt = jwt; }
public async Task <JwtDto> Register([FromBody] RegisterDto model) { JwtDto result = await _accountService.Register(model); return(result); }
public async Task <JwtDto> Login([FromBody] LoginDto model) { JwtDto result = await _accountService.Login(model); return(result); }
public static void SetJwt(this IMemoryCache memoryCache, Guid cacheId, JwtDto jwtDto) { memoryCache.Set <JwtDto>(GetJwtKey(cacheId), jwtDto, TimeSpan.FromSeconds(5)); }
public static void SetJwt(this IMemoryCache cache, string email, JwtDto jwt) => cache.Set(GetJwtKey(email), jwt, TimeSpan.FromSeconds(5));
public async Task <IActionResult> GetLoginFromToken([FromBody] JwtDto token) { var login = new JwtSecurityTokenHandler().ReadJwtToken(token.Token).Subject; return(Ok(login)); }
public static void SetJwt(this IMemoryCache cache, Guid tokenId, JwtDto jwt) => cache.Set(GetJwtKey(tokenId), jwt, TimeSpan.FromSeconds(5));
public async Task <ActionResult <JwtDto> > PostLogin([FromBody] LoginRequest model) { JwtDto jwtToken = await _accountService.LoginAsync(model.Login, model.Password); return(Ok(jwtToken)); }