public async Task<ActionResult> Index()
{
if (this.User.Identity.IsAuthenticated)
{
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this.db));
var appUser = await manager.FindByIdAsync(this.User.Identity.GetUserId());
IQueryable<Game> games = from membership in db.GameMemberships
where membership.ApplicationUserID == appUser.Id
join game in db.Games on membership.GameID equals game.ID
select game;
var adminRole = await db.Roles.FirstOrDefaultAsync(role => role.Name == "Admin");
this.ViewBag.Games = await games.ToListAsync();
this.ViewBag.Claims = await manager.GetClaimsAsync(appUser.Id);
this.ViewBag.Roles = await manager.GetRolesAsync(appUser.Id);
}
return View();
}
public async Task GetUserClaimTest()
{
var db = UnitTestHelper.CreateDefaultDb();
var manager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(db));
var user = new IdentityUser("u1");
var result = await manager.CreateAsync(user);
UnitTestHelper.IsSuccess(result);
Assert.NotNull(user);
var claims = new[]
{
new Claim("c1", "v1"),
new Claim("c2", "v2"),
new Claim("c3", "v3")
};
foreach (Claim c in claims)
{
UnitTestHelper.IsSuccess(await manager.AddClaimAsync(user.Id, c));
}
var userClaims = new List<Claim>(await manager.GetClaimsAsync(user.Id));
Assert.Equal(3, userClaims.Count);
foreach (Claim c in claims)
{
Assert.True(userClaims.Exists(u => u.Type == c.Type && u.Value == c.Value));
}
}
public async Task <IEnumerable <string> > GetRoleNamesForUserAsync(string userName)
{
var user = await _userManager.FindByIdAsync(userName);
var roleClaims = await _userManager?.GetClaimsAsync(user);
List <string> userRoleNames = roleClaims? // ?
.Where(cl => cl.Type == ClaimTypes.Role)
.Select(cl => cl.Value)
.ToList();
return(userRoleNames);
}
private async static Task<bool> CheckUserType(UserManager<ApplicationUser> userManager, ApplicationUser user, params string [] types)
{
var claims = await userManager.GetClaimsAsync(user);
if (claims.Count > 0)
{
var claimValue = claims.FirstOrDefault(c => c.Type.Equals("UserType")).Value;
foreach (string type in types)
{
if (claimValue.Equals(type))
{
return true;
}
}
}
return false;
}
public async Task <IActionResult> Login([FromBody] LoginViewModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
throw new BadRequestException("Email atau Password salah");
}
var result = await _signInManager.PasswordSignInAsync(user.UserName, model.Password, isPersistent : true, lockoutOnFailure : false);
if (!result.Succeeded)
{
throw new BadRequestException("Email atau Password salah");
}
var claims = await _userManager.GetClaimsAsync(user);
var id = new ClaimsIdentity(claims);
id.AddClaim(new Claim(ClaimTypes.Email, user.Email));
id.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
var requestAt = DateTime.Now;
var expiresIn = requestAt + TokenAuthOption.ExpiresSpan;
var token = GenerateToken(expiresIn, id);
return(Ok(new RequestResult
{
Data = new
{
requestAt,
expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds,
tokenType = TokenAuthOption.TokenType,
accessToken = token
}
}));
}
public async Task <IActionResult> Login(LoginParameters parameters)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.Values.SelectMany(state => state.Errors)
.Select(error => error.ErrorMessage)
.FirstOrDefault()));
}
var user = await _userManager.FindByEmailAsync(parameters.UserName)
?? await _userManager.FindByNameAsync(parameters.UserName);
if (user == null)
{
_logger.LogInformation("User does not exist: {0}", parameters.UserName);
return(BadRequest("User does not exist"));
}
var singInResult = await _signInManager.CheckPasswordSignInAsync(user, parameters.Password, false);
if (!singInResult.Succeeded)
{
_logger.LogInformation("Invalid password: {0}, {1}", parameters.UserName, parameters.Password);
return(BadRequest("Invalid password"));
}
_logger.LogInformation("Logged In: {0}, {1}", parameters.UserName, parameters.Password);
// add custom claims here, before signin if needed
var claims = await _userManager.GetClaimsAsync(user);
//await _userManager.RemoveClaimsAsync(user, claims);
await _signInManager.SignInAsync(user, parameters.RememberMe);
return(Ok(BuildUserInfo(user)));
}
private async Task <TokenJson> GenerateJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emitter,
Audience = _appSettings.ValidIn,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.Expiration),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
return(new TokenJson(encodedToken));
}
public async Task <IActionResult> Generate([FromBody] LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest("Could not create token"));
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest("Could not create token"));
}
var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
if (!result.Succeeded)
{
return(BadRequest("Could not create token"));
}
var userClaims = await _userManager.GetClaimsAsync(user);
userClaims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Email));
userClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenOptions.Key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: _tokenOptions.Issuer,
audience: _tokenOptions.Issuer,
claims: userClaims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return(Ok(new JwtSecurityTokenHandler().WriteToken(token)));
}
public async Task AddAndRemoveUserClaims()
{
// Arrange
var user = await CreateUserAsync();
var c1 = CreateClaim(ClaimType);
var c2 = CreateClaim(ClaimType);
var claims = new[] { c1, c2 };
// Act Add
await UserManager.AddClaimsAsync(user, claims);
var find = await UserManager.FindByIdAsync(user.Id);
var findClaims = await UserManager.GetClaimsAsync(find);
// Assert Add
Assert.Equal(claims, findClaims, ClaimComparer);
// Act Remove
await UserManager.RemoveClaimsAsync(user, claims);
find = await UserManager.FindByIdAsync(user.Id);
findClaims = await UserManager.GetClaimsAsync(find);
// Assert Remove
findClaims.Should().BeEmpty();
// Assert Null
await Assert.ThrowsAsync <ArgumentNullException>(() => UserManager.AddClaimAsync(null !, c1));
await Assert.ThrowsAsync <ArgumentNullException>(() => UserManager.AddClaimAsync(user, null !));
await Assert.ThrowsAsync <ArgumentNullException>(() => UserManager.RemoveClaimAsync(null !, c1));
await Assert.ThrowsAsync <ArgumentNullException>(() => UserManager.RemoveClaimAsync(user, null !));
}
private async Task <JwtSecurityToken> GenerateJWToken(ApplicationUser user)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = new List <Claim>();
for (int i = 0; i < roles.Count; i++)
{
roleClaims.Add(new Claim("roles", roles[i]));
}
string ipAddress = IpHelper.GetIpAddress();
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim("uid", user.Id),
new Claim("ip", ipAddress)
}
.Union(userClaims)
.Union(roleClaims);
var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256);
var jwtSecurityToken = new JwtSecurityToken(
issuer: _jwtSettings.Issuer,
audience: _jwtSettings.Audience,
claims: claims,
expires: DateTime.UtcNow.AddMinutes(_jwtSettings.DurationInMinutes),
signingCredentials: signingCredentials);
return(jwtSecurityToken);
}
public async Task <LoginModel> Handle(LoginRequest request, CancellationToken cancellationToken)
{
var user = await userManager.FindByNameAsync(request.Email);
if (user == null || !user.EmailConfirmed)
{
throw new InvalidUsernameOrPasswordException();
}
var claims = new List <Claim>();
claims.AddRange(await userManager.GetClaimsAsync(user));
var roles = await userManager.GetRolesAsync(user);
foreach (var roleId in roles)
{
var role = await roleManager.FindByIdAsync(roleId);
claims.Add(new Claim(ClaimTypes.Role, role.Id));
claims.AddRange(await roleManager.GetClaimsAsync(role));
}
var isValidPassword = await userManager.CheckPasswordAsync(user, request.Password);
if (!isValidPassword)
{
await userManager.AccessFailedAsync(user);
throw new InvalidUsernameOrPasswordException();
}
await userManager.ResetAccessFailedCountAsync(user);
var response = new LoginModel(user.Id, claims.ToImmutableList());
return(response);
}
public async Task <string> GenerateJwtToken(ApplicationUser user)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = new List <Claim>();
for (int i = 0; i < roles.Count; i++)
{
roleClaims.Add(new Claim("roles", roles[i]));
}
var claims = new[]
{
new Claim("uid", user.Id),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
}
.Union(userClaims)
.Union(roleClaims);
var symmetricSecurityKey = new SymmetricSecurityKey(Convert.FromBase64String(_jwtSettings.Secret));
var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256);
var jwtSecurityToken = new JwtSecurityToken(
issuer: _jwtSettings.ValidIssuer,
audience: _jwtSettings.ValidAudience,
claims: claims,
expires: DateTime.UtcNow.Add(_jwtSettings.TokenTTL),
signingCredentials: signingCredentials);
var tokenHandler = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
return(tokenHandler);
}
private async Task <string> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(await _userManager.GetClaimsAsync(user));
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identityClaims,
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
//return tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
var claims = identityClaims.Claims
.Select(x => new
{
Type = x.Type.ToString(),
Value = x.Value
})
.ToList();
var response = new Dictionary <string, object>();
response.Add("Token", tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)));
response.Add("Claims", claims);
var json = JsonConvert.SerializeObject(response);
return(json);
}
public async Task <IActionResult> ManageUserClaims(string userId)
{
try
{
var user = await _userManager.FindByIdAsync(userId);
if (user == null)
{
Response.StatusCode = 404;
ViewData["ErrorMessage"] = "404 Resource not found.";
return(View("Error"));
}
var existingUserClaims = await _userManager.GetClaimsAsync(user);
var allClaims = await _repository.GetAllUserClaims();
var allClaimsViewModel = _mapper.Map <List <ApplicationClaim>, List <ApplicationClaimViewModel> >(allClaims);
ManageUserClaimsViewModel allInfo = new ManageUserClaimsViewModel()
{
UserId = userId,
UserEmail = user.Email,
ExistingUserClaims = existingUserClaims,
AllClaims = allClaimsViewModel
};
return(View("ManageUserClaims", allInfo));
}
catch (DbUpdateException dbex)
{
ViewData["ErrorMessage"] = "DB issue - " + dbex.Message;
return(View("Error"));
}
catch (Exception ex)
{
ViewData["ErrorMessage"] = ex.Message;
return(View("Error"));
}
}
public virtual async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
var id = new ClaimsIdentity(Options.Cookies.ApplicationCookieAuthenticationScheme,
Options.ClaimsIdentity.UserNameClaimType,
Options.ClaimsIdentity.RoleClaimType);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await UserManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
}
}
if (UserManager.SupportsUserClaim)
{
id.AddClaims(await UserManager.GetClaimsAsync(user));
}
return(new ClaimsPrincipal(id));
}
private async Task StoreClaims(ClaimsPrincipal externalUser, string provider, List <Claim> claims)
{
var(user, providerUserId) = await FindUserFromExternalProviderAsync(externalUser, provider)
.ConfigureAwait(false);
if (user == null)
{
await AutoProvisionUserAsync(provider, providerUserId, claims)
.ConfigureAwait(false);
return;
}
var userClaims = await _userManager.GetClaimsAsync(user).ConfigureAwait(false);
// remove delete claims
var deleteClaims = userClaims
.Where(c => !claims.Any(uc => uc.Type == c.Type &&
uc.Value == c.Value &&
uc.Issuer == c.Issuer));
if (deleteClaims.Any())
{
await _userManager.RemoveClaimsAsync(user, deleteClaims)
.ConfigureAwait(false);
}
// add new claims
var newClaims = claims
.Where(c => !userClaims.Any(uc => uc.Type == c.Type &&
uc.Value == c.Value &&
uc.Issuer == c.Issuer));
if (newClaims.Any())
{
await _userManager.AddClaimsAsync(user, newClaims)
.ConfigureAwait(false);
}
}
public async Task <LoginResponse> PasswordLoginAsync(LoginRequest request)
{
var response = await _signInManager.PasswordSignInAsync(request.UserName, request.Password, false, false);
if (!response.Succeeded)
{
return new LoginResponse
{
StatusCode = (int)HttpStatusCode.Unauthorized
}
}
;
var userEntity = await _userManager.FindByNameAsync(request.UserName);
var claims = await _userManager.GetClaimsAsync(userEntity);
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, userEntity.Email));
claims.Add(new Claim(ClaimsIdentity.DefaultNameClaimType, userEntity.UserName));
claims.Add(new Claim(ClaimTypes.NameIdentifier, userEntity.Id));
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:SecretKey"]));
var credentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_configuration["Jwt:Issuer"],
_configuration["Jwt:Audience"],
claims,
expires: DateTime.UtcNow.AddDays(3),
signingCredentials: credentials
);
return(new LoginResponse
{
AccessToken = new JwtSecurityTokenHandler().WriteToken(token),
StatusCode = (int)HttpStatusCode.OK
});
}
private async Task <object> GerarTokenUsuario(LoginViewModel login)
{
var user = await _userManager.FindByEmailAsync(login.Email);
var userClaims = await _userManager.GetClaimsAsync(user);
userClaims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
userClaims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
userClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, await _jwtTokenOptions.JtiGenerator()));
userClaims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtTokenOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64));
var jwt = new JwtSecurityToken(
issuer: _jwtTokenOptions.Issuer,
audience: _jwtTokenOptions.Audience,
claims: userClaims,
notBefore: _jwtTokenOptions.NotBefore,
expires: _jwtTokenOptions.Expiration,
signingCredentials: _jwtTokenOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var orgUser = _usuarioDadosAppService.FindById(Guid.Parse(user.Id));
var response = new
{
access_token = encodedJwt,
expires_in = (int)_jwtTokenOptions.ValidFor.TotalSeconds,
user = new
{
id = user.Id,
nome = orgUser.Nome,
email = user.Email,
cpf = orgUser.CPF,
claims = userClaims.Select(c => new { c.Type, c.Value })
}
};
return(response);
}
protected virtual async Task <ClaimsIdentity> GenerateIdentityClaimsAsync(IdentityUser user)
{
var id = new ClaimsIdentity("Identity.Application", Options.ClaimsIdentity.UserNameClaimType, Options.ClaimsIdentity.RoleClaimType);
id.AddClaim(new Claim(RocketClaimTypes.UserId, user.Id.ToString()));
id.AddClaim(new Claim(RocketClaimTypes.UserName, user.UserName));
id.AddClaim(new Claim(RocketClaimTypes.Name, user.Name));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp));
}
if (UserManager.SupportsUserClaim)
{
id.AddClaims(await UserManager.GetClaimsAsync(user));
}
if (UserManager.SupportsUserRole)
{
var roles = await UserManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
var role = await RoleManager.FindByNameAsync(roleName);
if (role != null)
{
id.AddClaim(new Claim(RocketClaimTypes.RoleId, role.Id.ToString()));
id.AddClaim(new Claim(RocketClaimTypes.Role, role.Name));
if (RoleManager.SupportsRoleClaims)
{
id.AddClaims(await RoleManager.GetClaimsAsync(role));
}
}
}
}
return(id);
}
public async Task <string> GenerateEncodedTokenForUser(string userName, ClaimsIdentity identity)
{
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Jti, await CreateJwt().JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(CreateJwt().IssuedAt).ToString(), ClaimValueTypes.Integer64),
identity.FindFirst(JwtRegisteredClaimNames.Sub),
new Claim(JwtClaimIdentifiers.AuthType, ((int)AuthenticationType.IndividualUser).ToString(), ClaimValueTypes.Integer64)
};
// get the user and claims the user has
var user = await _userManager.FindByNameAsync(userName);
var userClaims = await _userManager.GetClaimsAsync(user);
claims.AddRange(userClaims); //add any user claims (but probably won't use these in the db)
IList <string> userRoles = await _userManager.GetRolesAsync(user);
claims = await GetRoleClaimsForRole(userRoles, claims);
return(CreateAndEncodeJwtToken(claims));
}
public async Task <bool> AddLoginTimeClaim(AppUserLoginVM model)
{
AppUser user = null;
user = await _userManager.FindByNameAsync(model.UsernameorEmail);
if (user == null)
{
user = await _userManager.FindByEmailAsync(model.UsernameorEmail);
}
if (user != null)
{
Claim loginTimeClaim = (await _userManager.GetClaimsAsync(user)).FirstOrDefault(c => c.Type == "loginTime");
if (loginTimeClaim != null)
{
await _userManager.RemoveClaimAsync(user, loginTimeClaim);
}
IdentityResult result = await _userManager.AddClaimAsync(user, new Claim("loginTime", DateTime.UtcNow.ToString()));
return(result.Succeeded);
}
return(false);
}
public async Task <(AccountResponseModel, bool)> Register(RegisterRequestModel registerRequest)
{
var user = new AppUser
{
Email = registerRequest.Email,
Id = Guid.NewGuid(),
UserName = registerRequest.Email,
Name = registerRequest.Name,
};
// Create new user with .NET Core Identity Service
var result = await _userManager.CreateAsync(user, registerRequest.Password);
if (!result.Succeeded)
{
return(null, false);
}
var domain = registerRequest.Email.Split("@")[1];
var org = domain switch
{
"u.nus.edu" => "nus",
_ => "none"
};
// Generate JWT Claims
var x = await _userManager.AddClaimAsync(user, new Claim("org", org));
if (!x.Succeeded)
{
return(null, false);
}
// Obtain data and return
var created = await _userManager.FindByEmailAsync(user.Email);
var claims = await _userManager.GetClaimsAsync(created);
return(ToResponseModel(created, claims), true);
}
public async Task <LoginModel> Handle(LoginCommand request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
throw new Exception("User do not exists");
}
var login = await _signInManager.PasswordSignInAsync(user, request.Password, true, true);
if (!login.Succeeded)
{
throw new Exception("Somthing went wrong try again");
}
var claims = await _userManager.GetClaimsAsync(user);
return(new LoginModel
{
Token = PrepareToken(claims)
});
}
private async Task <string> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(await _userManager.GetClaimsAsync(user));
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identityClaims,
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature),
};
return(tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)));
}
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordRequest model)
{
var user = await UserManager.FindByIdAsync(UserManager.GetUserId(User));
var result = await UserManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);
if (result.Succeeded)
{
var allClaims = await UserManager.GetClaimsAsync(user);
var resetPasswordClaims = allClaims
.Where(c => c.Type == DefaultClaims.NeedResetPassword.Type && c.Value == DefaultClaims.NeedResetPassword.Value)
.ToList();
if (resetPasswordClaims.Any())
{
var removeClaimsResult = await UserManager.RemoveClaimsAsync(user, resetPasswordClaims);
logger.LogInformation($"User changed default password");
}
return(Ok());
}
return(BadRequest(result.Errors));
}
private async Task TestClaims()
{
TestSiteUser user = await UserManager.FindByEmailAsync(TestData.Email);
var claim = new Claim(TestData.ClaimType, TestData.ClaimValue, TestData.ClaimIssuer);
if (!(await UserManager.AddClaimAsync(user, claim)).Succeeded)
{
throw new ClaimFailsException("Failed add claim");
}
if ((await UserManager.GetClaimsAsync(user)).All(x => x.Value != TestData.ClaimValue))
{
throw new ClaimFailsException("Failed retrieve claim");
}
await UserManager.RemoveClaimAsync(user, claim);
if ((await UserManager.GetClaimsAsync(user)).Any(x => x.Value == TestData.ClaimValue))
{
throw new ClaimFailsException("Failed removed claim");
}
}
public async Task <IViewComponentResult> InvokeAsync(BaiPost model)
{
var Comments = model.Comments.ToList();
List <LoadCommentModel> data = new List <LoadCommentModel>();
foreach (var item in Comments)
{
var user = await _userManager.FindByNameAsync(item.IdnguoiTao.ToString());
var claim = await _userManager.GetClaimsAsync(user);
LoadCommentModel loadCommentModel = new LoadCommentModel
{
NoiDungComment = item.NoiDungComment,
NgayPost = item.NgayPost.Value.ToString("HH:mm dd/MM/yyyy"),
NguoiComment = claim[0].Value,
AnhDinhKem = item.AnhDinhKem
};
data.Add(loadCommentModel);
}
data.Reverse();
return(await Task.FromResult <IViewComponentResult>(View(data)));
}
private async Task <AuthUserViewModel> GetUser(string userName)
{
var user = await _userManager.FindByNameAsync(userName);
var claims = await _userManager.GetClaimsAsync(user);
var vm = new AuthUserViewModel()
{
UserName = user.UserName,
Nickname = user.Nickname,
IsAdmin = claims.Any(x => x.Value.Equals("admin")),
Tokens = user.Tokens,
GamesPlayed = user.GamesPlayed,
GamesWon = user.GamesWon,
NavBarColor = user.NavBarColor,
BackgroundColor = user.BackgroundColor,
Id = user.Id,
Friends = user.Friends
//
};
return(vm);
}
public async Task <IActionResult> EditUser(string id)
{
var user = await _userManager.FindByIdAsync(id);
if (user == null)
{
return(RedirectToAction("Index"));
}
var claims = await _userManager.GetClaimsAsync(user);
var vm = new UserEditViewModel
{
Id = user.Id,
UserName = user.UserName,
IdCardNo = user.IdCardNo,
Email = user.Email,
BirthDate = user.BirthDate,
Claims = claims.Select(x => x.Value).ToList()
};
return(View(vm));
}
public async Task <IActionResult> Update(int id)
{
var user = await _userManager.FindByIdAsync(id.ToString());
if (user == null)
{
return(View("StatusCodes/UserNotFound", id));
}
var userClaims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
var model = new UpdateUserViewModel()
{
Id = user.Id,
Name = user.UserName,
Claims = userClaims.Select(c => c.Value).ToList(),
Roles = userRoles
};
return(View(model));
}
public async Task <IActionResult> EditUser(string id)
{
var user = await _userManager.FindByIdAsync(id);
if (user == null)
{
return(RedirectToAction("UserManagement"));
}
var claims = await _userManager.GetClaimsAsync(user);
var vm = new EditUserViewModel()
{
Id = user.Id,
Email = user.Email,
UserName = user.UserName,
Country = user.Country,
City = user.City,
Birthday = user.Birthday,
UserClaims = claims.Select(c => c.Value).ToList()
};
return(View(vm));
}
public async Task <Result <UserDto> > Handle(Query request, CancellationToken cancellationToken)
{
AppUser user = await context.Users.FindAsync(request.Id);
if (user == null)
{
return(null);
}
var claims = await userManager.GetClaimsAsync(user);
bool IsAdmin = claims?.FirstOrDefault(x => x.Type == "IsAdmin" && x.Value == "true") != null?true:false;
UserDto userDetails = new UserDto
{
Id = user.Id,
IsAdmin = IsAdmin,
Name = user.Name,
Surname = user.Surname,
};
return(Result <UserDto> .Success(userDetails));
}
public async Task <IActionResult> EditUser(string id)
{
var user = await userManager.FindByIdAsync(id);
if (user == null)
{
}
var userClaims = await userManager.GetClaimsAsync(user);
var userRoles = await userManager.GetRolesAsync(user);
var model = new EditUserViewModel
{
Id = user.Id,
UserName = user.Email,
City = user.City,
Email = user.Email,
Roles = userRoles,
Claims = userClaims.Select(c => c.Value).ToList()
};
return(View(model));
}
public async Task DupeUserClaimTest()
{
var db = UnitTestHelper.CreateDefaultDb();
var manager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(db));
var user = new IdentityUser("u1");
var result = await manager.CreateAsync(user);
Assert.NotNull(user);
var claims = new[]
{
new Claim("c1", "v1"),
new Claim("c2", "v2"),
new Claim("c3", "v3")
};
foreach (Claim c in claims)
{
// Add dupes
UnitTestHelper.IsSuccess(await manager.AddClaimAsync(user.Id, c));
UnitTestHelper.IsSuccess(await manager.AddClaimAsync(user.Id, c));
}
var userClaims = new List<Claim>(await manager.GetClaimsAsync(user.Id));
Assert.Equal(6, userClaims.Count);
var currentExpected = 6;
foreach (Claim c in claims)
{
Assert.True(userClaims.Exists(u => u.Type == c.Type && u.Value == c.Value));
UnitTestHelper.IsSuccess(await manager.RemoveClaimAsync(user.Id, c));
var cs = await manager.GetClaimsAsync(user.Id);
currentExpected -= 2;
Assert.Equal(currentExpected, cs.Count());
Assert.Equal(currentExpected, db.Set<IdentityUserClaim>().Count());
}
}
public async Task Delete(int? gameID)
{
if (gameID == null)
{
throw new ArgumentNullException("gameID");
}
var id = gameID.Value;
var game = await db.Games.FindAsync(id);
if (game == null)
{
throw new ArgumentException("Could not find game with id " + id);
}
var userID = this.User.Identity.GetUserId();
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this.db));
var appUser = await manager.FindByIdAsync(this.User.Identity.GetUserId());
if (!DoesUserOwnGame(appUser, id))
{
throw new ArgumentException("Could not delete game");
}
var memberships = await db.GameMemberships.Where(m => m.GameID == id).Include(m => m.ApplicationUser).ToListAsync();
var claims = await Task.WhenAll(memberships.Select(m => m.ApplicationUser).Select(user =>
manager.GetClaimsAsync(user.Id).ContinueWith(t => new { Claims = t.Result, User = user })));
var strId = id.ToString();
var removeTasks = from tuple in claims
from claim in tuple.Claims
where (claim.Type == "GameOwnership" || claim.Type == "GameOwnership" || claim.Type == "GameMaster") && claim.Value == strId
select manager.RemoveClaimAsync(tuple.User.Id, claim);
await Task.WhenAll(removeTasks);
db.GameMemberships.RemoveRange(memberships);
db.Games.Remove(game);
await db.SaveChangesAsync();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, SampleDataInitializer sampleData, UserManager<ApplicationUser> userManager)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// For more details on creating database during deployment see http://go.microsoft.com/fwlink/?LinkID=615859
try
{
using (var serviceScope = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>()
.CreateScope())
{
serviceScope.ServiceProvider.GetService<ApplicationDbContext>()
.Database.Migrate();
}
}
catch { }
}
app.UseIISPlatformHandler(options => options.AuthenticationDescriptions.Clear());
app.UseStaticFiles();
app.UseIdentity();
// Refactor this into a seperate class
// Remove hard coding of the password in the installDevices routine!
app.UseBasicAuthentication(o =>
{
o.Realm = $"j64 Alarm";
o.Events = new BasicAuthenticationEvents
{
OnSignIn = c =>
{
var x = userManager.FindByNameAsync(c.UserName);
x.Wait();
if (x.Result != null)
{
var y = userManager.CheckPasswordAsync(x.Result, c.Password);
y.Wait();
if (y.Result == true)
{
var z = userManager.GetClaimsAsync(x.Result);
z.Wait();
var identity = new ClaimsIdentity(z.Result, c.Options.AuthenticationScheme);
c.Principal = new ClaimsPrincipal(identity);
}
}
return Task.FromResult(true);
}
};
});
// To configure external authentication please see http://go.microsoft.com/fwlink/?LinkID=532715
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
// Seed some default entries into the database
var task = sampleData.CreateMasterUser();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, UserManager<ApplicationUser> userManager, ApplicationDbContext ctx)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseIdentity();
// Add external authentication middleware below. To configure them please see http://go.microsoft.com/fwlink/?LinkID=532715
// Refactor this into a seperate class
// Remove hard coding of the password in the installDevices routine!
app.UseBasicAuthentication(o =>
{
o.Realm = $"j64 Alarm";
o.Events = new BasicAuthenticationEvents
{
OnSignIn = c =>
{
var x = userManager.FindByNameAsync(c.UserName);
x.Wait();
if (x.Result != null)
{
var y = userManager.CheckPasswordAsync(x.Result, c.Password);
y.Wait();
if (y.Result == true)
{
var z = userManager.GetClaimsAsync(x.Result);
z.Wait();
var identity = new ClaimsIdentity(z.Result, c.Options.AuthenticationScheme);
c.Principal = new ClaimsPrincipal(identity);
}
}
return Task.FromResult(true);
}
};
});
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
// Seed some default entries into the database
var task = new Data.UserDataInitializer(ctx, userManager).CreateMasterUser();
}
public async Task StoreFacebookInfo(ApplicationUser user)
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(db));
var claimsforUser = await userManager.GetClaimsAsync(user.Id);
var access_token = claimsforUser.FirstOrDefault(x => x.Type == "FacebookAccessToken").Value;
var fb = new FacebookClient(access_token);
dynamic myInfo = fb.Get("/me");
var curFbId = myInfo.id;
dynamic myFriends = fb.Get("/me/friends");
dynamic albums = fb.Get("/me/albums");
//Retrieve Facebook Friends
bool exists = db.FbInfoes.Any(row => row.UserId == user.Id);
if (exists != true)
{
var profileInfo = new FbInfo();
if (myFriends.data != null)
{
foreach (var item in myFriends.data)
{
var f = JsonConvert.DeserializeObject<friends>(item.ToString());
profileInfo.friendsList.Add(f);
}
}
if(albums.data !=null)
{
foreach (var item in albums.data)
{
albums c = new albums();
var f = JsonConvert.DeserializeObject<friends>(item.ToString());
c.friend_id = f.friend_id;
c.id = f.id;
c.name = f.name;
profileInfo.albumsList.Add(c);
}
}
//Retrieve Facebook Mutual Friends
dynamic myMutualFriends = fb.Get(curFbId + "?fields=context.fields(mutual_friends)");
if (myMutualFriends.context.mutual_friends.data != null)
{
foreach (var item in myMutualFriends.context.mutual_friends.data)
{
var f = JsonConvert.DeserializeObject<mutualFriends>(item.ToString());
profileInfo.mutualFriendsList.Add(f);
}
}
//Save all information retrieved from FB into a db
profileInfo.fbId = myInfo.id;
profileInfo.email = myInfo.email;
profileInfo.name = myInfo.name;
profileInfo.firstName = myInfo.first_name;
profileInfo.lastName = myInfo.last_name;
profileInfo.link = myInfo.link;
profileInfo.gender = myInfo.gender;
profileInfo.imageURL = "https://graph.facebook.com/" + myInfo.id + "/picture?type=large";
profileInfo.locale = myInfo.locale;
profileInfo.aboutMe = myInfo.bio;
profileInfo.birthday = myInfo.birthday;
// Need to get the year of the school from the educationList
if (myInfo.education != null)
{
foreach (var item in myInfo.education)
{
var f = JsonConvert.DeserializeObject<education>(item.school.ToString());
var x = JsonConvert.DeserializeObject<education>(item.year.ToString());
f.year = x.name;
profileInfo.educationList.Add(f);
}
}
if (myInfo.work != null)
{
foreach (var item in myInfo.work)
{
var f = JsonConvert.DeserializeObject<workHistory>(item.employer.ToString());
profileInfo.workHistoryList.Add(f);
}
}
profileInfo.UserId = user.Id;
db.FbInfoes.Add(profileInfo);
db.SaveChanges();
}
}
public async Task<int> SyncMembershipsAndClaims([FromBody]Fixit fixit)
{
var userName = fixit.UserName;
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this.db));
var query = db.GameMemberships.Include(mem => mem.Game).Include(mem => mem.ApplicationUser);
if (!string.IsNullOrEmpty(userName) && !userName.Equals("$all", StringComparison.InvariantCultureIgnoreCase))
{
query = query.Where(mem => mem.ApplicationUser.DisplayName == userName);
}
var memberships = await query.ToListAsync();
int membershipsFixed = 0;
foreach (var membershipGroup in memberships.GroupBy(m => m.ApplicationUser))
{
var user = membershipGroup.Key;
var claims = await manager.GetClaimsAsync(user.Id);
foreach (var membership in membershipGroup)
{
bool wasFixed = false;
if (!claims.Where(c => c.Type == "GameMembership").Any(c => c.Value == membership.GameID.ToString()))
{
var result = await manager.AddClaimAsync(user.Id, new Claim("GameMembership", membership.GameID.ToString()));
if (!result.Succeeded)
{
Trace.WriteLine(string.Format("Error creating GameMembership claim for user {0} for game {1}: errors {2}", user.Id, membership.GameID,
string.Join(", ", result.Errors)));
}
else
{
wasFixed = true;
}
}
if (membership.Roles.Contains("Owner"))
{
if (!claims.Where(c => c.Type == "GameOwnership").Any(c => c.Value == membership.GameID.ToString()))
{
var result = await manager.AddClaimAsync(user.Id, new Claim("GameOwnership", membership.GameID.ToString()));
if (!result.Succeeded)
{
Trace.WriteLine(string.Format("Error creating GameOwnership claim for user {0} for game {1}: errors {2}", user.Id, membership.GameID,
string.Join(", ", result.Errors)));
}
else
{
wasFixed = true;
}
}
}
if (membership.Roles.Contains("Gamemaster"))
{
if (!claims.Where(c => c.Type == "GameMaster").Any(c => c.Value == membership.GameID.ToString()))
{
var result = await manager.AddClaimAsync(user.Id, new Claim("GameMaster", membership.GameID.ToString()));
if (!result.Succeeded)
{
Trace.WriteLine(string.Format("Error creating GameMaster claim for user {0} for game {1}: errors {2}", user.Id, membership.GameID,
string.Join(", ", result.Errors)));
}
else
{
wasFixed = true;
}
}
}
if (wasFixed)
{
membershipsFixed++;
}
}
}
return membershipsFixed;
}
