protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
Response rp = new Response();
aUtilities autil = new aUtilities();
string token;
HttpResponseMessage st = new HttpResponseMessage();
// determine whether a jwt exists or not
if (!TryRetrieveToken(request, out token))
{
//Task<HttpResponseMessage> x = base.SendAsync(request, cancellationToken);
return(base.SendAsync(request, cancellationToken));
}
try
{
var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"];
var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"];
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
IdentityModelEventSource.ShowPII = true;
SecurityToken securityToken;
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
TokenValidationParameters validationParameters = new TokenValidationParameters()
{
ValidAudience = audienceToken,
ValidIssuer = issuerToken,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
LifetimeValidator = this.LifetimeValidator,
IssuerSigningKey = securityKey
};
// Extract and assign Current Principal and user
Thread.CurrentPrincipal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
HttpContext.Current.User = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
return(base.SendAsync(request, cancellationToken));
}
catch (SecurityTokenValidationException ex)
{
if (ex.ToString().Contains("Lifetime validation failed"))
{
LoginModel lm = new LoginModel();
lm.token = token;
aSecurity sg = new aSecurity();
ClaimsPrincipal cp = getprincipalnotime(token);
Guid usuario = Guid.Parse(cp.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).SingleOrDefault());
//sg.TimeLogOff(usuario);
st.StatusCode = HttpStatusCode.Redirect;
st.Headers.Add("Message", "Session Vencida");
//autil.MensajeRetorno(ref rp, 1, string.Empty, null, HttpStatusCode.Redirect);
}
else
{
st.StatusCode = HttpStatusCode.Unauthorized;
st.Headers.Add("Message", "Session no autorizada");
//autil.MensajeRetorno(ref rp, 1, string.Empty, null, HttpStatusCode.Unauthorized);
}
}
catch (Exception ex)
{
st.StatusCode = HttpStatusCode.InternalServerError;
st.Headers.Add("Message", "Error General");
//autil.MensajeRetorno(ref rp, 4, string.Empty, null, HttpStatusCode.InternalServerError);
}
return(Task <HttpResponseMessage> .Factory.StartNew(() => st));
}
public HttpResponseMessage Login(object key)
{
aSecurity s = new aSecurity();
return(ut.ReturnResponse(s.Login(key)));
}
