public IActionResult Post(AccessTokenDTO auth) { string tmp = string.Empty; try { TokenValidationService tm = new TokenValidationService( _refreshService, _configuration, _tSLogger, _tokenService, _tokenServiceDbContext, _encryptionService); tmp = tm.VerifyToken(auth); } catch (InvalidTokenException exToken) { return(Unauthorized(new UnauthorizedError(exToken.Message))); } catch (Exception ex) { return(Unauthorized(new UnauthorizedError(ex.Message))); } return(Ok(tmp)); }
internal KeycloakAuthorization(AccessTokenDTO authorization) { Guard.Argument(authorization, nameof(authorization)).NotNull(); Guard.Argument(authorization.Access_token, nameof(authorization.Access_token)).NotNull(); Guard.Argument(authorization.Expires_in, nameof(authorization.Expires_in)).Positive(); AccessToken = authorization.Access_token; Expires = DateTimeOffset.Now.AddSeconds(authorization.Expires_in); }
private OidcLoginData ParseOidcInfo(HttpWebResponse webResponse) { AccessTokenDTO jsonResponse = ParseAccessTokenJsonFromResponse(webResponse); long accessTokenExpirationInMillis = GetAccessTokenExpirationInMillis(jsonResponse.ExpiresIn); OidcLoginData oidcLoginData = OidcLoginData.GetOidcLoginDataInstance(); oidcLoginData.AccessToken = jsonResponse.AccessToken; oidcLoginData.RefreshToken = jsonResponse.RefreshToken; oidcLoginData.AccessTokenExpiration = accessTokenExpirationInMillis; return(oidcLoginData); }
private AccessTokenDTO ParseAccessTokenJsonFromResponse(HttpWebResponse webResponse) { AccessTokenDTO accessTokenDTO = null; string json; using (StreamReader readStream = new StreamReader(webResponse.GetResponseStream(), Encoding.UTF8)) { json = readStream.ReadToEnd(); JsonSerializerSettings settings = new JsonSerializerSettings(); settings.TypeNameHandling = TypeNameHandling.None; accessTokenDTO = JsonConvert.DeserializeObject <AccessTokenDTO>(json, settings); } return(accessTokenDTO); }
public string VerifyToken(AccessTokenDTO auth) { try { string SecretKey = config["Secretkey"]; ResponseDTO authorizationVm = new ResponseDTO(auth.Authorization, false, SecretKey, JWTToken); var handler = new TokenVerificationHandler(); handler.SetNext(new TokenTimeVerificationHandler()).SetNext(new TokenRevocationHandler()); handler.Handle(authorizationVm); return(TokenConstants.ValidToken); } catch { throw new InvalidTokenException(TokenConstants.InvalidToken); } }
public async Task <AccessTokenDTO> RefeshAccessToken() { try { var request = CreateRefreshAccessTokenRequest(); var client = _clientFactory.CreateClient("lis"); var response = await client.SendAsync(request); if (response.IsSuccessStatusCode) { var responseData = await response.Content.ReadAsStringAsync(); var result = JsonConvert.DeserializeObject <LisResponse>(responseData); if (result?.Answer?.Id_user != null) { var cookies = response.Headers.GetValues("Set-Cookie"); var accessTokenCookie = cookies.FirstOrDefault(x => x.StartsWith(AccessTokenCookieName)); var refreshTokenCookie = cookies.FirstOrDefault(x => x.StartsWith(RefreshTokenCookieName)); var accessTokenParts = accessTokenCookie.Split(new char[] { '=', ';' }); var refreshTokenParts = refreshTokenCookie.Split(new char[] { '=', ';' }); var retVal = new AccessTokenDTO() { AccessToken = accessTokenParts[1], AccessTokenExpiration = DateTime.Parse(accessTokenParts[3]), AccessTokenSourceCookie = accessTokenCookie, RefreshToken = refreshTokenParts[1], RefreshTokenExpiration = DateTime.Parse(refreshTokenParts[3]), RefreshTokenSourceCookie = refreshTokenCookie, }; return(retVal); } } throw new ApiSecurityException(ApiSecurityErrors.AuthenticationError); } catch (Exception) { throw new ApiSecurityException(ApiSecurityErrors.AuthenticationError); } }
private async Task <AccessTokenDTO> GenerateAccessToken(string username, string password) { try { var request = CreateGenerateAccessTokenRequest(username, password); var client = _clientFactory.CreateClient("lis"); var response = await client.SendAsync(request); if (response.IsSuccessStatusCode) { var responseData = await response.Content.ReadAsStringAsync(); if (responseData.Contains("success")) { var cookies = response.Headers.GetValues("Set-Cookie"); var accessTokenCookie = cookies.FirstOrDefault(x => x.StartsWith(AccessTokenCookieName)); var refreshTokenCookie = cookies.FirstOrDefault(x => x.StartsWith(RefreshTokenCookieName)); var accessTokenParts = accessTokenCookie.Split(new char[] { '=', ';' }); var refreshTokenParts = refreshTokenCookie.Split(new char[] { '=', ';' }); var retVal = new AccessTokenDTO() { AccessToken = accessTokenParts[1], AccessTokenExpiration = DateTime.Parse(accessTokenParts[3]), AccessTokenSourceCookie = accessTokenCookie, RefreshToken = refreshTokenParts[1], RefreshTokenExpiration = DateTime.Parse(refreshTokenParts[3]), RefreshTokenSourceCookie = refreshTokenCookie, }; return(retVal); } } throw new ApiSecurityException(ApiSecurityErrors.AuthenticationError); } catch (Exception) { throw new ApiSecurityException(ApiSecurityErrors.AuthenticationError); } }
public void TestAuthenticateAccessTokenFromRefreshToken() { ITSLogger log = new TSLogger(); AccessTokenDTO accessDTO = new AccessTokenDTO(); AuthorizationGrantRequestDTO authorizationGrantRequestDTO = new AuthorizationGrantRequestDTO { Client_Id = Guid.Parse("29bfd4b1-81c0-4db3-a615-4422d08f9792"), Code = null, Grant_Type = AuthorizationGrantType.refresh_token, UserName = null, Scope = null, Password = null, Redirect_Uri = null, Refresh_Token = HttpUtility.UrlEncode("pgsoAvSXD3xYPV+/pSAe3khYZWOFidHPxpltwNDP4Xw="), State = null }; IAuthenticationService tm = new AuthenticationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService()); accessDTO.Authorization = accessDTO.Authorization = tm.Authenticate(authorizationGrantRequestDTO).access_token; TokenValidationService tokenValidationService = new TokenValidationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService()); Assert.AreEqual(TokenConstants.ValidToken, tokenValidationService.VerifyToken(accessDTO)); }
public static AccessTokenDTO GetAuth() { AccessTokenDTO outmodel = MemoryCacheUtil.Get <AccessTokenDTO>("login_info"); if (outmodel == null) { var interfaceUrl = AppConfig.GetConfig("CRMWebAPIUrl").TrimEnd('/') + "/api/Login"; string query = string.Format("grant_type=client_credentials&client_id=idcas&client_secret=35601B332BFE17E5E13BD4DA62BD9FE8"); try { var result = HttpHelper.Post(interfaceUrl, query, "", "text/plain"); outmodel = JsonConvert.DeserializeObject <AccessTokenDTO>(result); MemoryCacheUtil.Set("login_info", outmodel, 7200); } catch (Exception ex) { _logger.Error("获取访问令牌异常", ex); } } return(outmodel); }
/// <summary> /// Initializes a new instance of the <see cref="KeycloakAuthorizationMapper"/> class /// </summary> /// <param name="data">A <see cref="AccessTokenDTO"/> instance containing data used to construct <see cref="KeycloakAuthorization"/> instance</param> internal KeycloakAuthorizationMapper(AccessTokenDTO data) { Guard.Argument(data, nameof(data)).NotNull(); _data = data; }
public IActionResult Facebook([FromBody] AccessTokenDTO model) { var client = _clientFactory.CreateClient(); // 1.generate an app access token var appAccessTokenResponse = client.GetAsync($"https://graph.facebook.com/oauth/access_token?client_id={_appSettings.FacebookAppId}&client_secret={_appSettings.FacebookAppSecret}&grant_type=client_credentials"); var responseString = appAccessTokenResponse.Result.Content.ReadAsStringAsync().Result; AccessTokenDTO appAccessToken = JsonConvert.DeserializeObject <AccessTokenDTO>(responseString); // 2. validate the user access token var userAccessTokenValidationResponse = client.GetAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}"); var userAccessResponseString = userAccessTokenValidationResponse.Result.Content.ReadAsStringAsync().Result; var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessResponseString); if (!userAccessTokenValidation.Data.IsValid) { return(BadRequest(new { code = false, message = "Invalid facebook token." })); } // 3. we've got a valid token so we can request user data from fb var userInfoResponse = client.GetAsync($"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,locale,birthday,picture&access_token={model.AccessToken}"); var userInfoResponseString = userInfoResponse.Result.Content.ReadAsStringAsync().Result; var userInfo = JsonConvert.DeserializeObject <ExternalLoginDTO>(userInfoResponseString); // 4. ready to create the local user account (if necessary) and jwt var user = _userService.FindByEmail(userInfo.Email); if (user == null) { var appUser = new User { Email = userInfo.Email, }; _userService.CreateExternalUser(appUser); } // generate the jwt for the local user... var localUser = _userService.FindByEmail(userInfo.Email); if (localUser == null) { return(BadRequest(new { code = false, message = "Failed to create local user account." })); } _externalLoginService.CreateOrUpdate(localUser, userInfo, ExternalLogin.FACEBOOK); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, localUser.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic user info (without password) and token to store client side return(Ok(new { status = true, userData = new { Id = localUser.Id, Email = localUser.Email, Phone = localUser.Phone, ReferralCode = localUser.ReferralCode, Token = tokenString } })); }
public ExchangeRefreshTokenResponseDTO(AccessTokenDTO accessToken, string refreshToken) { AccessToken = accessToken; RefreshToken = refreshToken; }
public async Task SetUpAccessToken(int userId, [FromBody] AccessTokenDTO token) { await _synchronizationService.SetUpUserToken(userId, token.Token); }
public async Task <AccessTokenCheckDTO> CheckIfTokenValid([FromBody] AccessTokenDTO token) { return(await _synchronizationService.CheckIfTokenValid(token.Token)); }