public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId; string clientSecret; if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.TryGetFormCredentials(out clientId, out clientSecret); } if (context.ClientId == null) { context.SetError(InvalidClientId, "client_Id is not set"); return(Task.FromResult <object>(null)); } var audience = AudienceService.FindAudience(context.ClientId); if (audience == null) { context.SetError(InvalidClientId, string.Format("Invalid client_id '{0}'", context.ClientId)); return(Task.FromResult <object>(null)); } context.Validated(); return(Task.FromResult <object>(null)); }
private Audience GetAudience(string name) { var options = new DbContextOptionsBuilder <GhDbContext>(); string connectstr = Configuration["DbConnection"]; options.UseSqlServer(connectstr); var dbContext = new GhDbContext(options.Options); AudienceService service = new AudienceService(dbContext); return(service.GetByName(name)); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } var audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null; if (string.IsNullOrWhiteSpace(audienceId)) { throw new InvalidOperationException("AuthenticationTicket.Properties does not include audience"); } var audience = AudienceService.FindAudience(audienceId); var signingKey = new HmacSigningCredentials(TextEncodings.Base64Url.Decode(audience.SecretKey)); var issued = data.Properties.IssuedUtc ?? DateTimeOffset.UtcNow; var expires = data.Properties.ExpiresUtc ?? DateTimeOffset.UtcNow; var token = new JwtSecurityToken( issuer, audienceId, data.Identity.Claims, issued.UtcDateTime, expires.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public override void OnActionExecuting(ActionExecutingContext context) { string userId = context.HttpContext.User.Identity.Name; if (string.IsNullOrWhiteSpace(AuthId)) { context.Result = new StatusCodeResult(405); return; } if (context.HttpContext.User.Identity.IsAuthenticated == false) { context.Result = new StatusCodeResult(405); return; } AudienceService services = context.HttpContext.RequestServices.GetService(typeof(AudienceService)) as AudienceService; Permission permission = services.GetPermissingById(this.AuthId, userId); if (permission == null) { context.Result = new StatusCodeResult(405); return; } base.OnActionExecuting(context); }