public async Task <AuthOutput> GetPermissionByUserId(Guid userId) { var failed = new AuthOutput { Result = AuthMessage.AuthFailed }; try { var query = from a in _userRepo.GetAll() join b in _roleAssignmentRepo.GetAll() on a.Id equals b.UserId join c in _permissionRepo.GetAll() on b.RoleId equals c.RoleId where a.Id == userId && !a.IsDeleted && !b.IsDeleted && !c.IsDeleted select c; var output = await query.ToListAsync(); return(new AuthOutput { Permissions = output.Select(x => x.Claim).ToList() }); } catch (Exception e) { throw e; } }
public async Task <AuthOutput> Authenticate(string password, string loginName, string secretKey, int validPeriodInMinutes) { var failed = new AuthOutput { Result = AuthMessage.AuthFailed }; try { var query = from a in _userRepo.GetAll() join b in _roleAssignmentRepo.GetAll() on a.Id equals b.UserId join c in _permissionRepo.GetAll() on b.RoleId equals c.RoleId where a.LoginName == loginName && !a.IsDeleted && !b.IsDeleted && !c.IsDeleted select new { User = a, RoleAssignment = b, Claim = c }; var output = await query.ToListAsync(); if (output.Count == 0) { return(failed); } var credential = output.First().User; var computedHashPw = _crypytoHelper.GenerateHashedPassword(password, credential.Salt); if (credential.PasswordHash != computedHashPw) { return(failed); } return(new AuthOutput { Result = AuthMessage.AuthSuccess, DisplayName = credential.DisplayName, JwToken = _tokenHelper.GenerateJwToken(credential.Id, secretKey, validPeriodInMinutes), Permissions = output.Select(x => x.Claim.Claim).ToList(), UserId = credential.Id, RoleId = output.First().RoleAssignment.RoleId }); } catch (InvalidOperationException) { return(failed); } catch (Exception e) { throw e; } }
public void TestSuccessfulPatAcquisition() { var outStream = new StringBuilder(); var testAuthOutput = new AuthOutput() { Username = "", Password = "******", Message = "" }; var serialized = JsonConvert.SerializeObject(testAuthOutput); var credHelper = CredentialProviderHelper.CreateInstanceForTesting(m => outStream.AppendLine(m), CmdHelper.OsShellExe, $"/d /c echo {serialized}"); var result = credHelper.AcquirePatAsync(new Uri("https://foo"), PatType.CacheReadWrite).Result; XAssert.IsTrue(result.Result == CredentialHelperResultType.Success); XAssert.IsTrue(outStream.ToString().Contains("Credentials were successfully retrieved from provider")); XAssert.IsTrue(outStream.ToString().Contains("testPassword")); XAssert.IsNotNull(result.Pat); }
public async Task <AuthOutput> Authenticate(string token, string secretKey) { var failed = new AuthOutput { Result = AuthMessage.AuthFailed }; try { var result = _tokenHelper.DecodeJwToken(token, secretKey, out IEnumerable <Claim> claims); if (result == false) { return(failed); } var id = claims.First(x => x.Type == "uid").Value; var user = await _userRepo.GetUserById(Guid.Parse(id)); if (user.IsDeleted == true) { return(failed); } return(new AuthOutput { Result = AuthMessage.AuthSuccess, DisplayName = user.DisplayName, JwToken = token }); } catch (InvalidOperationException) { return(failed); } catch (Exception e) { throw e; } }
/// <summary> /// Authenticates user based on his email and password /// </summary> /// <param name="email"></param> /// <param name="pass"></param> /// <returns></returns> public static async Task <AuthOutput> LetMeInAsync(string email, string pass) { return(AuthOutput.FromTokenResponse( await AuthenticateUserAsync(email, pass) )); }
/// <summary> /// Refreshes auth tokens - access token + refresh token /// </summary> /// <param name="refreshToken"></param> /// <returns></returns> public static async Task <AuthOutput> RefreshTokensAsync(string refreshToken) { return(AuthOutput.FromTokenResponse( await RequestRefreshTokenAsync(refreshToken) )); }