public void InvalidJsonInRefreshTokenRequestTest(JsonTransformationType jsonTransformationType) { var tokenGetRequest = new GetTokenRequest { ExpiresIn = 600, ExtPayload = new { sessionId = "qwer123" }, InvalidAfter = 10800, Method = "password", Service = "HRBC", Credentials = new GetTokenRequest.CredentialsType { CompanyId = AuthenticationInfoProvider.Current.DefaultCompanyName, UserId = AuthenticationInfoProvider.Current.DefaultUserLogin, Password = AuthenticationInfoProvider.Current.DefaultUserPassword } }; var tokenGetResponse = (new DefaultManager(_testConnection)).Send <GetTokenResponse>(tokenGetRequest); PrAssume.That(tokenGetResponse, PrIs.SuccessfulResponse(), "Failed to get a token for token refresh operation."); var request = new RefreshTokenRequest { ExpiresIn = 600, InvalidAfter = 10800, Token = tokenGetResponse.Result.Token }; PerformTest(tokenGetRequest, jsonTransformationType, CommonConstants.TokenRefreshUrl); }
public Task <BaseResponse <TokenDto> > GetToken(GetTokenRequest request) { string hashPassword = PasswordSecurityHelper.GetHashedPassword(request.Password); SysUser user = _repoUser.FindOne(x => x.Username.Equals(request.Username) && x.Password.Equals(hashPassword)); if (user == null) { return(Task.FromResult(new BaseResponse <TokenDto> { Data = null, Errors = "Tài khoản hay mật khẩu không hợp lệ", ErrorCode = -1 })); } user.Token = TokenSecurityHelper.GenerateToken(request.Username, request.Password, "120.0.0.1", "", DateTime.Now.Ticks); user.TokenExp = DateTime.Now.AddMinutes(30); user.LastLogin = DateTime.Now; _repoUser.Update(user); return(Task.FromResult(new BaseResponse <TokenDto> { Data = new TokenDto { Token = user.Token, Username = user.Username, Expired = user.TokenExp.Value, Id = user.Id.ToString() } })); }
/// <summary> /// Returns access tokens for making API requests /// HTTP Method: post /// Endpoint: /restapi/oauth/token /// Rate Limit Group: Auth /// </summary> public async Task <TokenInfo> Post(GetTokenRequest getTokenRequest, RestRequestConfig restRequestConfig = null) { var dict = new Dictionary <string, string>(); Utils.GetPairs(getTokenRequest).ToList().ForEach(t => dict.Add(t.name, t.value.ToString())); return(await rc.Post <TokenInfo>(Path(), new FormUrlEncodedContent(dict), null, restRequestConfig)); }
public void DeleteAccessTokenRevokesTheToken() { var token = testServer.GetAccessToken(); var token_part = token.Token.Substring(0, 24); var client = testServer.GetJsonClient(); var url = new DeleteTokenRequest() { TokenPart = token_part }.ToUrl("DELETE"); var service_url = testServer.ListenUrl + url; client.Delete <AccessTokenDto> (service_url); // check that the token has been delete from the db var get_url = new GetTokenRequest() { Username = RainyTestServer.TEST_USER }.ToUrl("GET"); var get_service_url = testServer.ListenUrl + get_url; List <AccessTokenDto> tokens = client.Get <List <AccessTokenDto> > (get_service_url); var the_token = tokens.Where(t => token.Token.StartsWith(t.TokenPart)); Assert.That(the_token.Count() == 0); }
private static string GetOtherCompanyToken() { using (var creds = AuthenticationInfoProvider.Current.Manager.GetCompany(new CompanySpecBuilder().HavingUsers(new[] { new UserSpecBuilder() }).NotSelected())) { if (_otherCopmanyToken != null) { return _otherCopmanyToken; } using (var connection = new AuthApiConnection(TestConfig.GetValueFromConfig("AuthCoreURL")) { SuppressAuthentication = true }) { var getTokenRequest = new GetTokenRequest { Service = "HRBC", Method = "password", Credentials = new GetTokenRequest.CredentialsType { CompanyId = creds.Name, UserId = creds.Users.Single().Login, Password = creds.Users.Single().Password }, ExpiresIn = 600, InvalidAfter = 10800 }; var response = (new DefaultManager(connection)).Send<GetTokenResponse>(getTokenRequest); Assume.That(response, PrIs.SuccessfulResponse(), "Failed to get a token"); return _invalidExpiredToken = response.Result.Token; } } }
private static AccessToken GetTokenByWx(string cacheKey, bool isQueryAgin = false) { lock (lockObj) { AccessToken token = CacheEx.Instance.Get <AccessToken>(cacheKey); if (!isQueryAgin && token != null && !token.IsExpired) { return(token); } var accessTokenRepository = GetAccessTokenRepository(); token = accessTokenRepository.Get(); if (token == null || (token != null && token.IsExpired)) { var res = new GetTokenRequest().Request(); if (res.IsSuccess) { token = new AccessToken(res); CacheEx.Instance.Add(cacheKey, token, token.ExpireTime); accessTokenRepository.Update(token); } } else { CacheEx.Instance.Add(cacheKey, token, token.ExpireTime); } return(token); } }
public void UpdateTokenDeviceName() { string new_device_name = "My home computer"; var token = testServer.GetAccessToken().Token.ToShortToken(); var client = testServer.GetJsonClient(); var url = new UpdateTokenRequest().ToUrl("PUT"); var req = new AccessTokenDto { TokenPart = token, DeviceName = new_device_name }; var service_url = testServer.ListenUrl + url; client.Put <AccessTokenDto> (service_url, req); // check that the token has been updated var get_url = new GetTokenRequest() { Username = RainyTestServer.TEST_USER }.ToUrl("GET"); var get_service_url = testServer.ListenUrl + get_url; List <AccessTokenDto> tokens = client.Get <List <AccessTokenDto> > (get_service_url); var updated_token = tokens.First(t => token == t.TokenPart); Assert.AreEqual(new_device_name, updated_token.DeviceName); }
private async Task <ClaimsIdentity> GetClaimsIdentity(GetTokenRequest user, Security security) { var users = _userRepository.ListUsersAsync(); var usr = users.FirstOrDefault(x => x.Username == user.Username); if (usr == null) { _securityRepository.IncreaseFailedGetTokenAttempts(security); await SendSecurityEmailNotification(); throw new HttpError(HttpStatusCode.BadRequest, "WrongUsernameOrPassword"); } var passwordValid = _hashService.Validate(user.Password, usr.Password); if (!passwordValid) { _securityRepository.IncreaseFailedGetTokenAttempts(security); await SendSecurityEmailNotification(); throw new HttpError(HttpStatusCode.BadRequest, "WrongUsernameOrPassword"); } return(new ClaimsIdentity(new GenericIdentity(user.Username, "Token"), new Claim[] { })); }
public async Task <SigninResultEnum> Signin(CancellationToken token) { var request = new GetTokenRequest { UserName = UserName, Password = Password }; var result = await _service.GetAccessToken(request, token); if (!result.IsSuccess) { var error = result.Error; switch (error.Type) { case "InvalidPassword": return(SigninResultEnum.InvalidPassword); case "UserNotFound": return(SigninResultEnum.UserNotFound); default: return(SigninResultEnum.UnknownError); } } var response = result.Ok; _settingsService.AddOrUpdateValue(Constants.AccessToken, response.AccessToken); await UpdateUserInfo(token); return(SigninResultEnum.Ok); }
/// <summary> /// Operation: Get Token /// Http Post /restapi/oauth/token /// </summary> public async Task <RingCentral.TokenResponse> Post(GetTokenRequest getTokenRequest) { var dict = new System.Collections.Generic.Dictionary <string, string>(); RingCentral.Utils.GetPairs(getTokenRequest) .ToList().ForEach(t => dict.Add(t.name, t.value.ToString())); return(await rc.Post <RingCentral.TokenResponse>(this.Path(), new FormUrlEncodedContent(dict))); }
public GetTokenResponse GetToken(GetTokenRequest request) { GetTokenResponse response = new GetTokenResponse(); response.IsTrue = false; response.Status = 0; if (request != null) { try { if (string.IsNullOrEmpty(request.AppId) || string.IsNullOrEmpty(request.Secret) || string.IsNullOrEmpty(request.Session_Id)) { response.Status = 0; response.Msg = "请求参数有误,请检查!"; } else { //获取三方APP信息 AppSettingInfo app = SystemFactory.Instance.GetSystemAppConfig(request.AppId, request.Secret); if (app != null) { if (app.AppStatus == AppStatus.Reviewed) { //更新Token,同时更新过期时间) string newToken = SystemFactory.Instance.UpdateTokenInfo(app); response.IsTrue = true; response.Access_Token = newToken; response.Status = 1; response.Msg = "请求成功!"; response.Expires_In = 7200; response.CorpCode = app.CorpCode; response.SubCorpCode = app.SubCorpCode; response.CorpName = app.CorpName; } else { response.Msg = "请联系管理员审批系统!"; } } else { response.Msg = "该APP未在码中心注册,或密钥有误!请重试或联系管理员"; } } } catch (Exception exception) { response.Msg = exception.Message; } } else { response.Msg = "非法请求,请重试!"; } return(response); }
public IHttpActionResult Get([FromBody] GetTokenRequest request) { if (CheckUser(request.Username, request.Password)) { var token = JwtUtil.GenerateToken(request.Username); return(Json(new { token })); } return(Unauthorized()); }
public IActionResult Post([FromBody] GetTokenRequest request) { if (IsValid(request.Username, request.Password)) { return(Ok(Generate(request.Username))); } return(BadRequest()); }
/// <summary> /// Looks up a existing token. /// </summary> /// <returns>The token returned by server.</returns> /// <param name="tokenId">Token id</param> public Task <Token> GetToken(string tokenId) { var request = new GetTokenRequest { TokenId = tokenId }; return(gateway(authenticationContext()).GetTokenAsync(request) .ToTask(response => response.Token)); }
private JsonWebToken GetWebToken(GetTokenRequest request = null) { request = request ?? GenerateGetTokenRequest(); var response = (new DefaultManager(_testConnection)).Send <GetTokenResponse>(request); PrAssert.That(response, PrIs.SuccessfulResponse(), "Failed to get a token"); return(new JsonWebToken(response.Result.Token)); }
public TokenResponse GetToken(GetTokenRequest credentialsLogin) { JsonLoginRequest jsonLoginRequest = new JsonLoginRequest(credentialsLogin.ClientId, credentialsLogin.ClientSecret, credentialsLogin.GrantType); jsonLoginRequest = _repositoryLogin.GetToken(jsonLoginRequest); TokenResponse response = new TokenResponse(); return(response); }
public TokenResultEntity GetToken() { bool bgetToken = false; TokenResultEntity result = new TokenResultEntity(); try { if (string.IsNullOrEmpty(GlobalTokenHelper.gToken)) { bgetToken = true; } else { System.DateTime currentTime = System.DateTime.Now; System.TimeSpan TS = currentTime - GlobalTokenHelper.gTokenDateTime; if (TS.TotalSeconds >= GlobalTokenHelper.Expiry - 60) { bgetToken = true; } } if (bgetToken == true) { var request = new GetTokenRequest() { AppId = "SYY", AppSecret = "0B2223C37F54864403847E762E1F87F3" }; result = this.Client.InvokeAPI <TokenResultEntity>(request); if (result == null) { result = new TokenResultEntity(); result.Code = 100; result.ErrMsg = "网络连接异常,请检查网络!"; } else { if (result.Code == 0) { GlobalTokenHelper.gToken = result.Access_Token; GlobalTokenHelper.Expiry = result.Expiry; GlobalTokenHelper.gTokenDateTime = System.DateTime.Now; } } } } catch (Exception ex) { result.Code = 9999; result.ErrMsg = ex.Message; } return(result); }
public TokenResponse GetTokenResponse(GetTokenRequest getTokenRequest) { var token = _userRepository.GetToken(getTokenRequest.Username, getTokenRequest.Password); var tokenResponse = new TokenResponse { Token = token }; return(tokenResponse); }
public ActionResult GetToken(GetTokenRequest request) { // 1. Validar el usuario var usuario = _accountService.ValidateUser(request.Username, request.Password); if (usuario == null) { // devolver un 401 (no autorizado) return(StatusCode(401)); } // 2. Crear la identidad del usuario (que viajará en el JWT) var identidad = new[] { new Claim(ClaimTypes.Name, usuario.Name), new Claim(ClaimTypes.Email, usuario.Email), new Claim("DNI", usuario.Dni) }; // 3. Crear los elementos para la encriptación var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes("cibertec12345678")); var credenciales = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); // 4. Generar el token // 4.1. Obtener la fecha de expiración del token var tokenExpirationDate = DateTime.Now.AddSeconds(10); var token = new JwtSecurityToken( issuer: "Cibertec", audience: "app-react", claims: identidad, expires: tokenExpirationDate, signingCredentials: credenciales ); var jwtToken = new JwtSecurityTokenHandler().WriteToken(token); // 5. Crear el refresh token var refreshToken = new RefreshToken { ExpiresAt = tokenExpirationDate, UserId = usuario.Id, Token = Guid.NewGuid().ToString() }; // 5.1. Guardar en BD _cibertecContext.RefreshTokens.Add(refreshToken); var resultado = _cibertecContext.Commit(); // 6. Retornar el token en un objeto JSON basado en la clase GetTokenResponse return(Ok(new GetTokenResponse { AccessToken = jwtToken, RefreshToken = refreshToken.Token, ExpiresIn = 10 })); }
public string GetToken(GetTokenRequest request) { var userRepository = userRepositoryFactory.CreateRepository(); var user = userRepository.FindByName(request.Login); if (user != null && user.Password.Equals(request.Password)) { var token = this.tokenFactory.CreateToken(user.Id, request.Login); return(token.GetToken()); } return(String.Empty); }
public AuthorizationToken getToken(String code) { GetTokenRequest request = new GetTokenRequest(); request.setCode(code); request.setGrant_type("authorization_code"); request.setNeed_refresh_token(true); request.setClient_id(clientPolicy.AppKey); request.setClient_secret(clientPolicy.SecretKey); return(this.send <AuthorizationToken>(request)); }
/// <summary> /// Authenticates user through Token Service. /// </summary> /// <param name="credentials">User credentials.</param> /// <param name="clientIpAddress">The client ip address.</param> /// <param name="serverIpAddress">The server ip address.</param> /// <returns> /// True if user authenticated. /// </returns> public async Task <TokenResponseModel> AuthenticateUser( GetTokenRequest credentials, string clientIpAddress, string serverIpAddress ) { return(await this.tokenDataProvider.AuthenticateUser( credentials, clientIpAddress, serverIpAddress )); }
public IApiResponseContextDto <ApplicationUserContext> GetToken(GetTokenRequest request) { var result = ConnectorCalls.Post <GetTokenRequest, ApplicationUserContext>(_connectorClient, request, @"Authentication/RequestToken"); if (!result.HasErrors()) { _connectorClient.SetToken(result.Result.Token); } return(result); }
public void GetListOfValidAccesstokens() { var client = testServer.GetJsonClient(); var url = new GetTokenRequest().ToUrl("GET"); var service_url = testServer.ListenUrl + url; var tokens = client.Get <List <AccessTokenDto> > (service_url); Assert.AreEqual(1, tokens.Count); testServer.GetAccessToken(); testServer.GetAccessToken(); tokens = client.Get <List <AccessTokenDto> > (service_url); Assert.AreEqual(3, tokens.Count); }
public async Task <IActionResult> GetToken([FromBody] GetTokenRequest applicationUser) { var security = _securityRepository.GetSecurity(); if (security.ApiAccessDisabled) { _logger.LogWarning( "Api access is denied becasuse to many failed get token attempts. To enable access open manually Security.json file and set property ApiAccessDisabled to false. "); throw new HttpError(HttpStatusCode.Forbidden); } var identityTask = GetClaimsIdentity(applicationUser, security); var identity = await identityTask; if (identity == null) { _logger.LogInformation( $"Invalid username ({applicationUser.Username}) or password ({applicationUser.Password})"); _securityRepository.IncreaseFailedGetTokenAttempts(security); return(BadRequest("Invalid credentials")); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, applicationUser.Username), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response2 = new GetTokenResponse { Token = encodedJwt, ExpiresIn = (int)_jwtOptions.ValidFor.TotalSeconds }; return(Ok(response2)); }
/// <summary> /// 获取token值 最长有效期180天 /// </summary> /// <param name="LoginName">用户名</param> /// <param name="PassWord">密 码</param> /// <returns></returns> public static string GetToken(string LoginName, string PassWord) { string url = BaseApi + GetTokenApi; GetTokenRequest request = new GetTokenRequest(); request.LoginName = LoginName; request.PassWord = PassWord; //序列化要请求的参数 string poststr = JsonConvert.SerializeObject(request); //发请求,获取数据 return(HttpHelper.HttpPost(url, poststr)); }
/// <summary> /// 获取token接口。 /// </summary> /// <param name="req"><see cref="GetTokenRequest"/></param> /// <returns><see cref="GetTokenResponse"/></returns> public GetTokenResponse GetTokenSync(GetTokenRequest req) { JsonResponseModel <GetTokenResponse> rsp = null; try { var strResp = this.InternalRequestSync(req, "GetToken"); rsp = JsonConvert.DeserializeObject <JsonResponseModel <GetTokenResponse> >(strResp); } catch (JsonSerializationException e) { throw new TencentCloudSDKException(e.Message); } return(rsp.Response); }
public async Task <IActionResult> Post([FromBody] GetTokenRequest request) { var claimList = (await IsValid(new UserCredantialsDto { Username = request.Username, Password = request.Password })); if (claimList.Any()) { return(Ok(Generate(request.Username, claimList.ToList()))); } return(BadRequest(new GetTokenResponse { Token = $"Invalid username or password for {request.Username}" })); }
public async Task <IActionResult> Create([FromBody] GetTokenRequest request) { var authenticateUserCommand = new AuthenticateUserCommand( request.Username, request.Password); await _commandProcessor.SendAsync(authenticateUserCommand); if (!authenticateUserCommand.IsValidUsernameAndPassword) { return(BadRequest(new { Message = "Invalid username or password" })); } var user = await _queryProcessor.ExecuteAsync(new GetUserByUsernameQuery(request.Username)); return(new ObjectResult(GenerateToken(user))); }
public async Task <GetTokenResponse> GetToken(GetTokenRequest request) { var parameters = new NameValueCollection { { "username", request.Username }, { "password", request.Password }, { "grant_type", request.GrantType }, { "scope", request.Scope }, { "refresh_token", request.RefreshToken }, { "response_type", OidcConstants.ResponseTypes.Token } }; var response = await GetIdpToken(parameters); return(GetTokenResponse(response)); }
public void UpdateTokenDeviceName() { string new_device_name = "My home computer"; var token = testServer.GetAccessToken ().Token.ToShortToken (); var client = testServer.GetJsonClient (); var url = new UpdateTokenRequest ().ToUrl ("PUT"); var req = new AccessTokenDto { TokenPart = token, DeviceName = new_device_name }; var service_url = testServer.ListenUrl + url; client.Put<AccessTokenDto> (service_url, req); // check that the token has been updated var get_url = new GetTokenRequest () { Username = RainyTestServer.TEST_USER }.ToUrl ("GET"); var get_service_url = testServer.ListenUrl + get_url; List<AccessTokenDto> tokens = client.Get<List<AccessTokenDto>> (get_service_url); var updated_token = tokens.First (t => token == t.TokenPart); Assert.AreEqual (new_device_name, updated_token.DeviceName); }
public void GetListOfValidAccesstokens() { var client = testServer.GetJsonClient (); var url = new GetTokenRequest ().ToUrl ("GET"); var service_url = testServer.ListenUrl + url; var tokens = client.Get<List<AccessTokenDto>> (service_url); Assert.AreEqual (1, tokens.Count); testServer.GetAccessToken (); testServer.GetAccessToken (); tokens = client.Get<List<AccessTokenDto>> (service_url); Assert.AreEqual(3, tokens.Count); }
public void DeleteAccessTokenRevokesTheToken() { var token = testServer.GetAccessToken (); var token_part = token.Token.Substring (0, 24); var client = testServer.GetJsonClient (); var url = new DeleteTokenRequest () { TokenPart = token_part }.ToUrl ("DELETE"); var service_url = testServer.ListenUrl + url; client.Delete<AccessTokenDto> (service_url); // check that the token has been delete from the db var get_url = new GetTokenRequest () { Username = RainyTestServer.TEST_USER }.ToUrl ("GET"); var get_service_url = testServer.ListenUrl + get_url; List<AccessTokenDto> tokens = client.Get<List<AccessTokenDto>> (get_service_url); var the_token = tokens.Where (t => token.Token.StartsWith (t.TokenPart)); Assert.That (the_token.Count () == 0); }