public async Task InvokeAsync(HttpContext context, RequestDelegate next) { string ipaddress = "127.0.0.1"; if (context.Connection.RemoteIpAddress != null) { ipaddress = context.Connection.RemoteIpAddress.ToString(); } _session.SetString("LoginUserID", "0"); _session.SetString("LoginRemoteIpAddress", ipaddress); _session.SetString("LoginTypeParam", "1"); TokenData _tokenData = null; var access_token = ""; var hdtoken = context.Request.Headers["Authorization"]; if (hdtoken.Count > 0) { access_token = hdtoken[0]; access_token = access_token.Replace("Bearer ", ""); var handler = new JwtSecurityTokenHandler(); var tokenS = handler.ReadToken(access_token) as JwtSecurityToken; _tokenData = Globalfunction.GetTokenData(tokenS); } else { //TODO for some var pathstr = context.Request.Path.ToString(); string[] patharr = pathstr.Split('/'); //int prequest = Array.IndexOf(patharr, "public"); int prequest = Array.IndexOf(patharr, "api"); if (prequest > 0) { await next(context); } else { await ResponseMessage(new { status = "fail", message = "Access Denied" }, context, 400); } } // _objdb = DB; if (!context.Request.Path.Equals(_options.Path, StringComparison.Ordinal)) { // await next(context); var methodName = context.Request.Path.ToString().Split("/")[3]; //Regenerate newtoken for not timeout at running string newToken = ""; try { var pathstr = context.Request.Path.ToString(); string[] patharr = pathstr.Split('/'); int prequest = Array.IndexOf(patharr, "public"); int trequest = Array.IndexOf(patharr, "testapi"); int flowrequest = Array.IndexOf(patharr, "TLG"); int customerrequest = Array.IndexOf(patharr, "CutomerMobile"); if (prequest < 1 && trequest < 1 && flowrequest < 1 && customerrequest < 1) { var handler = new JwtSecurityTokenHandler(); var allow = false; var tokenS = handler.ReadToken(access_token) as JwtSecurityToken; //check userlevel permission if (patharr[1].ToString() == "api") { var isadmin = false; tbl_role objAdminLevel = null; if (_tokenData.Userlevelid != "") { objAdminLevel = _repository.Role_Repository.GetRolebyid(int.Parse(_tokenData.Userlevelid)); } else { isadmin = true; } //var objAdminLevel = _repository.AdminLevel.FindAdminLevel(int.Parse(_tokenData.Userlevelid)); if (objAdminLevel != null) { isadmin = objAdminLevel.role_is_admin; } if (isadmin) { allow = true; } else { // string ipaddress = context.Connection.RemoteIpAddress.ToString(); // allow = checkURLPermission(_tokenData, patharr[2], patharr[3], ipaddress); string controllername = patharr[2]; string functionname = patharr[3]; string ServiceUrl = controllername + "/" + functionname; } } if (patharr[1].ToString() == "mobile") { allow = true; } if (allow) { // check token expired double expireTime = Convert.ToDouble(_options.Expiration.TotalMinutes); DateTime issueDate = _tokenData.TicketExpireDate.AddMinutes(-expireTime); DateTime NowDate = DateTime.UtcNow; if (issueDate > NowDate || _tokenData.TicketExpireDate < NowDate) { // return "-2"; newToken = "-2"; } // end of token expired check var now = DateTime.UtcNow; _tokenData.Jti = new DateTimeOffset(now).ToUniversalTime().ToUnixTimeSeconds().ToString(); _tokenData.Jti = await _options.NonceGenerator(); var claims = Globalfunction.GetClaims(_tokenData); // Create the JWT and write it to a string var jwt = new JwtSecurityToken( issuer: _options.Issuer, audience: _options.Audience, claims: claims, notBefore: now, expires: now.Add(_options.Expiration), signingCredentials: _options.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // return encodedJwt; newToken = encodedJwt; _session.SetString("LoginUserID", _tokenData.UserID); _session.SetString("LoginRemoteIpAddress", ipaddress); _session.SetString("LoginTypeParam", "1"); if (patharr[1].ToString() == "mobile") { _session.SetString("LoginUserID", _tokenData.UserID); _session.SetString("LoginRemoteIpAddress", ipaddress); _session.SetString("LoginTypeParam", "mobile"); } } else { //return "-1"; newToken = "-1"; } } else { // if request is public, let pass without token. await next(context); } } catch (Exception ex) { Globalfunction.WriteSystemLog(ex.Message); } if (newToken == "-1") { _repository.EventLog.Info("Not include Authorization Header, Access Denied"); context.Response.StatusCode = 400; await ResponseMessage(new { status = "fail", message = "Access Denied" }, context, 400); } else if (newToken == "-2") { context.Response.StatusCode = 400; await ResponseMessage(new { status = "fail", message = "The Token has expired" }, context, 400); } else if (newToken != "") { context.Response.Headers.Add("Access-Control-Expose-Headers", "newToken"); context.Response.Headers.Add("newToken", newToken); await next(context); } } else { // return GenerateToken(context); await GenerateToken(context); } }