/// <summary>
/// create token using claim
/// </summary>
/// <param name="identityUser"></param>
/// <returns></returns>
private async Task <IActionResult> CreateTokenWithClaim(IdentityUserModel identityUser)
{
TokenModel tokenModel = await _tokenProvider.ValidateAndCreateToken(identityUser);
serverCache.ClearAll(identityUser.UserId);
return(GetTokenResponse(tokenModel));
}
public async Task <IHttpActionResult> Register(IdentityUserModel userModel)
{
/*
* body:
* {
* "userName": "******",
* "password": "******",
* "companyId": 1,
* "firstName": "Aviran",
* "lastName": "Ohana",
* "email": "*****@*****.**",
* "phone": "0501234567"
* }
*/
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
IdentityResult result = await _repo.RegisterUser(userModel);
IHttpActionResult errorResult = GetErrorResult(result);
if (errorResult != null)
{
return(errorResult);
}
return(Ok());
}
public async Task <Object> PostUser(User model)
{
var identity = new IdentityUserModel()
{
UserName = model.username,
name = model.name,
lastname = model.lastname
};
try
{
var result = await _userManager.CreateAsync(identity, model.passcode);
if (result != null)
{
try
{
_context.User.Add(model);
await _context.SaveChangesAsync();
}
catch (Exception e)
{
return(StatusCode(500, e));
}
return(CreatedAtAction("GetUser", new { id = model.userId }, model));
}
return(BadRequest(new { message = result }));
}
catch (Exception ex)
{
return(BadRequest(new { message = ex }));
}
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new IdentityUserModel {
UserName = model.Email, Email = model.Email, FirtsName = model.FirtsName, LastName = model.LastName, BirthDay = DateTime.Now
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
UserManager.AddToRoles(user.Id, new string[] { roleName(model.roleId) });
return(RedirectToAction("Index", "Home"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
string roleName(string id)
{
if (RoleViewModel.Estudiante.RoleID.Equals(id))
{
return(RoleViewModel.Estudiante.Name);
}
return(RoleViewModel.Profesor.Name);
}
}
private async Task <object> generateJwtToken(string email, IdentityUserModel user)
{
var roles = await userManager.GetRolesAsync(user);
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id),
new Claim(ClaimTypes.Role, roles[0])
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JwtKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.UtcNow.AddHours(Convert.ToDouble(configuration["JwtExpireHours"]));
var token = new JwtSecurityToken(configuration["JwtIssuer"],
configuration["JwtAudience"],
claims,
expires: expires,
signingCredentials: creds
);
var response = new
{
auth_token = new JwtSecurityTokenHandler().WriteToken(token),
success = true
};
return(Ok(response));
}
/// <summary>
/// validate credential using identity model
/// </summary>
/// <param name="identityUser"></param>
/// <returns></returns>
private bool ValidateCredentils(IdentityUserModel identityUser)
{
if (identityUser == null)
{
this.ErrorMessage = "You are not authorized to use the application";
return(false);
}
return(ValidateCredentils(identityUser.UserName, identityUser.Password));
}
private static void ValidateUser(IdentityUserModel user)
{
if (user.Id == Guid.Empty ||
string.IsNullOrEmpty(user.Email) ||
string.IsNullOrEmpty(user.UserName) ||
!user.Roles.Any())
{
throw new UnauthorizedException("Can't get required users field. Token isn't valid");
}
}
public IActionResult GetIdentity()
{
var user = new IdentityUserModel()
{
IsSignedIn = User.Identity.IsAuthenticated,
Name = User.Identity.Name
};
return(Json(user));
}
//would like to convert from RestSharp to http client. currently having issues with http client method in testing
public static void EditUser(string userId, IdentityUserModel user)
{
var client = new RestClient("https://localhost:44342/api/User/" + userId);
client.Timeout = -1;
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddParameter("application/json", $"{{\r\n \"firstName\": \"{user.FirstName}\",\r\n \"lastName\": \"{user.LastName}\",\r\n \"email\": \"{user.Email}\",\r\n \"contactNumber\": \"{user.PhoneNumber}\",\r\n \"resourceGroup\": \"{user.ResourceGroup}\",\r\n \"profilePicture\": \"{user.ProfilePicture}\"\r\n}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
}
/// <summary>
/// create claim using identity
/// </summary>
/// <param name="identityUser"></param>
/// <param name="identity"></param>
/// <returns></returns>
private async Task <List <Claim> > CreateClaim(IdentityUserModel identityUser, ClaimsIdentity identity)
{
List <Claim> claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.UniqueName, identityUser.UserName),
new Claim("clientId", GenerateClientId(IPAddress)),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(),
ClaimValueTypes.Integer64)
};
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, identityUser.UserId.ToString()));
return(claims);
}
protected override void Seed(ApplicationDbContext context)
{
// This method will be called after migrating to the latest version.
// You can use the DbSet<T>.AddOrUpdate() helper extension method
// to avoid creating duplicate seed data. E.g.
//
var manager = new UserManager <IdentityUserModel>(new UserStore <IdentityUserModel>(new ApplicationDbContext()));
var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(new ApplicationDbContext()));
if (roleManager.Roles.Count() == 0)
{
roleManager.Create(new IdentityRole {
Id = "14884395-3206-4234-a38a-2f0f4f0d704b", Name = "Profesor"
});
roleManager.Create(new IdentityRole {
Id = "43c53a51-c8df-46cb-a61b-5cffe6c15612", Name = "Estudiante"
});
roleManager.Create(new IdentityRole {
Id = "f713010c-69f6-4867-91c5-581b665c7d3b", Name = "Administrador"
});
}
if (manager.Users.Count() == 0)
{
var user = new IdentityUserModel
{
Id = "BC1E7CCB-2AA1-4A29-B653-3E247EDF022B",
UserName = "******",
Email = "*****@*****.**",
EmailConfirmed = true,
BirthDay = DateTime.Now,
FirtsName = "Andres",
LastName = "Roa"
};
manager.Create(user, "Admin308/*");
var adminUser = manager.FindByName("admin");
manager.AddToRoles(adminUser.Id, new string[] { "Administrador" });
}
//
}
/// <summary>
/// Validate the user whether it is valid or not and build the claims based on that.
/// </summary>
private Task <ClaimsIdentity> GetClaimsIdentity(IdentityUserModel identityUser)
{
string userName = identityUser.UserName;
string password = identityUser.Password;
identityUser.UserId = (_securityReadManagement.ValidateUserCredential(userName, password) ?? 0);
if (identityUser.UserId > 0)
{
// get roles to create the claim
return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(identityUser.UserName, "Token"),
new Claim[] { })));
}
// Credentials are invalid, or account doesn't exist or there is no permission
this.ErrorMessage = "You are not authorized to use the application";
return(Task.FromResult <ClaimsIdentity>(null));
}
public static IdentityUserModel GetUser(this IIdentity identity)
{
ClaimsIdentity claimsIdentity = identity as ClaimsIdentity;
Guid.TryParse(claimsIdentity?.FindFirst(JwtClaimTypeConstants.UserId)?.Value, out Guid userId);
var user = new IdentityUserModel
{
Id = userId,
Email = claimsIdentity?.FindFirst(ClaimTypes.Email)?.Value,
UserName = claimsIdentity?.FindFirst(ClaimTypes.Name)?.Value,
FirstName = claimsIdentity?.FindFirst(ClaimTypes.GivenName)?.Value,
LastName = claimsIdentity?.FindFirst(ClaimTypes.Surname)?.Value,
Roles = claimsIdentity?.FindAll(ClaimTypes.Role).Select(x => x?.Value).ToList()
};
ValidateUser(user);
return(user);
}
/// <summary>
/// create claim using identity model
/// </summary>
/// <param name="identityUser"></param>
/// <param name="identity"></param>
/// <returns></returns>
public async Task <TokenModel> CreateTokenWithClaim(IdentityUserModel identityUser, ClaimsIdentity identity)
{
// Create claims
List <Claim> claims = await CreateClaim(identityUser, identity);
// Create the JWT security token and encode it.
var jwt = CreateToken(claims);
// encode the token
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
// return the response
var tokenResponse = new TokenModel
{
AccessToken = encodedJwt,
ExpiresIn = (int)_jwtOptions.ValidFor.TotalSeconds
};
return(tokenResponse);
}
/// <summary>
/// validate the credential and create token
/// </summary>
/// <param name="identityUser"></param>
/// <returns></returns>
public async Task <TokenModel> ValidateAndCreateToken(IdentityUserModel identityUser)
{
IPAddress = identityUser.IPAddress;
if (!ValidateCredentils(identityUser))
{
return(new TokenModel {
ErrorMessage = ErrorMessage
});
}
var identity = await GetClaimsIdentity(identityUser);
if (identity == null)
{
return(new TokenModel {
ErrorMessage = ErrorMessage
});
}
return(await CreateTokenWithClaim(identityUser, identity));
}
public async Task <ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Manage"));
}
if (ModelState.IsValid)
{
// Get the information about the user from the external login provider
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(View("ExternalLoginFailure"));
}
var user = new IdentityUserModel {
UserName = model.Email, Email = model.Email
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
return(RedirectToLocal(returnUrl));
}
}
AddErrors(result);
}
ViewBag.ReturnUrl = returnUrl;
return(View(model));
}
public async Task <IActionResult> GetToken([FromBody] IdentityUserModel identityUser)
{
identityUser.IPAddress = IPAddress;
return(await CreateTokenWithClaim(identityUser));
}
