public void ReturnIfTokenIsValid_Success()
{
var token = "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6ImhlbGxvQHdvcmxkMi5jb20iLCJuYmYiOjE1NjIwMzY4NDYsImV4cCI6MTU2MjAzNjkwNiwiaWF0IjoxNTYyMDM2ODQ2fQ.-XzUhLSWAvdg2r_yotfz4cD9Tty3byTs_6jkUyS0kQY";
var jwtMock = new Mock <Jwt>(_tokenConfigurations.Object);
var payload = new JwtDto();
payload.unique_name = "*****@*****.**";
Xunit.Assert.Equal(payload.unique_name, jwtMock.Object.DecodeToken(token).unique_name);
}
public override void OnActionExecuting(ActionExecutingContext actionContext)
{
var authHeader = actionContext.HttpContext.Request.Headers[AUTHORIZATION_HEADER];
if (!authHeader.Any() || authHeader.FirstOrDefault() == null)
{
actionContext.Result = new UnauthorizedResult();
}
else
{
var authType = authHeader.FirstOrDefault().Split(' ')[0];
if (authType != BEARER_AUTHENTICATION)
{
actionContext.Result = new UnauthorizedResult();
}
else
{
try
{
var serializedJwt = authHeader.FirstOrDefault().Split(' ')[1];
var secretInBytes = Convert.FromBase64String(_settings.Security.JwtSecret);
var decodedToken = Jose.JWT.Decode(serializedJwt, secretInBytes, Jose.JwsAlgorithm.HS256);
JwtDto jwt = Newtonsoft.Json.JsonConvert.DeserializeObject <JwtDto>(decodedToken);
var userFound = _userRepository.GetByUsername(jwt.Subject);
if (userFound == null)
{
actionContext.Result = new UnauthorizedResult();
}
var now = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
if (jwt.NotBefore > now || now > jwt.Expires)
{
actionContext.Result = new UnauthorizedResult();
}
//IF NO EXCEPTIONS THEN CARRY ON...
}
catch
{
actionContext.Result = new UnauthorizedResult();
}
}
}
}
public async Task <JwtDto> GetJwtAsync()
{
if (_jwt is null)
{
return(null);
}
if (IsExpired())
{
_jwt = await AccountService.Instance.RefreshAccessToken(_jwt.RefreshToken);
}
return(_jwt);
}
private async Task <string> GetJwt()
{
LoginRequest loginRequest = new LoginRequest()
{
Login = "******",
Password = "******"
};
HttpResponseMessage response = await Client.PostAsJsonAsync("/api/login/", loginRequest);
string responseContent = await response.Content.ReadAsStringAsync();
JwtDto jwt = JsonConvert.DeserializeObject <JwtDto>(responseContent);
return(jwt.Token);
}
public async Task <IActionResult> Login(CreateUserDto login)
{
var ar = await CallAsync(async() => await _garageService.LoginAsync(login));
if (ar == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Sub, ar.ResponseResult.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Email, ar.ResponseResult.Email),
new Claim(ClaimTypes.Locality, ar.ResponseResult.GarageContextId.ToString())
};
var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddHours(2),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var newToken = tokenHandler.WriteToken(token);
JwtDto jwt = new JwtDto
{
AuthToken = newToken,
Id = ar.ResponseResult.Id,
ExpiresIn = 2880
};
var result = _garageService.WhoAmI(jwt);
return(Ok(new ApiResponse <WhoAmIDto> ()
{
ResponseResult = result.ResponseResult,
ResponseStatusCode = result.ResponseStatusCode
}));
}
public async Task <IActionResult> LoginAsync([FromBody] LoginUserDto user)
{
try
{
await _authService.LoginAsync(user);
UserDto userAuth = await _userService.GetAsync(user.Email);
JwtDto token = _jwtHandler.CreateToken(userAuth.Id, userAuth.Role);
return(Ok(new { token = token.Token, user = userAuth }));
}
catch (Exception ex)
{
Logger.Error("[Login] Error: {@ex}", ex);
return(BadRequest(ex.Message));
}
}
public async Task <UserDto> GetUserToken(string token)
{
JwtDto payload = _jwt.DecodeToken(token);
var cache = _repositoryFacade.GetCache(payload.unique_name.ToString());
if (cache == null)
{
User user = await _userManager.FindByEmailAsync(payload.unique_name.ToString());
UserDto map = _mapper.Map <UserDto>(user);
return(map);
}
UserDto userDto = JsonConvert.DeserializeObject <UserDto>(cache);
return(userDto);
}
public async Task Register_UserAndPasswordAreValid_GeneratesJwt()
{
var registerDto = new RegisterDto
{
Email = "email",
Password = "******"
};
var expectedResult = new JwtDto();
_userManagerMock.Setup(p =>
p.CreateAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email), registerDto.Password))
.ReturnsAsync(IdentityResult.Success);
_userManagerMock.Setup(p =>
p.AddToRoleAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email), RolesConstants.User))
.ReturnsAsync(IdentityResult.Success);
_jwtServiceMock.Setup(p => p.GenerateJwtAsync(It.Is <ApplicationUserEntity>(u => u.Email == registerDto.Email && u.UserName == registerDto.Email))).ReturnsAsync(expectedResult);
JwtDto actualResult = await _accountService.Register(registerDto);
Assert.AreEqual(expectedResult, actualResult);
}
public string BuildToken(JwtDto model)
{
Claim[] claims = new[]
{
new Claim(ClaimTypes.Name, model.UserName),
new Claim(ClaimTypes.Sid, model.Id)
};
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtSettings.SecretKey));
var creds = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: JwtSettings.Issuer,
audience: JwtSettings.Audience,
claims: claims,
expires: DateTime.Now.AddMinutes(JwtSettings.ExpiressTime),
signingCredentials: creds);
var resultToken = new JwtSecurityTokenHandler().WriteToken(token);
return(resultToken);
}
public ApiResponse <WhoAmIDto> WhoAmI(JwtDto authToken)
{
var ar = new ApiResponse <WhoAmIDto>();
var identityId = authToken.Id;
var user = _uow.UserRepository.GetAll(false)
.FirstOrDefault(x => x.Id == identityId);
if (user == null)
{
return(new ApiResponse <WhoAmIDto>(RestStatusCode.BadRequest));
}
var person = _uow.PersonRepository.GetAll(false).FirstOrDefault(x => x.Id == user.PersonId);
var garageId = person.GarageContextId;
ar.ResponseResult = new WhoAmIDto
{
Id = user.Id,
AuthorizationToken = authToken,
MainClaims = $"_{garageId}"
};
if (person.PersonType == 0)
{
ar.ResponseResult.RedirectType = AuthRedirectType.AccountWithoutAccess;
}
else
{
ar.ResponseResult.RedirectType = person.PersonType == PersonTypeEnum.Boss ?
AuthRedirectType.BossAccountWithAccess
: AuthRedirectType.EmployeeAccountWithAccess;
}
ar.ResponseStatusCode = RestStatusCode.OK;
return(ar);
}
public static void SetJwt(this IMemoryCache cache, Guid tokenId, JwtDto jwt, TimeSpan expiryTime) => cache.Set(GetJwtKey(tokenId), jwt, expiryTime);
public void SetJwt(JwtDto jwt)
{
_jwt = jwt;
}
public async Task <JwtDto> Register([FromBody] RegisterDto model)
{
JwtDto result = await _accountService.Register(model);
return(result);
}
public async Task <JwtDto> Login([FromBody] LoginDto model)
{
JwtDto result = await _accountService.Login(model);
return(result);
}
public static void SetJwt(this IMemoryCache memoryCache, Guid cacheId, JwtDto jwtDto)
{
memoryCache.Set <JwtDto>(GetJwtKey(cacheId), jwtDto, TimeSpan.FromSeconds(5));
}
public static void SetJwt(this IMemoryCache cache, string email, JwtDto jwt) => cache.Set(GetJwtKey(email), jwt, TimeSpan.FromSeconds(5));
public async Task <IActionResult> GetLoginFromToken([FromBody] JwtDto token)
{
var login = new JwtSecurityTokenHandler().ReadJwtToken(token.Token).Subject;
return(Ok(login));
}
public static void SetJwt(this IMemoryCache cache, Guid tokenId, JwtDto jwt) => cache.Set(GetJwtKey(tokenId), jwt, TimeSpan.FromSeconds(5));
public async Task <ActionResult <JwtDto> > PostLogin([FromBody] LoginRequest model)
{
JwtDto jwtToken = await _accountService.LoginAsync(model.Login, model.Password);
return(Ok(jwtToken));
}
