public JwtTokenResponse CreateToken(Client model)
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, model.Login),
new Claim(ClaimTypes.Name, model.FirstName + "," + model.LastName),
new Claim(ClaimTypes.Role, "default")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtBearerConfig.Secret));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
"Advert",
"Clients",
claims,
expires: DateTime.UtcNow.AddMinutes(10),
signingCredentials: creds
);
var result = new JwtTokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
RefreshToken = Guid.NewGuid().ToString()
};
return(result);
}
public async Task <string> RefreshToken([FromBody] JwtTokenResponse token)
{
ApplicationUser user = await _userManager.FindByNameAsync(token.UserId);
bool isSuper = token.UserId == _setting.GetSuperId();
if (isSuper)
{
var newToken = Tools.GenerateJwtToken(_setting, token.UserId, token.Role, token.Refresh, isSuper, out string outRefreshToken);
_responseMessage.Status = Status.MessageType.SUCCESS.ToString();
_responseMessage.Result = newToken;
}
else
{
var currentRefresh = await _userManager.GetAuthenticationTokenAsync(user, Messages.COMPANYNAME, Messages.REFRESHTOKEN);
if (token.Refresh == currentRefresh)
{
var newToken = Tools.GenerateJwtToken(_setting, user.UserName, token.Role, currentRefresh, isSuper, out string outRefreshToken);
_responseMessage.Status = Status.MessageType.SUCCESS.ToString();
_responseMessage.Result = newToken;
}
else
{
_responseMessage.Status = Status.MessageType.FAILED.ToString();
_responseMessage.Result = Messages.INVALIDTOKEN;
}
}
return(Tools.ConvertToJSON(_responseMessage));
}
public async Task <string> Logout([FromBody] JwtTokenResponse token)
{
ApplicationUser user = await _userManager.FindByNameAsync(User.Identity.Name);
if (user == null && token.UserId == _setting.GetSuperId())
{
_responseMessage.Status = Status.MessageType.SUCCESS.ToString();
}
else
{
var currentRefresh = await _userManager.GetAuthenticationTokenAsync(user, Messages.COMPANYNAME, Messages.REFRESHTOKEN);
if (token.Refresh == currentRefresh)
{
var deletedToken = await _userManager.RemoveAuthenticationTokenAsync(user, Messages.COMPANYNAME, Messages.REFRESHTOKEN);
if (deletedToken.Succeeded)
{
_responseMessage.Status = Status.MessageType.SUCCESS.ToString();
}
}
else
{
_responseMessage.Status = Status.MessageType.FAILED.ToString();
_responseMessage.Result = Messages.UNAUTHORIZED;
}
}
return(Tools.ConvertToJSON(_responseMessage));
}
public static string GenerateJwtToken(SettingLogic setting, string userName, string role, string originalRefreshToken, bool isSuper, out string outRefreshToken)
{
JwtTokenResponse obj = new JwtTokenResponse();
try
{
int accessExpire = Convert.ToInt32(setting.GetSettingValueInString("AccessExpire"));
int refreshExpire = Convert.ToInt32(setting.GetSettingValueInString("RefreshExpire"));
var accessToken = GenerateJwtToken(userName, DateTime.UtcNow.AddMinutes(accessExpire), Utils.Messages.ACCESS_KEY);
JwtSecurityToken refreshToken = null;
obj.Token = new JwtSecurityTokenHandler().WriteToken(accessToken);
if (string.IsNullOrEmpty(originalRefreshToken))
{
refreshToken = GenerateJwtToken(userName, DateTime.UtcNow.AddMinutes(refreshExpire), Utils.Messages.REFRESH_KEY);
obj.Refresh = new JwtSecurityTokenHandler().WriteToken(refreshToken);
}
else
{
obj.Refresh = originalRefreshToken;
}
obj.UserId = userName;
obj.Role = (isSuper ? "SuperAdmin" : role);
}
catch (Exception ex)
{
_Logger.Error(ex);
}
outRefreshToken = obj.Refresh;
return(ConvertToJSON(obj));
}
public virtual Task <HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)
{
var payload = JwtTokenResponse.ConvertFromAuthorizationResponse(_response);
var response = _request.CreateResponse(HttpStatusCode.OK, payload);
return(Task.FromResult(response));
}
public JwtTokenResponse GetJWTToken(UserInformation userInformation)
{
JwtTokenResponse jwtTokenResponse = new JwtTokenResponse()
{
StatusCode = 200
};
if (userInformation == null)
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(userInformation),
Message = nameof(userInformation) + " can't be blank."
}
};
return(jwtTokenResponse);
}
if (string.IsNullOrWhiteSpace(userInformation.CustomerName))
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(userInformation.CustomerName),
Message = nameof(userInformation.CustomerName) + " can't be blank."
}
};
return(jwtTokenResponse);
}
if (userInformation.UserId <= 0)
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(userInformation.UserId),
Message = nameof(userInformation.UserId) + " can't less then or equal to 0."
}
};
return(jwtTokenResponse);
}
Dictionary <string, string> claimList = new Dictionary <string, string>()
{
{ "UserId", userInformation.UserId.ToString() },
{ "UserName", userInformation.CustomerName.ToString() }
};
jwtTokenResponse = _jwtBuilder.GetJWTToken(claimList, "Local Customer", null);
return(jwtTokenResponse);
}
public async Task GetJwtToken_ShouldSucceed()
{
JwtTokenResponse response = await _fixture.ArangoDBClient.Auth.GetJwtTokenAsync(
new JwtTokenRequestBody
{
Username = _fixture.Username,
Password = _fixture.Password
});
Assert.NotNull(response.Jwt);
}
public async Task <IActionResult> Token([FromBody] JwtTokenRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = GenerateClaimsIdentity(request.Name, request.Name);
var jwt = new JwtTokenResponse
{
Id = identity.Claims.Single(c => c.Type == Constants.UserIdClaimTypeName).Value,
AccessToken = await GenerateEncodedToken(request.Name, identity),
ExpiresIn = (long)_jwtIssuerOptions.ValidFor.TotalSeconds
};
return(Ok(jwt));
}
public async Task GetJwtToken_ShouldReturnError_WhenWrongCredentialsUsed()
{
JwtTokenResponse jwtTokenResponse = await _fixture.ArangoDBClient.Auth.GetJwtTokenAsync(
new JwtTokenRequestBody
{
Username = _fixture.Username,
Password = "******"
});
Assert.False(jwtTokenResponse.IsSuccess);
Assert.NotNull(jwtTokenResponse.ResponseDetails);
Assert.True(jwtTokenResponse.ResponseDetails.Error);
Assert.Equal(HttpStatusCode.Unauthorized, jwtTokenResponse.ResponseDetails.Code);
Assert.Equal(401, jwtTokenResponse.ResponseDetails.ErrorNum);
Assert.NotNull(jwtTokenResponse.ResponseDetails.ErrorMessage);
}
/*
*
* /// <summary>
* /// 刷新令牌
* /// </summary>
* /// <param name="token"></param>
* /// <param name="refereshToken"></param>
* public JwtTokenResponse RefershJwtToken(string token, string refereshToken)
* {
* var validatedToken = GetPrincipalFromToken(token);
*
* if (validatedToken == null)
* {
* return new JwtTokenResponse { Message = "Invalid Token" };
* }
*
* var expiryDateUnix =
* long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
*
* var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)
* .AddSeconds(expiryDateUnix);
*
* if (expiryDateTimeUtc > DateTime.UtcNow)
* {
* return new JwtTokenResponse { Message = "This token hasn't expired yet" };
* }
*
* var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
*
* var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken);
*
* if (storedRefreshToken == null)
* {
* return new JwtTokenResponse { Message = "This refresh token does not exist" };
* }
*
* if (DateTime.UtcNow > storedRefreshToken.ExpiryDate)
* {
* return new JwtTokenResponse { Message = "This refresh token has expired" };
* }
*
* if (storedRefreshToken.Invalidated)
* {
* return new JwtTokenResponse { Message = "This refresh token has been invalidated" };
* }
*
* if (storedRefreshToken.Used)
* {
* return new JwtTokenResponse { Message = "This refresh token has been used" };
* }
*
* if (storedRefreshToken.JwtId != jti)
* {
* return new JwtTokenResponse { Message = "This refresh token does not match this JWT" };
* }
*
* storedRefreshToken.Used = true;
* _context.RefreshTokens.Update(storedRefreshToken);
* await _context.SaveChangesAsync();
*
* var user = await _userManager.FindByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value);
* return await GenerateAuthenticationResultForUserAsync(user);
* }
*
*
* private ClaimsPrincipal GetPrincipalFromToken(string token)
* {
* var tokenHandler = new JwtSecurityTokenHandler();
*
* try
* {
* var tokenValidationParameters = _tokenValidationParameters.Clone();
* tokenValidationParameters.ValidateLifetime = false;
* var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out var validatedToken);
* if (!IsJwtWithValidSecurityAlgorithm(validatedToken))
* {
* return null;
* }
*
* return principal;
* }
* catch
* {
* return null;
* }
* }
*
* private bool IsJwtWithValidSecurityAlgorithm(SecurityToken validatedToken)
* {
* return (validatedToken is JwtSecurityToken jwtSecurityToken) &&
* jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256,
* StringComparison.InvariantCultureIgnoreCase);
* }
*
*/
#endregion
/// <summary>
/// 生成Jwt授权
/// </summary>
/// <param name="claims"></param>
/// <returns></returns>
public JwtTokenResponse JwtToken(List <Claim> claims)
{
//生成刷新令牌
var refreshToken = GenerateHelper.GenerateRefreshToken();
//添加刷新令牌
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, refreshToken));
var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_config.Key));
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Issuer = _config.Issuer,
Audience = _config.Audience,
Expires = DateTime.Now.AddSeconds(_config.Expiress),
SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
};
var jwtSecurityToken = new JwtSecurityTokenHandler();
var securityToken = jwtSecurityToken.CreateToken(tokenDescriptor);
//保存刷新令牌
/*
*
* Refresh_Token refresh_Token = new Refresh_Token
* {
* JwtId = securityToken.Id,
* Token = refreshToken,
* Customer_Id = user.Id,
* ExpiryDate = DateTime.Now.AddMinutes(5)
* };
* await _refreshTokenRepository.AddAsync(refresh_Token);
*
*/
var response = new JwtTokenResponse();
response.AuthToken = jwtSecurityToken.WriteToken(securityToken);
response.ExpiressIn = _config.Expiress;
response.TokenType = "Bearer";
response.RefereshToken = refreshToken;
return(response);
}
public async Task LoginAsync_ShouldReturnNull_WhenSaveAsyncFails()
{
// Arrange
var clientToLogin = new ClientLoginRequest
{
Login = "******",
Password = "******"
};
var client = new Client();
var jwtToken = new JwtTokenResponse {
Token = "token", RefreshToken = "refreshToken"
};
_clientRepository.FindByLoginAsync(Arg.Any <string>()).Returns(client);
_passwordHasher.Validate(Arg.Any <string>(), Arg.Any <string>(), Arg.Any <string>()).Returns(true);
_jwtBearer.CreateToken(client).Returns(jwtToken);
_clientRepository.SaveAsync().Returns(0);
// Act
var token = await _sut.LoginAsync(clientToLogin);
// Assert
token.Should().BeNull();
}
public LoginFormResponse AuthenticateUser(LoginForm loginForm)
{
LoginFormResponse loginFormResponse = new LoginFormResponse()
{
StatusCode = 200
};
try
{
if (loginForm == null)
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "Request Object can't be blank."
}
};
return(loginFormResponse);
}
if (string.IsNullOrWhiteSpace(loginForm.UserName))
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "UserName can't be blank."
}
};
return(loginFormResponse);
}
if (string.IsNullOrWhiteSpace(loginForm.Password))
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "Password can't be blank."
}
};
return(loginFormResponse);
}
if (!Regex.IsMatch(loginForm.UserName, RegexPattern.mobile_number_validation_Patterns.GetCombinedPattern()))
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
FieldName = nameof(loginForm.UserName),
Message = nameof(loginForm.UserName) + " should be valid. Format -: xxxxxxxxxx "
}
};
return(loginFormResponse);
}
UserInformation userInformation = _userLayer.GetUserDetail(loginForm);
if (userInformation != null)
{
JwtTokenResponse jwtTokenResponse = GetJWTToken(userInformation);
if (jwtTokenResponse.StatusCode == 200)
{
JwtToken tokenDetail = jwtTokenResponse.TokenDetail;
loginFormResponse.StatusCode = 200;
loginFormResponse.Response = new LoginResponse();
loginFormResponse.Response.UserId = userInformation.UserId;
if (tokenDetail != null)
{
loginFormResponse.Response.TokenDetail = new Token()
{
Type = tokenDetail.Type,
Value = tokenDetail.Value,
CreatedAt = tokenDetail.CreatedAt,
ExpiredAt = tokenDetail.ExpiredAt
};
}
}
else
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = jwtTokenResponse
.ErrorList
.Select(x => new LoginValidationResponse()
{
FieldName = x.FieldName,
Message = x.Message,
Code = x.Code
}).ToList();
}
}
else
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "User Not Found"
}
};
}
}
catch (Exception ex)
{
loginFormResponse.StatusCode = 400;
loginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "User Authentication Failed" + ex.Message
}
};
}
return(loginFormResponse);
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="jwtToken"></param>
/// <param name="user"></param>
public WeChatLiteAppLoginResponse(JwtTokenResponse jwtToken, CustomerResponse user)
{
JwtToken = jwtToken;
User = user;
}
public JwtTokenResponse GetJWTToken(Dictionary <string, string> claims, string audience = null, DateTime?expires = null)
{
DateTime issuedAt = DateTime.UtcNow;
JwtTokenResponse jwtTokenResponse = new JwtTokenResponse()
{
StatusCode = 200
};
try
{
if (claims == null ||
claims.Count == 0)
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(claims),
Message = "Claims can't be blank"
}
};
return(jwtTokenResponse);
}
if (string.IsNullOrWhiteSpace(audience))
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(audience),
Message = "audience can't be blank"
}
};
return(jwtTokenResponse);
}
if (expires != null && expires < issuedAt)
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
FieldName = nameof(audience),
Message = "expires time should be greater then current utc time"
}
};
return(jwtTokenResponse);
}
string JwtToken = GenerateToken(claims, audience, expires, issuedAt);
if (string.IsNullOrWhiteSpace(JwtToken))
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
Message = "Error while generating token"
}
};
}
else
{
jwtTokenResponse.StatusCode = 200;
jwtTokenResponse.ErrorList = null;
jwtTokenResponse.TokenDetail = new JwtToken()
{
Type = "Bearer",
Value = JwtToken,
CreatedAt = DateTime.UtcNow,
ExpiredAt = expires
};
}
}
catch (Exception ex)
{
jwtTokenResponse.StatusCode = 400;
jwtTokenResponse.ErrorList = new List <JwtValidation>()
{
new JwtValidation()
{
Message = "Error while generating token -: " + ex.Message
}
};
}
return(jwtTokenResponse);
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="jwtToken"></param>
/// <param name="user"></param>
public AdminLoginResponse(JwtTokenResponse jwtToken, AdminUserResponse user)
{
JwtToken = jwtToken;
User = user;
}
public static bool IsEmptyToken(this JwtTokenResponse tokenResponse) => string.IsNullOrEmpty(tokenResponse.AccessToken);
public LoginFormResponse AuthenticateUserByMobileNumber(OtpLoginForm otpLoginForm)
{
LoginFormResponse otpLoginFormResponse = new LoginFormResponse()
{
StatusCode = 200
};
if (otpLoginForm == null)
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "Request Object can't be blank."
}
};
return(otpLoginFormResponse);
}
if (string.IsNullOrWhiteSpace(otpLoginForm.MobileNumber))
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "MobileNumber can't be blank."
}
};
return(otpLoginFormResponse);
}
if (string.IsNullOrWhiteSpace(otpLoginForm.Otp))
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "Otp can't be blank."
}
};
return(otpLoginFormResponse);
}
if (otpLoginForm.CountryCode <= 0)
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = "CountryCode can't be blank."
}
};
return(otpLoginFormResponse);
}
if (!Regex.IsMatch(otpLoginForm.MobileNumber, RegexPattern.mobile_number_validation_Patterns.GetCombinedPattern()))
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
FieldName = nameof(otpLoginForm.MobileNumber),
Message = nameof(otpLoginForm.MobileNumber) + " should be valid. Format -: xxxxxxxxxx "
}
};
return(otpLoginFormResponse);
}
bool isMobileNumberExist = _userLayer.isExistPhoneNumber(otpLoginForm.MobileNumber);
if (isMobileNumberExist)
{
SmsApiResponse smsApiResponse = _smsBiz.VerifyOtpSms(new VerifyOtpRequest()
{
Mobile = otpLoginForm.MobileNumber,
Otp = otpLoginForm.Otp,
CountryCode = otpLoginForm.CountryCode
});
if (smsApiResponse.StatusCode == 200)
{
UserInformation userInformation = _userLayer.GetUserDetailByMobileNumber(otpLoginForm.MobileNumber);
if (userInformation != null)
{
JwtTokenResponse jwtTokenResponse = GetJWTToken(userInformation);
if (jwtTokenResponse.StatusCode == 200)
{
JwtToken tokenDetail = jwtTokenResponse.TokenDetail;
otpLoginFormResponse.StatusCode = 200;
otpLoginFormResponse.Response = new LoginResponse();
otpLoginFormResponse.Response.UserId = userInformation.UserId;
if (tokenDetail != null)
{
otpLoginFormResponse.Response.TokenDetail = new Token()
{
Type = tokenDetail.Type,
Value = tokenDetail.Value,
CreatedAt = tokenDetail.CreatedAt,
ExpiredAt = tokenDetail.ExpiredAt
};
}
}
else
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = jwtTokenResponse
.ErrorList
.Select(x => new LoginValidationResponse()
{
FieldName = x.FieldName,
Message = x.Message,
Code = x.Code
}).ToList();
}
}
}
else
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = smsApiResponse.ErrorList.Select(x => new LoginValidationResponse()
{
Code = x.Code,
Message = x.Message
}).ToList();
}
}
else
{
otpLoginFormResponse.StatusCode = 400;
otpLoginFormResponse.ErrorList = new List <LoginValidationResponse>()
{
new LoginValidationResponse()
{
Code = 1001,
Message = nameof(otpLoginForm.MobileNumber) + " not found."
}
};
}
return(otpLoginFormResponse);
}
