public Task <string> WriteToken(PasetoTokenDescriptor descriptor) { ValidationResult validationResult = new TokenDescriptorValidator() .Validate(descriptor); if (!validationResult.IsValid) { throw new ValidationException(validationResult.Errors); } PasetoBuilder <Version2> pasetoBuilder = new PasetoBuilder <Version2>() .WithKey(PasetoDefaults.GenerateKeys(descriptor.SecretKey).privateKey) .AsPublic() .AddClaim(RegisteredClaims.Audience, descriptor.Audience) .AddClaim(RegisteredClaims.Issuer, descriptor.Issuer) .AddClaim(PasetoRegisteredClaimsNames.IssuedAt, DateTime.Now) .Expiration(descriptor.Expires); if (!descriptor.NotBefore.Equals(null)) { pasetoBuilder.AddClaim(RegisteredClaims.NotBefore, descriptor.NotBefore); } foreach (Claim claim in descriptor.Subject.Claims) { pasetoBuilder.AddClaim(claim.Type, claim.Value); } return(Task.FromResult(pasetoBuilder.Build())); }
public void Version2BuilderTokenDecodingTest() { // Arrange & Act var payload = new PasetoBuilder <Version2>() .WithKey(Convert.FromBase64String(PublicKeyV2)) .AsPublic() .AndVerifySignature() .Decode(TokenV2); // Assert Assert.IsNotNull(payload); }
public void Version1BuilderTokenDecodingTest() { // Arrange & Act var payload = new PasetoBuilder <Version1>() .WithKey(GetBytes(PublicKeyV1)) .AsPublic() .AndVerifySignature() .Decode(TokenV1); // Assert Assert.IsNotNull(payload); }
public async Task <string> BelougaToken() { var token = new PasetoBuilder <Version2>() .WithKey(Encoding.UTF8.GetBytes("RI1wBFCma8HqmSzsF8sftk26PlLBLtdG")) .AddClaim("aud", "production") .AddClaim("iss", "vidya") .AddClaim("jti", "belouga_api") .AddClaim("user", "") .Expiration(DateTime.UtcNow.AddHours(24)) .AsLocal() .Build(); return(await Task.FromResult(token)); }
public void Version1BuilderTokenGenerationTest() { // Arrange string key = null; using (var rsa = RSA.Create()) key = rsa.ToCompatibleXmlString(true); // Act var token = new PasetoBuilder <Version1>() .WithKey(GetBytes(key)) .AddClaim("example", HelloPaseto) .Expiration(DateTime.UtcNow.AddHours(24)) .AsPublic() .Build(); // Assert Assert.IsNotNull(token); }
public async Task <string> Registration_Student_Paseto(int ID, string firstname, string lastname, string username, string dob, string classid) { Studentdictonary(firstname, lastname, username, dob, classid); var token = new PasetoBuilder <Version2>() .WithKey(Encoding.UTF8.GetBytes("RI1wBFCma8HqmSzsF8sftk26PlLBLtdG")) .AddClaim("aud", "production") .AddClaim("iss", "vidya") .AddClaim("jti", "belouga_api") .AddClaim("user", Studentdictonary1) .Expiration(DateTime.UtcNow.AddHours(24)) .AsLocal() .Build(); return(await Task.FromResult(token)); }
public async Task <string> Registration_Class_Paseto(int id, string schoolid, string classname, string desc, string teacharid) { Classdictonary(schoolid, classname, desc, teacharid); var token = new PasetoBuilder <Version2>() .WithKey(Encoding.UTF8.GetBytes("RI1wBFCma8HqmSzsF8sftk26PlLBLtdG")) .AddClaim("aud", "production") .AddClaim("iss", "vidya") .AddClaim("jti", "belouga_api") .AddClaim("classroom", Classdictonary1) .Expiration(DateTime.UtcNow.AddHours(24)) .AsLocal() .Build(); return(await Task.FromResult(token)); }
public async Task <string> Registration_Teacher_Paseto(int ID, List <TblBelougaRegistrationForm> tblBelouga) { TEACHER = tblBelouga; teacherdictonary(); var token = new PasetoBuilder <Version2>() .WithKey(Encoding.UTF8.GetBytes("RI1wBFCma8HqmSzsF8sftk26PlLBLtdG")) .AddClaim("aud", "production") .AddClaim("iss", "vidya") .AddClaim("jti", "belouga_api") .AddClaim("user", teacherdictonary1) .Expiration(DateTime.UtcNow.AddHours(24)) .AsLocal() .Build(); return(await Task.FromResult(token)); }
public async Task <string> Authenticate_Paseto(string username, string password) { var user = (from a in _context.UserLogin where a.UserName == username select a.UserName.ToString()); if (user.ToList().Count == 0) { return("Username is not found"); } var pass = (from a in _context.UserLogin where a.UserName == username && a.Password == Encrypt(password) select a.Password.ToString()); if (pass.ToList().Count == 0) { return("Password is invalid"); } var role = (from a in _context.UserLogin where a.UserName == username && a.Password == Encrypt(password) select a.UserRole.ToString()); userlogin(username, password); var token = new PasetoBuilder <Version2>() .WithKey(Encoding.UTF8.GetBytes("RI1wBFCma8HqmSzsF8sftk26PlLBLtdG")) .AddClaim("aud", "production") .AddClaim("iss", "vidya") .AddClaim("jti", "belouga_api") .AddClaim("user", userlogin1) .Expiration(DateTime.UtcNow.AddHours(24)) .AsLocal() .Build(); return(await Task.FromResult(token + ";" + role.SingleOrDefault())); }
public void Version2BuilderTokenGenerationTest() { // Arrange var seed = new byte[32]; // signingKey RandomNumberGenerator.Create().GetBytes(seed); var sk = Ed25519.ExpandedPrivateKeyFromSeed(seed); //var secret = Convert.ToBase64String(sk); //BitConverter.ToString(sk).Replace("-", string.Empty); // Hex Encoded // Act var token = new PasetoBuilder <Version2>() .WithKey(sk) .AddClaim("example", HelloPaseto) .Expiration(DateTime.UtcNow.AddHours(24)) .AsPublic() .Build(); // Assert Assert.IsNotNull(token); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey(AuthorizationHeaderName)) { return(AuthenticateResult.NoResult()); } if (!AuthenticationHeaderValue.TryParse(Request.Headers[AuthorizationHeaderName], out AuthenticationHeaderValue headerValue)) { return(AuthenticateResult.NoResult()); } if (!Scheme.Name.Equals(headerValue.Scheme, StringComparison.OrdinalIgnoreCase)) { return(AuthenticateResult.NoResult()); } try { string decodedToken = new PasetoBuilder <Version2>() .AsPublic() .WithKey(PasetoDefaults.GenerateKeys(Options.SecretKey).publicKey) .Decode(headerValue.Parameter); JObject deserializedObject = JObject.Parse(decodedToken); if (Convert.ToDateTime(deserializedObject["exp"]).CompareTo(DateTime.Now) < 0 || Convert.ToDateTime(deserializedObject["nbf"]).CompareTo(DateTime.Now) > 0) { Response.Headers["Error-Message"] = "Token Expired"; return(AuthenticateResult.Fail("Token Expired")); } List <Claim> claimsList = new List <Claim>(); await Task.Run(() => { foreach (var obj in deserializedObject.Properties()) { switch (obj.Name) { case PasetoRegisteredClaimsNames.ExpirationTime: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.ExpirationTime, obj.Value.ToString())); break; case PasetoRegisteredClaimsNames.Audience: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.Audience, obj.Value.ToString())); break; case PasetoRegisteredClaimsNames.Issuer: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.Issuer, obj.Value.ToString())); break; case PasetoRegisteredClaimsNames.IssuedAt: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.IssuedAt, obj.Value.ToString())); break; case PasetoRegisteredClaimsNames.NotBefore: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.NotBefore, obj.Value.ToString())); break; case PasetoRegisteredClaimsNames.TokenIdentifier: claimsList.Add(new Claim(PasetoRegisteredClaimsNames.TokenIdentifier, obj.Value.ToString())); break; default: claimsList.Add(new Claim(obj.Name, obj.Value.ToString())); break; } } }); ClaimsIdentity identity = new ClaimsIdentity(claimsList, Scheme.Name); ClaimsPrincipal principal = new ClaimsPrincipal(identity); return(AuthenticateResult.Success(new AuthenticationTicket(principal, Scheme.Name))); } catch (Exception ex) { Response.Headers["Error-Message"] = ex.Message; return(AuthenticateResult.Fail(ex)); } }