Example #1
0
        public static WebApplicationAccess Find(string clientId)
        {
            WebApplicationAccess webApplication = null;

            if (WebApplicationAccessList.TryGetValue(clientId, out webApplication))
            {
                return(webApplication);
            }

            return(null);
        }
Example #2
0
        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            string clientId             = string.Empty;
            string clientSecret         = string.Empty;
            string symmetricKeyAsBase64 = string.Empty;

            if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
            {
                context.TryGetFormCredentials(out clientId, out clientSecret);
            }

            if (context.ClientId == null)
            {
                context.SetError("invalid_clientId", "client_Id não pode ser nulo");
                return(Task.FromResult <object>(null));
            }

            //Procurando pelo Client Id
            var token = context.ClientId.Split(':');

            var client_id = token.First();
            var accessKey = token.Last();

            var applicationAccess = WebApplicationAccess.Find(client_id);

            if (applicationAccess == null)
            {
                context.SetError("invalid_clientId", "client_Id não encontrado");
                return(Task.FromResult <object>(null));
            }

            if (applicationAccess.AccessKey != accessKey)
            {
                context.SetError("invalid_clientId", "access key não encontrado ou inválido");
                return(Task.FromResult <object>(null));
            }

            context.Validated();
            return(Task.FromResult <object>(null));
        }
Example #3
0
        public static WebApplicationAccess GrantApplication(string name)
        {
            var clientId = Guid.NewGuid().ToString("N");

            var key = new byte[32];

            RNGCryptoServiceProvider.Create().GetBytes(key);
            var base64Secret = TextEncodings.Base64Url.Encode(key);


            var accessKey = new byte[32];

            RNGCryptoServiceProvider.Create().GetBytes(key);
            var accessKeyText = TextEncodings.Base64Url.Encode(key);

            WebApplicationAccess newWebApplication = new WebApplicationAccess {
                ClientId = clientId, SecretKey = base64Secret, AccessKey = accessKeyText, ApplicationName = name
            };

            WebApplicationAccessList.TryAdd(clientId, newWebApplication);
            return(newWebApplication);
        }
Example #4
0
        public string Protect(AuthenticationTicket data)
        {
            if (data == null)
            {
                throw new ArgumentNullException("data");
            }


            string audience = data.Properties.Dictionary["audience"];

            if (string.IsNullOrWhiteSpace(audience))
            {
                throw new InvalidOperationException("ClientId e AccessKey não foi encontrado");
            }

            var keys = audience.Split(':');

            var client_id = keys.First();
            var accessKey = keys.Last();

            var applicationAccess = WebApplicationAccess.Find(client_id);

            var keyByteArray = TextEncodings.Base64Url.Decode(applicationAccess.SecretKey);

            var signingKey = new HmacSigningCredentials(keyByteArray);

            var issued = data.Properties.IssuedUtc;

            var expires = data.Properties.ExpiresUtc;

            var token = new JwtSecurityToken(_issuer, client_id, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);

            var handler = new JwtSecurityTokenHandler();

            var jwt = handler.WriteToken(token);

            return(jwt);
        }