public virtual dynamic Post(AuthRequestModel model)
{
var request = new RestRequest(Method.POST);
if (string.IsNullOrEmpty(model.client_id))
{
model.client_id = ClientId;
}
if (string.IsNullOrEmpty(model.grant_type) && GrantTypeDetection)
{
model.grant_type = DetectGrantType(model);
}
request.AddJsonBody(model);
var response = restClient.Execute <AuthorizationResponse>(request);
if (response.ErrorException == null && response.StatusCode.Equals(HttpStatusCode.OK))
{
return(Json(response.Data));
}
else
{
var responseProxy = new HttpResponseMessage(response.StatusCode);
var mimeType = new System.Net.Mime.ContentType(response.ContentType);
responseProxy.Content = new StringContent(response.Content, System.Text.Encoding.GetEncoding(mimeType.CharSet), mimeType.MediaType);
return(responseProxy);
}
}
public async Task <ActionResult> Authenticate(AuthRequestModel model)
{
if (ModelState.IsValid)
{
var result = new AuthViewModel();
try
{
var auth_credentials = model.GetAuthorizationHeaderValue();
var token = await service.Authenticate(auth_credentials);
result.Result = token;
//create session
HttpContext.Session[model.application_id] = token.access_token;
TempData["model"] = result;
return(RedirectToAction("AuthenticateResult"));
}
catch (Exception e)
{
result.Error = e.Message;
TempData["model"] = result;
return(RedirectToAction("AuthenticateResult"));
}
}
return(View(model));
}
public GenericResponseModel <AuthResponseModel> AuthenticateUser(AuthRequestModel login)
{
var response = new GenericResponseModel <AuthResponseModel>();
try
{
var da = new AuthDA();
var resultLogin = da.Login(login);
if (!resultLogin)
{
response.ErrorMessage = "User didn't Exists !";
return(response);
}
var msg = string.Empty;
response.Value = da.GetDataUser(login.UserName, ref msg);
response.Status = true;
}
catch (Exception ex)
{
response.ErrorMessage = ex.ToString();
}
return(response);
}
public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model)
{
User user = _userRepository.GetUserByLogin(model.Login);
if (user == null)
{
return(Unauthorized("User does not exist"));
}
if (_userRepository.Login(model.Login, model.Password))
{
var result = new AuthResultModel()
{
Success = true
};
var token = TokenSecurity.GenerateJwt(model.Login);
result.Token = new JwtSecurityTokenHandler().WriteToken(token);
result.Expiration = token.ValidTo;
result.Name = $"{user.Firstname} {user.Lastname}";
result.Roles = user.Roles.Select(o => o.RoleId.ToString()).ToArray();
result.UserId = user.Id;
return(Created("", result));
}
return(Unauthorized("Wrong login or password"));
}
public async Task <IHttpActionResult> Register(AuthRequestModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var initialBankAccount = new BankingAccount(model.AccountName, int.Parse(ConfigurationManager.AppSettings["snapshotFrequency"]));
var user = new CustomUser()
{
UserName = model.Username,
BankAccounts = new List <BankingAccount>()
{
initialBankAccount
}
};
IdentityResult result = await UserManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok(result.Succeeded));
}
public virtual dynamic Post(AuthRequestModel model)
{
var request = new RestRequest(Method.POST);
if (string.IsNullOrEmpty(model.client_id))
{
model.client_id = ClientId;
}
if (string.IsNullOrEmpty(model.grant_type) && GrantTypeDetection)
{
model.grant_type = DetectGrantType(model);
}
request.AddJsonBody(model);
var response = restClient.Execute<AuthorizationResponse>(request);
if (response.ErrorException == null && response.StatusCode.Equals(HttpStatusCode.OK))
{
return Json(response.Data);
}
else
{
var responseProxy = new HttpResponseMessage(response.StatusCode);
var mimeType = new System.Net.Mime.ContentType(response.ContentType);
responseProxy.Content = new StringContent(response.Content, System.Text.Encoding.GetEncoding(mimeType.CharSet), mimeType.MediaType);
return responseProxy;
}
}
public async Task <IActionResult> Auth([FromBody] AuthRequestModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.GetErrorMessage()));
}
if (!model.Email.IsValidEmailAndRowKey())
{
return(BadRequest(Phrases.InvalidEmailFormat));
}
var authResult = await _lykkeRegistrationClient.AuthorizeAsync(new AuthModel
{
ClientInfo = model.ClientInfo,
Email = model.Email,
Password = model.Password,
Ip = _requestContext.GetIp(),
UserAgent = _requestContext.UserAgent,
PartnerId = model.PartnerId
});
if (authResult?.Status == AuthenticationStatus.Error)
{
return(BadRequest(new { message = authResult.ErrorMessage }));
}
return(Ok(new AuthResponseModel
{
AccessToken = authResult?.Token,
NotificationsId = authResult?.NotificationsId
}));
}
public virtual dynamic Post(string command, AuthRequestModel model)
{
if (command.Equals("auth"))
{
return Auth(model);
}
return StatusCode(HttpStatusCode.NotFound);
}
public async Task <IActionResult> AuthenticateUser(AuthRequestModel request)
{
var result = await _authenticationService.AuthenticateUserAsync(request);
if (result != null)
{
return(Ok(result));
}
return(Unauthorized());
}
public IActionResult Authenticate([FromBody] AuthRequestModel model)
{
var response = _userService.Authenticate(model);
if (response == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(response));
}
public IActionResult Index([FromQuery] AuthRequestModel model)
{
var googleCredentials = _settings.GoogleCredentials;
return(View(new AuthViewModel
{
State = model.RedirectUri.ToBase64(),
GoogleCredentials = new ClientCredentialsViewModel
{
ClientId = googleCredentials.ClientId,
PostLoginRedirectUrl = _settings.GooglePostLoginRedirectUri
}
}));
}
private AuthResponseModel AuthenticateUser(AuthRequestModel login)
{
AuthResponseModel user = null;
var authBL = new AuthBL();
var authenticateResult = authBL.AuthenticateUser(login);
if (!authenticateResult.Status)
{
return(user);
}
user = authenticateResult.Value;
return(user);
}
/// <summary>
/// Execute convert input.
/// </summary>
/// <param name="request">RequestModel</param>
/// <returns>DataModel</returns>
private AuthDataModel Convert(AuthRequestModel request)
{
// Local variable declaration
AuthDataModel inputObject = null;
// Variable initialize
inputObject = new AuthDataModel();
// Convert data input
DataHelper.ConvertInput(request, inputObject);
// Return value
return(inputObject);
}
public async Task <string> Authenticate([FromBody] AuthRequestModel authRequest)
{
try
{
return(await _userManagementService.Authenticate(authRequest.Email, authRequest.Password));
}
catch (Exception e)
{
// send the exception details to the logger
Console.WriteLine(e);
}
return("Unable to generate the Bearer token!");
}
public IActionResult Login([FromBody] AuthRequestModel login)
{
var response = new GenericResponseModel <AuthResponseModel>();
var user = AuthenticateUser(login);
if (user != null)
{
user.token = GenerateJSONWebToken(user);
response.Value = user;
response.Status = true;
return(Ok(response));
}
response.ErrorMessage = "User Not Found";
return(Unauthorized(response));
}
protected virtual string DetectGrantType(AuthRequestModel model)
{
if (!string.IsNullOrEmpty(model.username) || !string.IsNullOrEmpty(model.password))
{
return("password");
}
if (!string.IsNullOrEmpty(model.code))
{
return("authorization_code");
}
if (!string.IsNullOrEmpty(model.refresh_token))
{
return("refresh_token");
}
return(null);
}
public async Task <IActionResult> Auth([FromBody] AuthRequestModel request)
{
var authModel = Mapper.Map <AuthModel>(request);
authModel.Ip = _requestContext.GetIp();
authModel.UserAgent = _requestContext.UserAgent;
var authResult = await _lykkeRegistrationClient.AuthorizeAsync(authModel);
if (authResult?.Status == AuthenticationStatus.Error)
{
return(BadRequest(new { message = authResult.ErrorMessage }));
}
return(Ok(Mapper.Map <AuthResponseModel>(authResult)));
}
public async Task Login(string nameOrEmail, string password, CancellationToken cancellationToken = default)
{
AuthRequestModel authModel = new AuthRequestModel
{
NameOrEmail = nameOrEmail,
Password = password
};
string json = JsonConvert.SerializeObject(authModel);
using (HttpClientHandler handler = GetHttpClientHandler())
{
using (HttpClient httpClient = GetHttpClient(handler))
{
using (StringContent content = new StringContent(json, Encoding.UTF8, "application/json"))
{
Uri uri = new Uri(UrlManager.LoginUrl);
using (HttpResponseMessage responseMessage = await httpClient.PostAsync(uri, content, cancellationToken))
{
string responseJson = await responseMessage.Content.ReadAsStringAsync();
AuthResponseModel response = JsonConvert.DeserializeObject <AuthResponseModel>(responseJson);
if (response.Success)
{
Session = new Session
{
Username = response.User.Name,
Cookies = handler.CookieContainer
.GetCookies(new Uri(UrlManager.BaseHttpAdress))
.Cast <Cookie>().ToDictionary(c => c.Name, c => c.Value)
};
}
else
{
if (response.Errors != null && response.Errors.Count > 0)
{
throw new Exception(response.Errors.First());
}
else
{
throw new Exception($"Server responded with code {(int)responseMessage.StatusCode} {responseMessage.StatusCode} while logging in");
}
}
}
}
}
}
}
public ActionResult <AuthResponseModel> Login([FromBody] AuthRequestModel authRequestModel)
{
if (ModelState.IsValid)
{
var token = AuthenticationHandler.Authenticate(authRequestModel.Username, authRequestModel.Password);
var authResponseModel = new AuthResponseModel()
{
token = token
};
return(Ok(authResponseModel));
}
else
{
return(BadRequest());
}
}
public async Task <AuthResponseModel> AuthenticateUserAsync(AuthRequestModel request)
{
var user = await _userRepository.GetUserByUsernameAsync(request.Username);
var userRoles = await GetUserRoles(user.Id);
if (user != null && user.Password == request.Password)
{
return(new AuthResponseModel
{
DisplayName = user.DisplayName,
Token = GenerateJwtToken(user, userRoles),
Roles = userRoles
});
}
return(null);
}
public IActionResult AuthReqest(AuthRequestModel model)
{
XmlDocument request = new XmlDocument();
request.LoadXml(Encoding.UTF8.GetString(Convert.FromBase64String(model.SAMLRequest)));
XmlDocument doc11 = new XmlDocument();
doc11.LoadXml(Encoding.UTF8.GetString(Convert.FromBase64String(model.SAMLRequest)));
using (XmlTextWriter xmltw = new XmlTextWriter("C:\\Users\\Matvey\\source\\repos\\AuthApp\\AuthApp\\exampleRequest.xml", new UTF8Encoding(false)))
{
doc11.WriteTo(xmltw);
xmltw.Close();
}
SamlRequestReader req = new SamlRequestReader(request);
XmlDocument response = ResponseTool.CreateResponse(req);
XmlDocument doc = Class2.SignXml(response.OuterXml, Class2.samlCertificate, Class2.privateKey);
string responseBase64 = Convert.ToBase64String(Class2.StringToByteArray(doc.OuterXml));
string url = req.GetAssertionConsumerServiceURL();
Response.Clear();
StringBuilder sb = new StringBuilder();
sb.Append("<html>");
sb.AppendFormat(@"<body onload='document.forms[""form""].submit()'>");
sb.AppendFormat("<form name='form' action='{0}' method='post'>", url);
sb.AppendFormat("<input type='hidden' name='SAMLResponse' value='{0}'>", responseBase64);
// Other params go here
sb.Append("</form>");
sb.Append("</body>");
sb.Append("</html>");
Response.WriteAsync(sb.ToString());
return(null);
}
public ActionResult Auth([FromBody] AuthRequestModel model)
{
if (model == null)
{
throw new ArgumentNullException(nameof(model));
}
var passIsCorrect = _authService.ValidatePass(model.pass);
if (!passIsCorrect)
{
return(BadRequest("invalid pass"));
}
var token = _authService.CreateToken();
return(Ok(token));
}
public async Task <OrderResponseTypeModel> AuthenticateAsync(string personalNumber, string endUserIp)
{
var requestModel = new AuthRequestModel()
{
PersonalNumber = personalNumber,
EndUserIp = endUserIp,
Requirement = new RequirementModel
{
CardReader = CardReader.Class1,
CertificatePolicies = "1.2.3.4.25", // Test Mobile BankID
// ...
}
};
var responseModel = await PostAsync <AuthRequestModel, AuthResponseModel>(
_baseUrl + "auth", requestModel);
return(Converter.Map(responseModel));
}
public AuthResponseModel Post(AuthRequestModel model)
{
// Check if we should match auth token
if (IsAuthTokenEnabled && AuthToken != model.AuthToken)
{
return(new AuthResponseModel(false));
}
// Find user with matching username
var user = dbContext.MqttUsers
.Where(x => x.Username == model.Username)
.FirstOrDefault();
// Check if user is found
if (user == null)
{
return(new AuthResponseModel(false));
}
// Check for password match
if (!BCrypt.Net.BCrypt.Verify(model.Password, user.Password))
{
return(new AuthResponseModel(false));
}
// Fetch ACL
var userAcl = dbContext.MqttUserAccessControlListItems
.Where(x => x.MqttUserId == user.Id)
.ToList();
return(new AuthResponseModel()
{
IsAuthenticated = true,
PublishAccess = userAcl
.Where(x => x.Type == MqttUserAccessControlListItem.TypePublish)
.Select(x => x.TopicPattern)
.ToList(),
SubscribeAccess = userAcl
.Where(x => x.Type == MqttUserAccessControlListItem.TypeSubscibe)
.Select(x => x.TopicPattern)
.ToList(),
});
}
public async Task Token([FromBody] AuthRequestModel request)
{
ClaimsIdentity identity = await GetIdentity(request.Login, request.Password);
if (identity == null)
{
Response.StatusCode = 400;
await Response.WriteAsync("{}");
return;
}
var currentTime = DateTime.UtcNow;
var secret = _config["Jwt:Key"];
var issuer = _config["Jwt:Issuer"];
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(
issuer: issuer,
audience: issuer,
notBefore: currentTime,
claims: identity.Claims,
expires: currentTime.Add(TimeSpan.FromMinutes(TokenLifeTimeMinutes)),
signingCredentials: signingCredentials);
var encodedJwtHandler = new JwtSecurityTokenHandler();
var encodedJwt = encodedJwtHandler.WriteToken(jwt);
var response = new
{
username = identity.Claims.Single(s => s.Type == JwtRegisteredClaimNames.Sub).Value,
id = identity.Claims.Single(s => s.Type == JwtRegisteredClaimNames.NameId).Value,
access_token = encodedJwt
};
Response.ContentType = "application/json";
await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
public async Task Token([FromBody] AuthRequestModel requestModel)
{
if (!ModelState.IsValid)
{
Response.StatusCode = 400;
await Response.WriteAsync("Invalid username or password.");
}
var identity = GetIdentity(requestModel.UserName, requestModel.Password);
if (identity == null)
{
Response.StatusCode = 400;
await Response.WriteAsync("Invalid username or password.");
}
var now = DateTime.UtcNow;
// создаем JWT-токен
var jwt = new JwtSecurityToken(
issuer: AuthOptions.ISSUER,
audience: MyHttpContext.AppBaseUrl,
notBefore: now,
claims: identity.Claims,
expires: now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)),
signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(),
SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
access_token = encodedJwt,
username = identity.Name
};
// сериализация ответа
Response.ContentType = "application/json";
await Response.WriteAsync(JsonConvert.SerializeObject(response,
new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
/// <summary>
/// Execute processing.
/// </summary>
/// <param name="request">RequestModel</param>
/// <returns>ResponseModel</returns>
private AuthResponseModel Execute(AuthRequestModel request)
{
// Local variable declaration
AuthResponseModel response = null;
AuthDataModel inputObject = null;
AuthDataModel resultObject = null;
// Variable initialize
response = new AuthResponseModel();
// Execute convert input.
inputObject = Convert(request);
// Auth infomation
resultObject = AuthInfo(inputObject);
// Execute convert ouput.
response = Convert(resultObject);
return(response);
}
public AuthResponseModel Authenticate(AuthRequestModel model)
{
var user = _users.SingleOrDefault(x => x.Username == model.Username && x.Password == model.Password);
// return null if user not found
if (user == null)
{
return(null);
}
var token = generateJwtToken(user);
return(new AuthResponseModel()
{
FirstName = user.FirstName,
Id = user.Id,
LastName = user.LastName,
Token = token,
Username = user.Username
});
}
public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model)
{
// NEVER DO THIS, JUST SHOWING THE EXAMPLE
if (model.Username == "*****@*****.**" &&
model.Password == "P@ssw0rd!")
{
var result = new AuthResultModel()
{
Success = true
};
// Never do this either, hardcoded strings
var token = TokenSecurity.GenerateJwt(model.Username);
result.Token = new JwtSecurityTokenHandler().WriteToken(token);
result.Expiration = token.ValidTo;
return(Created("", result));
}
return(BadRequest("Unknown failure"));
}
public ActionResult <string> Post([FromBody] AuthRequestModel authRequestModel)
{
var login = authRequestModel.Login;
var password = authRequestModel.Password;
if (_context.Users.Where(u => u.UserName == login).ToArray().Length == 0)
{
var user = new CustomUserIdentity();
user.UserName = login;
user.PasswordHash = _userManager.PasswordHasher.HashPassword(user, password);
_context.Users.Add(user);
_context.SaveChanges();
return("User: "******" added");
}
else
{
return(BadRequest("User allready exist in Database"));
}
}
public ActionResult <String> Post([FromBody] AuthRequestModel authRequestModel, [FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
var login = authRequestModel.Login;
var password = authRequestModel.Password;
var user = _context.Users.FirstOrDefault(u => u.UserName == login);
if (user != null)
{
var result = _userManager.PasswordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
if (result == PasswordVerificationResult.Success)
{
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, login),
};
var token = new JwtSecurityToken(
issuer: "MyShop",
audience: "MyShopClient",
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
else
{
return(BadRequest("Password incorrect"));
}
}
else
{
return(BadRequest("User is not found"));
}
}
public IActionResult Post([FromBody] AuthRequestModel req)
{
if (req.Username == "Jon" && req.Password == "Doe")
{
var duration = new Duration();
var token = new JwtSecurityToken(
issuer: Program.Configuration["JWT:ValidIssuer"],
audience: Program.Configuration["JWT:ValidIssuer"],
claims: new[] {
new Claim(ClaimTypes.Name, req.Username)
},
expires: DateTime.Now.AddMilliseconds(duration.Parse(Program.Configuration["JWT:Expiration"]).TotalMilliseconds),
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Program.Configuration["JWT:SigningKey"])), SecurityAlgorithms.HmacSha256)
);
return(Ok(new {
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
return(BadRequest("Username or password could not be verified."));
}
protected virtual string DetectGrantType(AuthRequestModel model)
{
if (!string.IsNullOrEmpty(model.username) || !string.IsNullOrEmpty(model.password))
{
return "password";
}
if (!string.IsNullOrEmpty(model.code))
{
return "authorization_code";
}
if (!string.IsNullOrEmpty(model.refresh_token))
{
return "refresh_token";
}
return null;
}
protected virtual dynamic Auth(AuthRequestModel model)
{
var request = new RestRequest("auth", Method.POST);
if (string.IsNullOrEmpty(model.client_id))
{
model.client_id = ClientId;
}
if (string.IsNullOrEmpty(model.grant_type) && GrantTypeDetection)
{
model.grant_type = DetectGrantType(model);
}
request.AddJsonBody(model);
return Proxy(request);
}
