protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
try
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Unauthorized"));
}
string authorizationHeader = Request.Headers["Authorization"];
if (string.IsNullOrEmpty(authorizationHeader))
{
return(AuthenticateResult.NoResult());
}
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var username = credentials[0];
var password = credentials[1];
var user = await Task.Run(() => _user_service.Authenticate(username, password));
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new[] {
new Claim(ClaimTypes.Name, user.User),
new Claim(ClaimTypes.Role, "TWELVE"),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
catch (Exception ex)
{
return(AuthenticateResult.Fail(ex.Message));
}
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
//[email protected]
//password=8be7dbd7237e2e0bf90ff81b8ff44333
//=> converted to base64 on https://www.base64encode.org/ =>
//am9obi5zbWl0aEBnbWFpbC5jb206OGJlN2RiZDcyMzdlMmUwYmY5MGZmODFiOGZmNDQzMzM=
var bytes = Encoding.UTF8.GetBytes("emailAdress:password");
var base64 = Convert.ToBase64String(bytes);
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Authorization header was not found"));
}
try
{
var authenticationHeaderValue = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var outputBytes = Convert.FromBase64String(authenticationHeaderValue.Parameter);
var credentials = Encoding.UTF8.GetString(outputBytes).Split(':');
var email = credentials[0];
var password = credentials[1];
var user = await _context.Users.FirstOrDefaultAsync(u => u.EmailAddress == email && u.Password == password);
if (user == null)
{
return(AuthenticateResult.Fail("Invalid username or passord"));
}
else
{
var claims = new[] { new Claim(ClaimTypes.Name, user.EmailAddress) };
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
}
catch (System.Exception)
{
return(AuthenticateResult.Fail("Error has ocurred"));
}
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
User user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var email = credentials[0];
var password = credentials[1];
user = await _userService.Authenticate(email, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Email),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
Bilten.Model.Korisnici user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
user = _userService.Authenticiraj(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Pogrešan username ili password"));
}
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme),
new Claim(ClaimTypes.Name, user.ImePrezime),
};
var role = user.VrstaKorisnika.Naziv;
claims.Add(new Claim(ClaimTypes.Role, role));
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public async Task <IActionResult> DecryptClaims([FromBody] Dictionary <string, string> content)
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(BadRequest("Authorization header is required."));
}
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var secret = authHeader.Parameter.Replace("Bearer ", "");
if (secret.Length < 16)
{
return(BadRequest("Secret value provided is of insufficient length."));
}
var secretBytes = Encoding.UTF8.GetBytes(secret.Substring(0, 16));
var outputClaims = new Dictionary <string, string>();
using (var aesAlg = Aes.Create())
{
var decryptor = aesAlg.CreateDecryptor(secretBytes, secretBytes);
foreach (var kv in content)
{
var cipherText = Convert.FromBase64String(content[kv.Key]);
using (var cipherStream = new MemoryStream(cipherText))
{
using (var cryptoStream = new CryptoStream(cipherStream, decryptor, CryptoStreamMode.Read))
{
using (var textReader = new StreamReader(cryptoStream))
{
outputClaims[kv.Key] = await textReader.ReadToEndAsync();
}
}
}
}
}
return(new JsonResult(outputClaims));
}
public async Task <IActionResult> UpdateData()
{
string password = string.Empty;
string userName = string.Empty;
try
{
if (Request.Headers.ContainsKey("Authorization"))
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
userName = credentials[0];
password = credentials[1];
}
}
catch
{
return(Unauthorized("Invalid Auth Header!"));
}
string requestString;
using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
requestString = await reader.ReadToEndAsync();
}
var request = JsonConvert.DeserializeObject <SensorUpdateRequest>(requestString);
var deviceId = _devicesService.AuthorizeSensor(request.EspId, userName, password);
if (!deviceId.HasValue || deviceId == Guid.Empty)
{
return(Unauthorized("Invalid UserName/Password or Device not found!"));
}
_jsonUpdatesService.SaveUpdate(deviceId.Value, requestString);
_aqiEcoService.SendToAqi(deviceId.Value, requestString);
var result = _measurementsService.AddSensorMeasurement(deviceId.Value, request.DataValues);
return(Ok(result));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
Response.StatusCode = 401;
Response.Headers.Add("WWW-Authenticate", "Basic");
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var username = credentials[0];
var password = credentials[1];
var isValid = await Task.FromResult(username == "validuser" && password == "password"); // bypass async method warning
if (isValid)
{
var claims = new[] {
new Claim(ClaimTypes.Name, username),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
else
{
Response.StatusCode = 401;
Response.Headers.Add("WWW-Authenticate", "Basic");
return(AuthenticateResult.Fail("Please enter the correct credentials"));
}
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
}
public static async void AddPatient()
{
Console.WriteLine("[DODAJ PACJENTA]");
Console.WriteLine("First Name:");
string FirstNameRl = Console.ReadLine();
Console.WriteLine("Surname:");
string SurnameRl = Console.ReadLine();
Console.WriteLine("Age:");
string AgeRl = Console.ReadLine();
Console.WriteLine("Email:");
string email = Console.ReadLine();
HttpClient client = new HttpClient();
var app = PublicClientApplicationBuilder.Create("fce95216-40e5-4a34-b041-f287e46532be")
.WithAuthority("https://login.microsoftonline.com/146ab906-a33d-47df-ae47-fb16c039ef96/v2.0/")
.WithDefaultRedirectUri()
.Build();
var result = await app.AcquireTokenInteractive(new[] { "api://fce95216-40e5-4a34-b041-f287e46532be/.default" }).ExecuteAsync();
string token = result.AccessToken;
client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token);
Patient p = new Patient()
{
FirstName = FirstNameRl,
Surname = SurnameRl,
PositiveTestDate = DateTime.Now,
Age = Int16.Parse(AgeRl),
Email = email
};
string patientJson = System.Text.Json.JsonSerializer.Serialize(p);
await client.PostAsync("https://localhost:5001/api/patients",
new StringContent(patientJson, Encoding.UTF8, "application/json"));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
Model.User user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
user = _userService.Authenticate(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.Username),
new Claim(ClaimTypes.Name, user.FirstName),
};
var role = _context.Users.Where(k => k.Id == user.Id).Select(k => k.Role.Name).SingleOrDefault();
claims.Add(new Claim(ClaimTypes.Role, role));
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public async Task Invoke(HttpContext context)
{
if (!context.Request.Headers.ContainsKey("Authorization"))
{
context.Response.StatusCode = 401;
return;
}
var authenticated = false;
try
{
var authenticationHeader = AuthenticationHeaderValue.Parse(context.Request.Headers["Authorization"]);
if (!authenticationHeader.Scheme.Equals("Basic"))
{
throw new Exception("Invalid Basic auth authroization schema.");
}
var credentialChunk = Convert.FromBase64String(authenticationHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialChunk).Split(":");
var username = credentials[0];
var password = credentials[1];
authenticated = username.Equals(password);
}
catch
{
context.Response.StatusCode = 401; //Unauthorized
return;
}
if (authenticated)
{
await _next.Invoke(context);
}
else
{
context.Response.StatusCode = 401; //Unauthorized
return;
}
}
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(Task.FromResult(AuthenticateResult.Fail("Missing Authorization header")));
}
try
{
var authenticationHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authenticationHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(":");
var username = credentials[0];
var password = credentials[1];
if (username != "Pluralsight" || password != "Pluralsight")
{
return(Task.FromResult(AuthenticateResult.Fail("Invalid username or password")));
}
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, username)
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}
catch
{
return(Task.FromResult(AuthenticateResult.Fail("Invalida Authorization header")));
}
}
/// <summary>
/// Get user Azure AD access token.
/// </summary>
/// <returns>Token to access MS graph.</returns>
public async Task <string> GetAccessTokenAsync()
{
List <string> scopeList = this.azureAdOptions.Value.GraphScope.Split(new char[] { ' ' }, System.StringSplitOptions.RemoveEmptyEntries).ToList();
try
{
// Gets user account from the accounts available in token cache.
// https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.clientapplicationbase.getaccountasync?view=azure-dotnet
// Concatenation of UserObjectId and TenantId separated by a dot is used as unique identifier for getting user account.
// https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.accountid.identifier?view=azure-dotnet#Microsoft_Identity_Client_AccountId_Identifier
var account = await this.confidentialClientApp.GetAccountAsync($"{this.UserObjectId}.{this.azureAdOptions.Value.TenantId}");
// Attempts to acquire an access token for the account from the user token cache.
// https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.clientapplicationbase.acquiretokensilent?view=azure-dotnet
AuthenticationResult result = await this.confidentialClientApp
.AcquireTokenSilent(scopeList, account)
.ExecuteAsync();
return(result.AccessToken);
}
catch (MsalUiRequiredException msalex)
{
// Getting new token using AddTokenToCacheFromJwtAsync as AcquireTokenSilent failed to load token from cache.
TokenAcquisitionHelper tokenAcquisitionHelper = new TokenAcquisitionHelper(this.confidentialClientApp);
try
{
this.logger.LogInformation($"MSAL exception occurred while trying to acquire new token. MSAL exception details are found {msalex}.");
var jwtToken = AuthenticationHeaderValue.Parse(this.Request.Headers["Authorization"].ToString()).Parameter;
return(await tokenAcquisitionHelper.AddTokenToCacheFromJwtAsync(this.azureAdOptions.Value.GraphScope, jwtToken));
}
catch (Exception ex)
{
this.logger.LogError(ex, $"An error occurred in GetAccessTokenAsync: {ex.Message}.");
throw;
}
}
catch (Exception ex)
{
this.logger.LogError(ex, $"An error occurred in fetching token : {ex.Message}.");
throw;
}
}
protected async override Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey(authorizationKey))
{
return(AuthenticateResult.Fail("Missing authorization header"));
}
var authorizationHeader = AuthenticationHeaderValue.Parse(Request.Headers[authorizationKey]);
if (authorizationHeader.Scheme != "Basic")
{
return(AuthenticateResult.Fail("Invalid schema"));
}
byte[] credentialBytes = Convert.FromBase64String(authorizationHeader.Parameter);
string[] credentials = Encoding.UTF8.GetString(credentialBytes).Split(":");
string login = credentials[0];
string password = credentials[1];
if (!authenticationService.TryAuthorize(login, password, out Customer customer))
{
return(AuthenticateResult.Fail("Invalid login or password"));
}
ClaimsIdentity identity = new ClaimsIdentity(Scheme.Name);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
identity.AddClaim(new Claim(ClaimTypes.Email, customer.Email));
identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, customer.Birthday.ToString()));
//identity.AddClaim(new Claim("kat", "B"));
//identity.AddClaim(new Claim("kat", "C"));
//identity.AddClaim(new Claim(ClaimTypes.Role, "Developer"));
//identity.AddClaim(new Claim(ClaimTypes.Role, "Trainer"));
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// skip authentication if endpoint has [AllowAnonymous] attribute
var endpoint = Context.GetEndpoint();
if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null)
{
return(AuthenticateResult.NoResult());
}
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
// User user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var username = credentials[0];
var password = credentials[1];
if (await _basicAuthenticationService.AuthenticateUser(username, password))
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, username),
new Claim(ClaimTypes.Name, username),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
try {
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
var tenant = GetTenant();
if (string.IsNullOrEmpty(tenant))
{
return(AuthenticateResult.Fail("Unknown tenant"));
}
if (string.IsNullOrEmpty(username) || username != password)
{
return(AuthenticateResult.Fail("Wrong username or password"));
}
}
catch (Exception e)
{
return(AuthenticateResult.Fail("Unable to authenticate"));
}
var claims = new[] {
new Claim("Tenant", "tenant id")
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
Wellness.Model.Osoba user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
user = _userService.Authenticiraj(username, password);//trebamo napravit neki servis hur dur
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme),
new Claim(ClaimTypes.Name, user.Ime),//idk valjda bi trebo bit password..
};
claims.Add(new Claim(ClaimTypes.Role, user.Uloga.Naziv));
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
bool isValidJwt = false;
string jwtToken = "";
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var authHeaderString = authHeader.ToString();
jwtToken = authHeaderString.Replace("Bearer ", "").Trim();
isValidJwt = _JwtService.IsValidJwt(jwtToken);
}
catch (Exception e)
{
Console.WriteLine(e);
_Logger.LogCritical(e.ToString());
return(AuthenticateResult.Fail("Invalid Jwt"));
}
if (!isValidJwt)
{
return(AuthenticateResult.Fail("Invalid Jwt"));
}
// TODO: Add other payload items aswell to current claims
var jwtPayload = _JwtService.DecodeJwt(jwtToken);
var claims = new[]
{
new Claim(ClaimTypes.Name, jwtPayload["name"].ToString())
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
User CurrentUser = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
CurrentUser = _userService.Authenticate(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (CurrentUser == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
_userService.SetCurrentUser(CurrentUser);
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, CurrentUser.Username),
new Claim(ClaimTypes.Name, CurrentUser.Name),
};
claims.Add(new Claim(ClaimTypes.Role, CurrentUser.UserType.Type)); //role
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
bool success = false;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var username = credentials[0];
var password = credentials[1];
success = await Task.Factory.StartNew(() =>
{
return(username == "admin" && password == "admin");
});
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (!success)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, 1.ToString()),
new Claim(ClaimTypes.Name, "Administrator"),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
User user = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var username = credentials[0];
var password = credentials[1];
user = await this.context.Users.FirstOrDefaultAsync(x => x.Email.ToUpper().Equals(username.ToUpper()));
if (!SecurePasswordHasher.Verify(password, user.UserPassword.Password.Text.ToString()))
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var claims = new[] {
new Claim(ClaimTypes.Email, user.Id.ToString()),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public static async Task Main(string[] args)
{
var username = args[0];
var password = args[1];
var hostname = args[2];
var handler = new HttpClientRedirectHandler();
using (var client = new HttpClient(handler)
{
BaseAddress = new Uri($"https://{hostname}/api/v1")
})
{
// Login - constructing a payload that looks like { "username": "******"password": "******" }
var loginMessage = $"{{ 'username': '******', 'password': '******' }}";
var loginContent = new StringContent(loginMessage,
Encoding.UTF8,
"application/json");
var loginResponseMessage = await client.PostAsync("login", loginContent);
// Read the results
var loginResult = await loginResponseMessage.Content.ReadAsStringAsync();
// Get the access token
// We could use string manipulation methods, but using JSON.NET is much easier
var accessToken = JToken.Parse(loginResult)["accessToken"].Value <string>();
// Add an authorization header to the list of default headers for our client
client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse($"Bearer {accessToken}");
// Let's attempt to retrieve the first page of alarms
var alarmsResponse = await client.GetAsync("alarms");
// Parse the response using Newtonsoft and print the first one.
var alarmsObject = JObject.Parse(await alarmsResponse.Content.ReadAsStringAsync());
var alarms = alarmsObject["items"];
Console.WriteLine($"First alarm: {alarms?[0]}");
}
}
private void AddHeader(HttpRequestMessage requestMessage, RestHeader header)
{
switch (header.Key)
{
case "Authorization":
requestMessage.Headers.Authorization = AuthenticationHeaderValue.Parse(header.Value);
break;
case "Date":
requestMessage.Headers.Date = DateTimeOffset.Parse(header.Value);
break;
case "Content-Type":
break;
default:
requestMessage.Headers.Add(header.Key, header.Value);
break;
}
}
public async Task <ActionResult <int> > seguimiento(string id_modulo, string id_persona, int id_anio, int id_mes)
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var handler = new JwtSecurityTokenHandler();
var jwtToken = handler.ReadToken(authHeader.Parameter) as JwtSecurityToken;
var codPersona = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "nameid").Value;
var usuario = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "unique_name").Value;
var rol = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "role").Value;
return(await Mediator.Send(new GetSeguimientoObseracion()
{
modulo = id_modulo,
persona = id_persona,
anio = id_anio,
mes = id_mes,
usuario = usuario,
rol = rol
}));
}
async Task <string> FetchBlankPage()
{
var c = new HttpClient();
var rq = new HttpRequestMessage(HttpMethod.Get, $"{kspProxyConfig.Host}/blank");
rq.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html"));
rq.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xhtml+xml"));
if (!string.IsNullOrEmpty(kspProxyConfig.Authorization))
{
rq.Headers.Authorization =
AuthenticationHeaderValue.Parse(kspProxyConfig.Authorization);
}
if (HttpContext.Request.Headers.TryGetValue("Cookie", out var x))
{
rq.Headers.Add("Cookie", x.AsEnumerable());
}
var rs = await c.SendAsync(rq);
return(await rs.Content.ReadAsStringAsync());
}
private async Task <KeyValuePair <string, HttpResponseMessage> > UploadFile(string filename)
{
using HttpClient client = new HttpClient
{
BaseAddress = new Uri($"https://cloud-api.yandex.net/v1/disk/resources/upload?path={_dstDir}/{filename}&overwrite={_overwrite}"),
DefaultRequestHeaders =
{
Authorization = AuthenticationHeaderValue.Parse(_token),
Accept = { MediaTypeWithQualityHeaderValue.Parse("application/json") },
}
};
var getResponse = await client.GetAsync(client.BaseAddress);
var getResponseBody = await getResponse.Content.ReadFromJsonAsync <YaDiskResponse>();
var streamContent = new StreamContent(File.OpenRead($"{_srcDir}\\{filename}"));
var putResponse = await client.PutAsync(getResponseBody?.Href, streamContent);
return(new KeyValuePair <string, HttpResponseMessage>(filename, putResponse));
}
public async Task <HttpResponseMessage> PostAsync(string url, object data)
{
var token = await _sessionDataService.GetCurrentUserDataAsync();
_httpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token.Token);
HttpResponseMessage responseMessage = await _httpClient.PostAsJsonAsync(url, data);
if (responseMessage.StatusCode != HttpStatusCode.Unauthorized)
{
return(responseMessage);
}
await _sessionDataService.SetCurrentUserDataAsync(null);
await _sessionDataService.SetRollbackUrl(_navigationManager.Uri);
_navigationManager.NavigateTo("/");
return(null);
}
public void Parse_Invalid()
{
try {
AuthenticationHeaderValue.Parse(null);
Assert.Fail("#1");
} catch (FormatException) {
}
try {
AuthenticationHeaderValue.Parse(" ");
Assert.Fail("#2");
} catch (FormatException) {
}
try {
AuthenticationHeaderValue.Parse("a;b");
Assert.Fail("#3");
} catch (FormatException) {
}
}
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
{
HttpRequest request = HttpContext.Current.Request;
string authHeader = request.Headers[nilnul.pass.http.request.header.Keys.Authorization];
if (authHeader != null)
{
AuthenticationHeaderValue authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);
if (authHeaderVal.Scheme.Equals(
"Bearer",
StringComparison.OrdinalIgnoreCase) &&
authHeaderVal.Parameter != null
)
{
AuthenticateToken(authHeaderVal.Parameter);
}
}
}
public async Task LogOutAsync(string token)
{
using (var client = new HttpClient())
{
if (!string.IsNullOrEmpty(token))
{
//Add the authorization header
client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token);
}
var result = await client.GetAsync(Flurl.Url.Combine(BaseUri, "/api/Account/Logout"));
if (result.IsSuccessStatusCode)
{
return;
}
throw new ApiException(result.StatusCode, string.Empty);
}
}
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
{
System.Diagnostics.Debug.WriteLine("Module1: Authenticate");
var request = HttpContext.Current.Request;
var authHeader = request.Headers["Authorization"];
if (authHeader != null)
{
System.Diagnostics.Debug.WriteLine("Module1: Authenticate Request Actual");
var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);
// RFC 2617 sec 1.2, "scheme" name is case-insensitive
if (authHeaderVal.Scheme.Equals("basic",
StringComparison.OrdinalIgnoreCase) &&
authHeaderVal.Parameter != null)
{
AuthenticateUser(authHeaderVal.Parameter);
}
}
}
