private RefreshTokens BuildRefreshToken(string userId, string clientAppId, string grantType, string authenToSystem, string authorizationCode) { var obj = new RefreshTokens(); obj.Id = Guid.NewGuid(); obj.AppAudienceId = clientAppId; obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); var RefreshTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:RefreshTokenExpires"])); obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(RefreshTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); obj.GrantType = grantType; if (grantType == GRANT_TYPE_PASSWORD) { obj.ResourceOwnerId = userId; obj.AuthenToSystem = authenToSystem; } if (grantType == GRANT_TYPE_AUTHORIZATION_CODE) { obj.AuthorizationCode = authorizationCode; } var key = Encoding.UTF8.GetBytes(obj.AppAudienceId); var message = Encoding.UTF8.GetBytes(obj.Id.ToString("N")); obj.RefreshToken = ReplaceInvalidCharacterForJwt(Convert.ToBase64String(HashingByHMACSHA256(message, key))); obj.Status = true; // Write Generated RefreshToken to AuthDB (For future checking) var authRefreshToken = _authObj.PutRefreshTokens(obj); return(obj); }
private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType) { var obj = new AccessTokens(); obj.Id = Guid.NewGuid(); obj.RefreshToken = refreshToken; obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"])); obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); Claim[] claims; if (grantType == GRANT_TYPE_PASSWORD) { claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userId), new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")), new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim("appid", clientAppId) }; } else { claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")), new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32), new Claim("appid", clientAppId) }; } var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Audience"], claims: claims, expires: AccessTokenExpiryDateTime, notBefore: DateTime.UtcNow, signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj) ); obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token); obj.Status = true; // Write Generated AccessToken to AuthDB (For future checking) var authAccessToken = _authObj.PutAccessTokens(obj); // Update RefreshToken to AuthDB (For future checking) var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime); return(obj); }
public IActionResult Index([Bind("Response_Type,Client_Id,Redirect_Uri,State,Authen_To_System,username,password")] string username, string password, AuthorizationCodeModel authCodeObj) { try { IActionResult response = Unauthorized(); if (ModelState.IsValid) { if (username != string.Empty && username != "null" && username != null) { if (password != string.Empty && password != "null" && password != null) { var IsValidated = false; switch (authCodeObj.Authen_To_System.ToLower()) { case "mtl-agent": // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL AGENT SYSTEM break; case "mtl-smileclub": // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL SMILE CLUB SYSTEM break; case "mtl-employee": // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL EMPLOYEE SYSTEM IsValidated = true; break; } if (IsValidated) { var code = Guid.NewGuid(); var auth = new AuthorizationCodes(); auth.Id = code; auth.AuthenToSystem = authCodeObj.Authen_To_System; auth.ClientAppId = authCodeObj.Client_Id; auth.CreatedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); var expdt = DateTime.UtcNow.AddSeconds(90); auth.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(expdt, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); auth.RedirectUri = authCodeObj.Redirect_Uri; auth.State = authCodeObj.State; if (authCodeObj.State != string.Empty && authCodeObj.State != "null" && authCodeObj.State != null) { var resp = _authObj.PutAuthorizationCodes(auth); response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code + "&state=" + authCodeObj.State); } else { response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code); } return(response); } else { return(View()); } } else { return(View()); } } else { return(View()); } } else { return(View()); } } catch { return(View()); } }