private RefreshTokens BuildRefreshToken(string userId, string clientAppId, string grantType, string authenToSystem, string authorizationCode)
{
var obj = new RefreshTokens();
obj.Id = Guid.NewGuid();
obj.AppAudienceId = clientAppId;
obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
var RefreshTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:RefreshTokenExpires"]));
obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(RefreshTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
obj.GrantType = grantType;
if (grantType == GRANT_TYPE_PASSWORD)
{
obj.ResourceOwnerId = userId;
obj.AuthenToSystem = authenToSystem;
}
if (grantType == GRANT_TYPE_AUTHORIZATION_CODE)
{
obj.AuthorizationCode = authorizationCode;
}
var key = Encoding.UTF8.GetBytes(obj.AppAudienceId);
var message = Encoding.UTF8.GetBytes(obj.Id.ToString("N"));
obj.RefreshToken = ReplaceInvalidCharacterForJwt(Convert.ToBase64String(HashingByHMACSHA256(message, key)));
obj.Status = true;
// Write Generated RefreshToken to AuthDB (For future checking)
var authRefreshToken = _authObj.PutRefreshTokens(obj);
return(obj);
}
private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType)
{
var obj = new AccessTokens();
obj.Id = Guid.NewGuid();
obj.RefreshToken = refreshToken;
obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"]));
obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
Claim[] claims;
if (grantType == GRANT_TYPE_PASSWORD)
{
claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, userId),
new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim("appid", clientAppId)
};
}
else
{
claims = new[] {
new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
new Claim("appid", clientAppId)
};
}
var token = new JwtSecurityToken(
issuer: _config["Jwt:Issuer"],
audience: _config["Jwt:Audience"],
claims: claims,
expires: AccessTokenExpiryDateTime,
notBefore: DateTime.UtcNow,
signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj)
);
obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token);
obj.Status = true;
// Write Generated AccessToken to AuthDB (For future checking)
var authAccessToken = _authObj.PutAccessTokens(obj);
// Update RefreshToken to AuthDB (For future checking)
var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime);
return(obj);
}
public IActionResult Index([Bind("Response_Type,Client_Id,Redirect_Uri,State,Authen_To_System,username,password")] string username, string password, AuthorizationCodeModel authCodeObj)
{
try
{
IActionResult response = Unauthorized();
if (ModelState.IsValid)
{
if (username != string.Empty && username != "null" && username != null)
{
if (password != string.Empty && password != "null" && password != null)
{
var IsValidated = false;
switch (authCodeObj.Authen_To_System.ToLower())
{
case "mtl-agent":
// TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL AGENT SYSTEM
break;
case "mtl-smileclub":
// TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL SMILE CLUB SYSTEM
break;
case "mtl-employee":
// TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL EMPLOYEE SYSTEM
IsValidated = true;
break;
}
if (IsValidated)
{
var code = Guid.NewGuid();
var auth = new AuthorizationCodes();
auth.Id = code;
auth.AuthenToSystem = authCodeObj.Authen_To_System;
auth.ClientAppId = authCodeObj.Client_Id;
auth.CreatedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
var expdt = DateTime.UtcNow.AddSeconds(90);
auth.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(expdt, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
auth.RedirectUri = authCodeObj.Redirect_Uri;
auth.State = authCodeObj.State;
if (authCodeObj.State != string.Empty && authCodeObj.State != "null" && authCodeObj.State != null)
{
var resp = _authObj.PutAuthorizationCodes(auth);
response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code + "&state=" + authCodeObj.State);
}
else
{
response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code);
}
return(response);
}
else
{
return(View());
}
}
else
{
return(View());
}
}
else
{
return(View());
}
}
else
{
return(View());
}
}
catch
{
return(View());
}
}
