public async Task <User> RequestToken(User user) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jwtOptions.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.Role, user.Role), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim("Id", user.Id.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(15), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); user.RefreshToken = new RefreshToken() { UserId = user.Id, JwtId = token.Id, CreationDate = DateTime.UtcNow, ExpiryDate = DateTime.UtcNow.AddMonths(1) }; user.JwtToken = tokenHandler.WriteToken(token); _refreshTokenRepository.Add(user.RefreshToken); await _userRepository.SaveChangesAsync(); await _refreshTokenRepository.SaveChangesAsync(); return(user); }
private async Task <(SignInResult signInResult, LoginSuccessResponse login)> AuthenticateUser(User user, LoginRequest login) { var signInResult = await _signInManager.PasswordSignInAsync(user, login.Password, false, true); if (!signInResult.Succeeded) { return(signInResult, null); } var principal = await _signInManager.CreateUserPrincipalAsync(user); var jwt = _tokenFactory.GenerateJwtToken(principal); var refreshToken = new RefreshToken { Id = _uuidService.GenerateUuId(), User = user.Id, Value = _tokenFactory.GenerateToken(32), Location = login.Location, Useragent = login.UserAgent, IpAddress = login.IpAddress }; _refreshTokenRepository.Add(refreshToken); var res = new LoginSuccessResponse { RefreshToken = refreshToken.Value, Jwt = jwt }; return(signInResult, res); }
public async Task <Unit> Handle(CreateRefreshTokenCommand request, CancellationToken cancellationToken) { var tokenRefresh = _mapper.Map <RefreshToken>(request); await _refreshTokenRepository.Add(tokenRefresh); return(new Unit()); }
public async Task <string> CreateAsync(int userId) { var token = _rng.Generate(removeSpecialChars: true); await _refreshTokenRepository.Add(new RefreshToken(token, DateTime.UtcNow, userId, DateTime.UtcNow.AddDays(7))); return(token); }
private async Task <OkObjectResult> GenerateToken(int userId, string name, string email) { // https://github.com/wellingtonjhn/DemoJwt/blob/master/src/DemoJwt.Application/Services/JwtService.cs // https://openid.net/specs/openid-connect-core-1_0.html#ClaimsContents var claims = new[] { new Claim(JwtRegisteredClaimNames.NameId, userId.ToString()), new Claim(JwtRegisteredClaimNames.GivenName, name), new Claim(JwtRegisteredClaimNames.Email, email), //new Claim(ClaimTypes.Role, "Admin") // p/ policy: // new Claim("permissions", policy) }; //recebe uma instancia da classe SymmetricSecurityKey //armazenando a chave de criptografia usada na criação do token var key = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(_configuration["SecurityKey"])); //recebe um objeto do tipo SigninCredentials contendo a chave de //criptografia e o algoritmo de segurança empregados na geração // de assinaturas digitais para tokens var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "fansoft.com.br", audience: "fansoft.com.br", claims: claims, expires: DateTime.UtcNow.AddMinutes(5), notBefore: DateTime.UtcNow, signingCredentials: creds); var refreshTokenOld = await _refreshTokenRepository.GetByUserIdAsync(userId); if (refreshTokenOld != null) { _refreshTokenRepository.Del(refreshTokenOld); } var refreshTokenData = new RefreshToken(userId, Guid.NewGuid().ToString("N").ToUpper()); _refreshTokenRepository.Add(refreshTokenData); await _uow.CommitAsync(); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = refreshTokenData.Token })); }
public async Task <WebToken> Handle(GenerateWebToken request, CancellationToken cancellationToken) { if (request.User == null) { throw new InvalidCredentialException(""); } DateTime authTime = DateTime.UtcNow; DateTime expirationDate = authTime.AddSeconds(_jwtOptions.ExpiresIn); List <Claim> claims = new List <Claim>(); claims.Add(new Claim(JwtClaimNames.UserId, request.User.Id.ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("D"))); claims.Add(new Claim(JwtRegisteredClaimNames.Email, request.User.Email)); claims.Add(new Claim(JwtRegisteredClaimNames.AuthTime, authTime.ToString("u"))); claims.Add(new Claim("Name", $"{request.User.FirstName} {request.User.LastName}")); claims.AddRange(request.Claims); ClaimsIdentity identity = new ClaimsIdentity(new GenericIdentity(request.User.Id.ToString()), claims); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Audience = _jwtOptions.Audience, Issuer = _jwtOptions.Issuer, Expires = expirationDate, NotBefore = authTime, Subject = identity, SigningCredentials = _jwtSigningOptions.SigningCredentials, IssuedAt = authTime, }; RefreshToken refreshToken = new RefreshToken { UserId = request.User.Id, Token = Guid.NewGuid(), ExpirationDate = authTime.AddSeconds(_jwtOptions.RefreshTokenExpiresIn), IsActive = true, }; await _refreshTokenRepository.Add(refreshToken, cancellationToken); SecurityToken securityToken = _jwtSecurityTokenHandler.CreateToken(tokenDescriptor); return(new WebToken { Token = _jwtSecurityTokenHandler.WriteToken(securityToken), ExpirationDate = expirationDate, RefreshToken = refreshToken, CreatedAt = DateTime.UtcNow, }); }
public async Task <bool> AddRefreshToken(RefreshToken token) { var existingTokens = await _refreshTokenRepository.GetBySubjectAndClientId(token.Subject, token.Client.ClientId); if (existingTokens != null && existingTokens.Count > 0) { existingTokens.Clear(); } _refreshTokenRepository.Add(token); await _unitOfWorkRepository.SaveChangesAsync(); return(true); }
public async Task <bool> AddRefreshToken(RefreshToken token) { var existingToken = _refreshTokenRepository.Query(r => r.Subject == token.Subject && r.ClientId == token.ClientId).SingleOrDefault(); if (existingToken != null) { var result = await RemoveRefreshToken(existingToken); } _refreshTokenRepository.Add(token); return(await _unitOfWork.SaveChangesAsync() > 0); }
public async Task <IActionResult> AuthenticateAsync(string login, string password) { var user = await userRepository.GetAsync(login); if (user == null || !BCrypt.Net.BCrypt.Verify(password, user.PasswordHash)) { return(new JsonResult(new ExceptionDto { Message = "Invalid credentials" }) { StatusCode = 422 }); } var tokens = jwtManager.GenerateTokens(login, await GetRoleAsync(login), DateTime.Now); var handler = new JwtSecurityTokenHandler(); var refreshData = handler.ReadJwtToken(tokens.RefreshToken); var date = refreshData.ValidTo; await refreshTokenRepository.Add(new RefreshToken { Token = tokens.RefreshToken, ValidTill = date }); return(new JsonResult(tokens)); }
public RefreshToken GenerateRefreshToken(int applicationId, string redirectUri, Guid userId, string scope = null) { var refreshToken = new RefreshToken { RefreshTokenId = _passwordGenerator.Generate(_settings.RefreshTokenLength), ApplicationId = applicationId, ExpirationDate = DateTime.UtcNow.AddDays(_settings.RefreshTokenLifetimeDays), RedirectUri = redirectUri, UserId = userId, Scope = scope }; _refreshTokenRepository.Add(refreshToken); return(refreshToken); }
public void Save(RefreshToken token) { using (var transaction = Connection.BeginTransaction()) { try { refreshTokenRepository.Add(token); transaction.Commit(); } catch { transaction.Rollback(); throw; } } }
public bool AddRefreshToken(RefreshToken token) { var tokens = _authService.GetAllRefreshTokens(); var existingToken = tokens.FirstOrDefault(p => p.Subject == token.Subject && p.ClientId == token.ClientId); if (existingToken != null) { RemoveRefreshToken(token); } token.Subject = "s"; _refreshTokenRepository.Add(token); // _authService.AddRefreshToken(token); return(true); }
private async Task <RefreshToken> CreateInternalAsync(User user) { var tokenId = Guid.NewGuid(); var userClaims = user.ExtractUserClaims(); var jwtToken = CreateJwtToken(userClaims, tokenId); var jwtTokenStr = _jwtSecurityTokenHandler.WriteToken(jwtToken); var refreshToken = new RefreshToken(user.Id, jwtTokenStr); refreshToken = refreshToken.Bind(x => x.Id, tokenId); _refreshTokenRepository.Add(refreshToken); await _refreshTokenRepository.UnitOfWork.SaveChangesAndDispatchDomainEventsAsync(); return(refreshToken); }
public async Task <RefreshTokenDto> GetNew(string userId, string accessToken) { await _refreshTokenRepository.RemoveByUserIdAsync(userId); var refreshToken = new RefreshToken() { UserId = userId, AccessToken = accessToken }; _refreshTokenRepository.Add(refreshToken); await _unitOfWork.CompleteAsync(); var refreshTokenDto = _mapper.Map <RefreshToken, RefreshTokenDto>(refreshToken); return(refreshTokenDto); }
public async Task Handle(TokenCreatedEvent notification, CancellationToken cancellationToken) { // The old token is removed, if it exists if (!string.IsNullOrEmpty(notification.OldToken)) { await _refreshTokenRepository.Remove(notification.UserId, notification.OldToken); } // The refresh token is added to the database if (notification.NewToken != null) { var refreshToken = new RefreshToken(notification.UserId, notification.NewToken.RefreshToken, notification.NewToken.RefreshTokenExpiration); await _refreshTokenRepository.Add(refreshToken); } }
private string CreateRefreshToken(string JwtTokenId, string userId) { var refreshToken = new RefreshToken() { Token = Guid.NewGuid().ToString(), JwtId = JwtTokenId, UserId = userId, CreateTime = DateTime.Now, ExpiryDate = DateTime.Now.AddMonths(2), Used = false, Invalidated = false }; _refreshTokenRepository.Add(refreshToken); if (_refreshTokenRepository.SaveChanges() == 1) { return(refreshToken.Token); } return(null); }
public async Task <string> GenerateRefreshToken(T user) { Guid refreshTokenGuid = Guid.NewGuid(); RefreshToken newToken = new RefreshToken { UserId = user.Id, Token = refreshTokenGuid, Expiry = DateTime.Now.AddYears(1) }; RefreshToken existingToken = this.refreshTokenRepository.GetAll().Where(x => x.UserId == user.Id).FirstOrDefault(); if (existingToken != null) { await refreshTokenRepository.Delete(existingToken); } await refreshTokenRepository.Add(newToken); return(refreshTokenGuid.ToString()); }
public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientId = context.Ticket.Properties.Dictionary[GenericNames.AUTHENTICATION_CLIENT_ID_KEY]; if (string.IsNullOrEmpty(clientId)) { return; } var refreshTokenLifeTime = context.OwinContext.Get <int>(GenericNames.OWIN_CONTEXT_REFRESH_TOKEN_LIFETIME); var refreshToken = Guid.NewGuid().ToString("n"); //var refreshTokenRepository = new RefreshTokenRepository(context.OwinContext.Get<ManahostManagerDAL>()); /*var ClientManager = ClientUserManager.Create(null, context.OwinContext.Get<ManahostManagerDAL>());*/ IDependencyScope Scope = context.OwinContext.Get <IDependencyScope>(); ClientUserManager ClientManager = Scope.GetService(typeof(ClientUserManager)) as ClientUserManager; IRefreshTokenRepository refreshTokenRepository = Scope.GetService(typeof(IRefreshTokenRepository)) as IRefreshTokenRepository; var ServiceRepository = new ServiceRepository(context.OwinContext.Get <ManahostManagerDAL>()); var client = await ClientManager.FindByEmailAsync(context.Ticket.Identity.Name); var service = ServiceRepository.GetUniq(x => x.Id == clientId); var token = new RefreshToken() { Id = refreshToken, Client = client, Service = service, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; token.ProtectedTicket = context.SerializeTicket(); refreshTokenRepository.Add(token); await refreshTokenRepository.SaveAsync(); context.SetToken(refreshToken); }
public bool Add(RefreshToken refreshToken) { var existingRefreshToken = _refreshTokenRepository .GetSingleByCondition(x => x.ClientId == refreshToken.ClientId && x.UserName == refreshToken.UserName); if (existingRefreshToken != null) { var resultRemove = _refreshTokenRepository.Delete(existingRefreshToken); if (resultRemove == null) { return(false); } } var entity = _refreshTokenRepository.Add(refreshToken); if (entity == null) { return(false); } _unitOfWork.Commit(); return(true); }
private void SaveRefreshToken(int userId, string refreshToken, DateTime tokenExpiration) { //saves the refresh token to a data store var oldRefreshToken = _refreshTokenRepository.Get().SingleOrDefault(x => x.UserId == userId); if (oldRefreshToken != null) { oldRefreshToken.Value = refreshToken; oldRefreshToken.TokenExpiration = tokenExpiration; _refreshTokenRepository.Update(oldRefreshToken); } else { var entity = new RefreshToken { Value = refreshToken, UserId = userId, TokenExpiration = tokenExpiration }; _refreshTokenRepository.Add(entity); } _unitOfWork.Commit(); }
private RefreshTokenData GenerateRefreshToken(string userId) { string token; var randomNumber = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(randomNumber); token = Convert.ToBase64String(randomNumber); } var refreshToken = new RefreshTokenData { UsuarioId = userId, ExpirationDate = DateTime.Now.AddMinutes(_tokenDescriptor.MinutesRefreshTokenValid), RefreshToken = token.Replace("+", string.Empty) .Replace("=", string.Empty) .Replace("/", string.Empty) }; _refreshTokenRepository.Add(refreshToken); return(refreshToken); }
public async Task <bool> AddRefreshTokenAsync(RefreshToken refreshToken) { _repository.Add(refreshToken); return(await _repository.UnitOfWork.SaveChangesAsync() > 0); }
public void AddRefreshToken(RefreshToken token) { _refreshTokenRepository.Add(token); _unitOfWork.Commit(); }
public bool AddRefreshToken(RefreshToken token) { _refreshTokenRepository.Add(token); return(true); }