public JsonWebToken Get([FromQuery] string grant_type, [FromQuery] int userId, [FromQuery] int pin, [FromQuery] string refresh_token)
{
// Authenticate depending on the grant type.
UserViewModel user = grant_type == "refresh_token" ? GetUserByToken(refresh_token) : GetUserByCredentials(userId, pin);
if (user == null)
{
throw new UnauthorizedAccessException("No!");
}
int ageInMinutes = 20; // However long you want...
DateTime expiry = DateTime.UtcNow.AddMinutes(ageInMinutes);
var token = new JsonWebToken
{
access_token = _tokenProvider.CreateToken(user, expiry),
expires_in = ageInMinutes * 60
};
if (grant_type != "refresh_token")
{
token.refresh_token = GenerateRefreshToken(user);
}
return(token);
}
public JsonWebToken Generate([FromBody] LoginViewModel model)
{
int ageInMinutes = 60;
DateTime expiry = DateTime.UtcNow.AddMinutes(ageInMinutes);
return(_tokenProvider.CreateToken(0
, model.username.IndexOf(":") > -1 ? model.username.Split(':')[0] : model.username
, model.username.IndexOf(":") > -1 ? model.username.Split(':')[1] : model.username
, model.password, expiry));
}
public JsonWebToken Get([FromBody] LoginViewModel loginViewModel)
{
// Authenticate depending on the grant type.
UserViewModel user = loginViewModel.grant_type == "refresh_token" ? GetUserByToken(loginViewModel.refresh_token) : GetUserByCredentials(Convert.ToInt32(loginViewModel.username), Convert.ToInt32(loginViewModel.password));
if (user == null)
{
throw new UnauthorizedAccessException("No!");
}
int ageInMinutes = 20; // However long you want...
DateTime expiry = DateTime.UtcNow.AddMinutes(ageInMinutes);
var token = new JsonWebToken
{
access_token = _tokenProvider.CreateToken(user, expiry),
expires_in = ageInMinutes * 60
};
if (loginViewModel.grant_type != "refresh_token")
{
token.refresh_token = GenerateRefreshToken(user);
}
return(token);
}
public JsonWebToken ProcessToken(User userLogin)
{
List <Rol> Roles;
var user = _unitOfWork.IUser.ValidateUser(userLogin.username, userLogin.password);
Roles = new List <Rol>();
var listRoles = _unitOfWork.IRolUser.GetList();
foreach (var element in listRoles)
{
if (user.id == element.IdUser)
{
Roles.Add(_unitOfWork.IRol.GetById(element.IdRol));
}
}
user.Roles = Roles;
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480 //minutes
};
return(token);
}
public async Task <IActionResult> Login([FromBody] LoginCredentialsDTO login)
{
//await _userService.CreateUser(new Business.Entities.User { Email = "*****@*****.**", Name = "Harshika Gupta", RoleID = 1, UserName = "******", Password = "******" });
var result = await _userService.AuthenticateUser(login.Email, login.Password);
if (result.IsSuccessed)
{
var user = result.Value;
var userToken = new UserToken
{
Id = user.UserID,
FullName = user.Name,
RoleID = user.RoleID
};
var token = _tokenProvider.CreateToken(userToken);
if (!token.IsSuccessed)
{
BadRequest(token.GetErrorString());
}
return(Ok(new AuthTokenDTO {
AuthToken = token.Value.Value, RoleName = Utilities.GetRoleName(user.RoleID), ValidTo = token.Value.ValidTo
}));
}
return(BadRequest("User is not authenticated"));
}
public ActionResult Token()
{
var email = Request.Form["email"];
var password = Request.Form["password"];
// User validation
var identity = GetIdentity(email, password);
if (identity == null)
{
var errors = new List <string>()
{
"Invalid username or password."
};
return(GetErrorResult(new ErrorResult(errors, false)));
}
var response = new
{
access_token = _tokenProvider.CreateToken(identity.Claims),
email = identity.Name
};
Response.ContentType = "application/json";
return(Json(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
public JsonWebToken Post(LoginModel loginModel)
{
// Authenticate depending on the grant type.
User user = loginModel.grant_type == "refresh_token" ? GetUserByToken(loginModel.refresh_token) : GetUserByCredentials(loginModel.client_id, loginModel.client_secret);
if (user == null)
{
throw new UnauthorizedAccessException("No!");
}
int ageInMinutes = 20; // However long you want...
DateTime expiry = DateTime.UtcNow.AddMinutes(ageInMinutes);
var token = new JsonWebToken
{
access_token = _tokenProvider.CreateToken(user, expiry),
expires_in = ageInMinutes * 60
};
if (loginModel.grant_type != "refresh_token")
{
token.refresh_token = GenerateRefreshToken(user);
}
return(token);
}
private TTokenEntity CreateToken <TTokenEntity>() where TTokenEntity : ITokenEntity, new()
{
return(new TTokenEntity
{
Token = _tokenProvider.CreateToken()
});
}
private AuthResponse GetAuthResponse(User user, SessionRefreshToken refreshToken)
{
return(new AuthResponse()
{
Login = user.Login,
AccessToken = _tokenProvider.CreateToken(user),
Expires = _tokenProvider.TokenExpires,
RefreshToken = refreshToken.Token
});
}
public Token GetToken(ITokenProvider provider)
{
return(new Token
{
AccessToken = new JwtSecurityTokenHandler().WriteToken(provider.CreateToken(MailAddress, Id.ToString(), "Audience")),
RefreshToken = new JwtSecurityTokenHandler().WriteToken(provider.CreateRefreshToken(MailAddress, Id.ToString(), "Audience")),
ExpireDate = provider.ExpireDate,
Type = "bearer"
});
}
public IActionResult Generate(string userName, string password)
{
var token = _tokenProvider.CreateToken(userName, password);
if (token.access_token is null)
{
return(BadRequest("Credentials are invalid!."));
}
return(Ok(token));
}
public async Task Register_WhenCalled_ProperUserToAddExpected()
{
// ARRANGE
var userForRegister = new UserForRegisterDto
{
Username = "******", Email = "*****@*****.**", Password = "******"
};
(string password, ComputedPassword computedPassword)password = (userForRegister.Password,
ComputedPassword.Create(Encoding.ASCII.GetBytes("password hash"), Encoding.ASCII.GetBytes("password salt")));
SetPasswordProvider(password);
var newActivationToken = new AccountActivationToken {
Token = "The token"
};
User userToAdd = null;
_userRepository.When(x => x.AddAsync(Arg.Any <User>())).Do(x => { userToAdd = x.ArgAt <User>(0); });
_tokenProvider.CreateToken().Returns(newActivationToken.Token);
_accountActivationTokenRepository.SingleOrDefaultAsync(Arg.Any <Expression <Func <AccountActivationToken, bool> > >())
.Returns((AccountActivationToken)null);
var pendingUploadPhotosFolderName = Guid.NewGuid();
SystemGuid.Set(() => pendingUploadPhotosFolderName);
var expected = new User
{
Username = userForRegister.Username,
Email = userForRegister.Email,
ActivationToken = new AccountActivationToken {
Token = newActivationToken.Token
},
IsAccountActivated = false,
PendingUploadPhotosFolderName = pendingUploadPhotosFolderName.ToString("N"),
PasswordHash = password.computedPassword.Hash,
PasswordSalt = password.computedPassword.Salt
};
// ACT
await _sut.Register(userForRegister);
// ASSERT
userToAdd.Should().BeEquivalentTo(expected);
await _unitOfWork.Received().CompleteAsync();
}
private CommonEntities.Result <IAuthToken> CreateToken(TokenInfo tokenBuilderInput, bool isToken)
{
var token = _tokenProvider.CreateToken(tokenBuilderInput, isToken);
if (!token.IsSuccessed)
{
return(CommonEntities.Result.Fail <IAuthToken>(token.GetErrorString()));
}
return(token);
}
public async Task <ActionResult <JwtToken> > Authorize([FromBody] LoginVm loginVm)
{
var user = await _authenticationService.Authenticate(loginVm.Username, loginVm.Password);
var rememberMe = loginVm.RememberMe;
var jwt = _tokenProvider.CreateToken(user, rememberMe);
var httpHeaders = new HeaderDictionary {
[JwtConstants.AuthorizationHeader] = $"{JwtConstants.BearerPrefix} {jwt}"
};
return(Ok(new JwtToken(jwt)).WithHeaders(httpHeaders));
}
// TODO: Consider whether client credentials is necessary
/* POST https://api.authorization-server.com/token
* grant_type=client_credentials&
* client_id=CLIENT_ID&
* client_secret=CLIENT_SECRET */
//public async Task<IActionResult> Post(ClientCredentialTokenRequest request)
//{
// // TODO: get application by client id
// ConnectionModel connection = new ConnectionModel();
// return Token(connection);
//}
public JsonResult Token(Connection connection)
{
DateTime expiry = DateTime.UtcNow.AddDays(7);
JsonWebToken token = new JsonWebToken
{
access_token = _tokenProvider.CreateToken(connection, expiry),
expires_in = 60 * 60 * 24 * 7
};
return(new JsonResult(token));
}
private object LoginUser(UserInfoDto user)
{
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
claims.AddRange(user.Roles.Select(x => new Claim(ClaimTypes.Role, x)));
var identity = new ClaimsIdentity(claims, JwtBearerDefaults.AuthenticationScheme);
string token = _tokenProvider.CreateToken(identity);
return(new { id = user.Id, access_token = token });
}
public IActionResult CreateToken([FromBody] User userLogin)
{
var user = _unitOfWork.User.ValidateUser(userLogin.NickName, userLogin.Password);
if (user == null)
{
return(Unauthorized(new UnauthorizedAccessException("Wrong Nickname or password, check the credential values")));
}
return(Ok(new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480 //life time of the token on minutes
}));
}
public JsonWebToken Post([FromBody] Users userLogin)
{
var user = _unitOfWork.User.ValidateUser(userLogin.Email, userLogin.Password);
if (user == null)
{
return(null);
}
var token = new JsonWebToken {
AccessToken = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(1)),
ExpiresIn = 60
};
return(token);
}
public JsonWebToken Post([FromBody] User userLogin)
{
var user = _logic.validateUser(userLogin.Email, userLogin.Password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480//minutos
};
return(token);
}
public JsonWebToken Post([FromBody] User userLogin)
{
var user = _unitOfWork.User.ValidateUser(userLogin.Email, userLogin.Password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken {
AccessToken = _tokenProvider.CreateToken(user, DateTime.Now.AddHours(4)),
ExpiresIn = 240 //minutes
};
return(token);
}
public IActionResult Post(TerceroUsuarioRequest usuarioRequest)
{
var user = new TerceroUsuarioValidarService(this._unitOfWork).
ValidarTerceroUsuario(usuarioRequest);
if (user == null)
{
return(Unauthorized("El usuario y la contraseña " +
"no fueron reconocidos"));
}
return(Ok(new JsonWebToken
{
AccessToken = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
ExpiresIn = 480
}));
}
public JsonWebToken Post([FromBody] User userLogin)
{
var user = _unitOfWork.User.ValidateUser(userLogin.Email, userLogin.Password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)), //Create the Token and it will expire in 8 hours
Expires_in = 480 // 8 hours express in minutes
};
return(token);
}
public JSonWebToken Post([FromBody] User UserLogin)
{
var user = _unitOfWork.User.ValidateUser(UserLogin.Email, UserLogin.Password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JSonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddMinutes(30)),
Expires_in = 30
};
return(token);
}
public IActionResult Authenticate([FromBody] UserLoginModel userParam)
{
var cmd = Request.ToCommand(userParam, true);
var user = _userService.Authenticate(cmd);
if (user == null)
{
_logger.Warn("Invalid login attempt for user: "******"Username or password is incorrect" }));
}
user.Token = _tokenProvider.CreateToken(user, _appSettings.JWTSecret);
_logger.Info("Logged in user: " + userParam.Username);
return(Ok(user));
}
public JsonWebToken Post(UserLogin login)
{
var user = _work.RepositoryUser.ValidateUser(login.Email, login.Password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480
};
return(token);
}
public JsonWebToken Post([FromBody] Ah_Usuarios userLogin)
{
var user = _unitOfWork.Ah_Usuarios.uspValidateUser(userLogin.UserName, userLogin.Password);
if (user == null || user.IdUsuario == "")
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(3)),
Expires_in = 180 //minutes
};
return(token);
}
public IActionResult Post([FromBody] SystemUser userLogin)
{
try
{
SystemUser user = null;
if (userLogin.External)
{
ExternalUser externalUser = _unitOfWork.ExternalUser.ValidateUserPassword(userLogin.Login, userLogin.Password);
if (externalUser != null)
{
user = new SystemUser
{
Id = externalUser.Id,
FirstName = externalUser.FirstName,
LastName = externalUser.LastName,
FullName = externalUser.FirstName + " " + externalUser.LastName,
Roles = "external"
};
}
}
else
{
user = _unitOfWork.User.ValidateUserPassword(userLogin.Login, userLogin.Password);
}
if (user == null)
{
return(StatusCode(500, "Los datos de usuario y contraseña no concuerdan"));
}
if (!userLogin.External)
{
string detail = string.Format("Login correcto usuario: {0}", user.FirstName + " " + user.LastName);
Audit.InsertAudit(_unitOfWork, "F", user.Id, "I", detail);
}
return(Ok(new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480 //minutes
}));
}
catch (Exception ex)
{
//throw new Exception(ex.Message);
return(StatusCode(500, "Internal server error: " + ex.Message));
}
}
public JsonWebToken Post([FromBody] Usuario user)
{
ResultadoModel <Usuario, JsonWebToken> model = new ResultadoModel <Usuario, JsonWebToken>();
user = _logic.ValidarUsuario(user.Identificacion, user.Contrasena);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480//minutes
};
return(token);
}
public JsonWebToken Post(User userLogin)
{
// obtener el usuario de BD
var user = _unit.Users.ValidaterUser(userLogin.Email, userLogin.Password);
if (user == null)
{
throw new UnauthorizedAccessException("Usuario no autorizado");
}
// el usuario es válido, entonces generamos el token
var token = new JsonWebToken
{
Access_Token = _tokenProvider.CreateToken(userLogin, DateTime.UtcNow.AddHours(8)),
Expires_In = 8 * 3600
};
return(token);
}
public JsonWebToken Post([FromBody] Login userLogin)
{
var user = VerificarPassword(userLogin.Email, userLogin.Password);
//var user = _unitOfWork.Cliente.ValidarCliente(userLogin.Email, password);
if (user == null)
{
throw new UnauthorizedAccessException();
}
var token = new JsonWebToken
{
AccessToken = _tokenProvider.CreateToken(user, DateTime.UtcNow.AddHours(8)),
Expires_in = 480
};
return(token);
}
