public AuthService(IdeContext context, IMapper mapper, JWTFactory jwtFactory, ILogger <AuthService> logger) { _context = context; _jwtFactory = jwtFactory; _mapper = mapper; _logger = logger; }
public async Task T2_CheckLoginWithToken() { // Arrange _factory.CreateClient(); // need to create a client for the server property to be available var server = _factory.Server; var connection1 = await StartConnectionAsync(server.CreateHandler()); var connection2 = await StartConnectionAsync(server.CreateHandler()); // Act var loginWithNameRes = await connection1.InvokeAsync <LoginResponse>("LoginWithName", "David GUETTA"); await connection1.StopAsync(); await Task.Delay(500); var jwt = loginWithNameRes.Token; var parsedToken1 = JWTFactory.Parse(jwt); var loginWithTokenRes = await connection2.InvokeAsync <LoginResponse>("LoginWithToken", jwt); await connection2.StopAsync(); // Assert loginWithTokenRes.Success.Should().Be(true); loginWithTokenRes.Name.Should().Be(parsedToken1.Name); var parsedToken2 = JWTFactory.Parse(loginWithTokenRes.Token); parsedToken2.Name.Should().Be(parsedToken1.Name); parsedToken2.Subject.Should().Be(parsedToken1.Subject); }
/// <summary> /// Login the current client with a JWT. /// </summary> /// <param name="jwt">The JWT to login with</param> /// <returns>A LoginResponse with all data</returns> public async Task <LoginResponse> LoginWithToken(string jwt) { var userInfo = getUserInfo(Context); if (userInfo.Value.JwtID != null) { return(new LoginResponse { Success = false }); } if (!_jwtFactory.Verify(jwt)) { return(new LoginResponse { Success = false }); } var parsedToken = JWTFactory.Parse(jwt); if (_revokedTokenIds.Contains(parsedToken.JwtID)) { return(new LoginResponse { Success = false }); } return(await connectUser(Context, parsedToken, jwt)); }
public AdminTasksController(IDAFactory daFactory, JWTFactory jwt, IGluonHostPool hostPool) : base("/admin") { JWTTokenAuthentication.Enable(this, jwt); Get["/tasks"] = _ => { this.DemandAdmin(); using (var da = daFactory.Get) { var offset = Request.Query["offset"]; var limit = Request.Query["limit"]; if (offset == null) { offset = 0; } if (limit == null) { limit = 20; } if (limit > 100) { limit = 100; } var result = da.Tasks.All((int)offset, (int)limit); return(Response.AsPagedList(result)); } }; Post["/tasks/request"] = x => { var task = this.Bind <TaskRequest>(); var taskServer = hostPool.GetByRole(Database.DA.Hosts.DbHostRole.task).FirstOrDefault(); if (taskServer == null) { return(Response.AsJson(-1)); } else { try { var id = taskServer.Call(new RequestTask() { TaskType = task.task_type.ToString(), ParameterJson = JsonConvert.SerializeObject(task.parameter), ShardId = (task.shard_id == null || !task.shard_id.HasValue) ? -1 : task.shard_id.Value }).Result; return(Response.AsJson(id)); }catch (Exception ex) { return(Response.AsJson(-1)); } } }; }
public void T3_VerifyBadJWT() { byte[] key = { 0xDE, 0xAD, 0xBE, 0xEF }; var payload = new JWTPayload { Subject = "24" }; var jwtFactory = new JWTFactory(key); var jwt = jwtFactory.Generate(payload); jwtFactory.Verify(jwt + "deadbeef").Should().BeFalse(); }
public void T2_VerifyGoodJWT() { byte[] key = { 0xDE, 0xAD, 0xBE, 0xEF }; var payload = new JWTPayload { Subject = "24" }; var jwtFactory = new JWTFactory(key); var jwt = jwtFactory.Generate(payload); jwtFactory.Verify(jwt).Should().BeTrue(); }
public void T1_GenerateJWT() { byte[] key = { 0xDE, 0xAD, 0xBE, 0xEF }; var payload = new JWTPayload { Subject = "12" }; var jwtFactory = new JWTFactory(key); var jwt = jwtFactory.Generate(payload); jwt.Should().Be("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMiJ9.YyJFI-9mZc1w-YX3bjPSRr-kJ7nlzPlMNI4cgwm735A"); }
public AdminShardsController(IDAFactory daFactory, JWTFactory jwt) : base("/admin") { JWTTokenAuthentication.Enable(this, jwt); this.Get["/shards"] = _ => { this.DemandAdmin(); using (var db = daFactory.Get()) { var shards = db.Shards.All(); return(Response.AsJson(shards)); } }; }
public void T4_ParseJWT() { byte[] key = { 0xDE, 0xAD, 0xBE, 0xEF }; var payload = new JWTPayload { Subject = "42" }; var jwtFactory = new JWTFactory(key); var jwt = jwtFactory.Generate(payload); var parsed = JWTFactory.Parse(jwt); parsed.Subject.Should().Be("42"); parsed.JwtID.Should().BeNull(); }
public async Task <AccessTokenDTO> GenerateAccessToken(User user) { var refreshToken = JWTFactory.GenerateRefreshToken(); _context.RefreshTokens.Add(new RefreshToken { Token = refreshToken, UserId = user.Id }); await _context.SaveChangesAsync(); var accessToken = await _jwtFactory.GenerateAccessToken(user); return(new AccessTokenDTO(accessToken, refreshToken)); }
public IActionResult Login(string userid, string password) { User user = _repository.GetUser(userid, password); if (user == null) { return(Unauthorized()); } else { JWTFactory authentication = new JWTFactory(); string token = authentication.GenerateTokenForUser(user.UserName, user.UserId); return(Ok(token)); //return Request.CreateResponse(HttpStatusCode.OK, token, Configuration.Formatters.JsonFormatter); } }
public AdminHostsController(IDAFactory daFactory, JWTFactory jwt, IGluonHostPool hostPool) : base("/admin") { JWTTokenAuthentication.Enable(this, jwt); this.Get["/hosts"] = _ => { this.DemandAdmin(); var hosts = hostPool.GetAll(); return(Response.AsJson(hosts.Select(x => new { role = x.Role, call_sign = x.CallSign, internal_host = x.InternalHost, public_host = x.PublicHost, connected = x.Connected, time_boot = x.BootTime }))); }; }
public AdminShardOpController(IDAFactory daFactory, JWTFactory jwt, ApiServer server) : base("/admin/shards") { JWTTokenAuthentication.Enable(this, jwt); DAFactory = daFactory; Server = server; After.AddItemToEndOfPipeline(x => { x.Response.WithHeader("Access-Control-Allow-Origin", "*"); }); Post["/shutdown"] = _ => { this.DemandAdmin(); var shutdown = this.Bind <ShutdownModel>(); var type = ShutdownType.SHUTDOWN; if (shutdown.update) { type = ShutdownType.UPDATE; } else if (shutdown.restart) { type = ShutdownType.RESTART; } //JWTUserIdentity user = (JWTUserIdentity)this.Context.CurrentUser; Server.RequestShutdown((uint)shutdown.timeout, type); return(Response.AsJson(true)); }; Post["/announce"] = _ => { this.DemandModerator(); var announce = this.Bind <AnnouncementModel>(); Server.BroadcastMessage(announce.sender, announce.subject, announce.message); return(Response.AsJson(true)); }; }
public async Task <AccessTokenDTO> RefreshToken(RefreshTokenDTO dto) { var userId = _jwtFactory.GetUserIdFromToken(dto.AccessToken, dto.Key); //get userId from our access token var userEntity = _context.Users .Include(u => u.Avatar) .FirstOrDefault(x => x.Id == userId); //find user with such id if (userEntity == null) { _logger.LogWarning(LoggingEvents.HaveException, $"Not found user"); throw new NotFoundException(nameof(userEntity)); } var rToken = await _context.RefreshTokens.FirstOrDefaultAsync(t => t.Token == dto.RefreshToken && t.UserId == userId); // find such token for user if (rToken == null) { _logger.LogWarning(LoggingEvents.HaveException, $"invalid token"); throw new InvalidTokenException("refresh"); } if (!rToken.IsActive) { _logger.LogWarning(LoggingEvents.HaveException, $"expired refresh token"); throw new ExpiredRefreshTokenException(); } var jwtToken = await _jwtFactory.GenerateAccessToken(userEntity); //generate access token var refreshToken = JWTFactory.GenerateRefreshToken(); //generate random token _context.RefreshTokens.Remove(rToken); // remove previous one _context.RefreshTokens.Add(new RefreshToken //create new token { Token = refreshToken, UserId = userEntity.Id }); await _context.SaveChangesAsync(); return(new AccessTokenDTO(jwtToken, refreshToken)); //send to front generated tokens }
public void Init(NameValueCollection appSettings) { Config = new ApiConfig(); Config.Maintainance = bool.Parse(appSettings["maintainance"]); Config.AuthTicketDuration = int.Parse(appSettings["authTicketDuration"]); Config.Regkey = appSettings["regkey"]; Config.Secret = appSettings["secret"]; Config.UpdateUrl = appSettings["updateUrl"]; Config.CDNUrl = appSettings["cdnUrl"]; Config.NFSdir = appSettings["nfsdir"]; Config.UseProxy = bool.Parse(appSettings["useProxy"]); Config.UpdateID = (appSettings["updateID"] == "") ? (int?)null : int.Parse(appSettings["updateID"]); Config.BranchName = appSettings["branchName"] ?? "beta"; // new smtp config vars if (appSettings["smtpHost"] != null && appSettings["smtpUser"] != null && appSettings["smtpPassword"] != null && appSettings["smtpPort"] != null) { Config.SmtpEnabled = true; Config.SmtpHost = appSettings["smtpHost"]; Config.SmtpUser = appSettings["smtpUser"]; Config.SmtpPassword = appSettings["smtpPassword"]; Config.SmtpPort = int.Parse(appSettings["smtpPort"]); } JWT = new JWTFactory(new JWTConfiguration() { Key = System.Text.UTF8Encoding.UTF8.GetBytes(Config.Secret) }); DAFactory = new MySqlDAFactory(new Database.DatabaseConfiguration() { ConnectionString = appSettings["connectionString"] }); Shards = new Shards(DAFactory); Shards.AutoUpdate(); }
public void Init(NameValueCollection appSettings) { Config = new ApiConfig(); Config.Maintainance = bool.Parse(appSettings["maintainance"]); Config.AuthTicketDuration = int.Parse(appSettings["authTicketDuration"]); Config.Regkey = appSettings["regkey"]; Config.Secret = appSettings["secret"]; Config.UpdateUrl = appSettings["updateUrl"]; Config.NFSdir = appSettings["nfsdir"]; JWT = new JWTFactory(new JWTConfiguration() { Key = System.Text.UTF8Encoding.UTF8.GetBytes(Config.Secret) }); DAFactory = new MySqlDAFactory(new Database.DatabaseConfiguration() { ConnectionString = appSettings["connectionString"] }); Shards = new Shards(DAFactory); Shards.AutoUpdate(); }
public async Task T1_CheckLoginWithName() { // Arrange _factory.CreateClient(); // need to create a client for the server property to be available var server = _factory.Server; var connection1 = await StartConnectionAsync(server.CreateHandler()); var connection2 = await StartConnectionAsync(server.CreateHandler()); // Act var login11 = await connection1.InvokeAsync <LoginResponse>("LoginWithName", "David GUETTA"); var login12 = await connection1.InvokeAsync <LoginResponse>("LoginWithName", "John DOE"); var login21 = await connection2.InvokeAsync <LoginResponse>("LoginWithName", "Polo"); await connection1.StopAsync(); await connection2.StopAsync(); // Assert login11.Success.Should().Be(true); login11.Name.Should().Be("David GUETTA"); var parsedToken = JWTFactory.Parse(login11.Token); parsedToken.Name.Should().Be("David GUETTA"); parsedToken.Subject.Should().NotBeNullOrWhiteSpace(); // if a user is already connected, we won't accept a new login attempt login12.Success.Should().Be(false); var parsedToken2 = JWTFactory.Parse(login21.Token); // the subject must be different for every user parsedToken2.Subject.Should().NotBe(parsedToken.Subject); }
public CitySelectorController(IDAFactory DAFactory, ApiServerConfiguration config, JWTFactory jwt, IShardsDomain shardsDomain) : base("/cityselector") { JsonWebToken.JWTTokenAuthentication.Enable(this, jwt); var str = GetServerVersion(); var split = str.LastIndexOf('-'); VersionName = str; if (split != -1) { VersionName = str.Substring(0, split); VersionNumber = str.Substring(split + 1); } try { using (var file = File.Open("updateUrl.txt", FileMode.Open, FileAccess.Read, FileShare.ReadWrite)) { var reader = new StreamReader(file); DownloadURL = reader.ReadLine(); reader.Close(); } } catch (Exception) { DownloadURL = ""; // couldn't find info from the watchdog } //Take the auth ticket, establish trust and then create a cookie (reusing JWT) this.Get["/app/InitialConnectServlet"] = _ => { var ticketValue = this.Request.Query["ticket"]; var version = this.Request.Query["version"]; if (ticketValue == null) { return(Response.AsXml(new XMLErrorMessage(ERROR_MISSING_TOKEN_CODE, ERROR_MISSING_TOKEN_MSG))); } using (var db = DAFactory.Get()) { var ticket = db.AuthTickets.Get((string)ticketValue); if (ticket == null) { return(Response.AsXml(new XMLErrorMessage(ERROR_MISSING_TOKEN_CODE, ERROR_MISSING_TOKEN_MSG))); } db.AuthTickets.Delete((string)ticketValue); if (ticket.date + config.AuthTicketDuration < Epoch.Now) { return(Response.AsXml(new XMLErrorMessage(ERROR_EXPIRED_TOKEN_CODE, ERROR_EXPIRED_TOKEN_MSG))); } /** Is it a valid account? **/ var user = db.Users.GetById(ticket.user_id); if (user == null) { return(Response.AsXml(new XMLErrorMessage(ERROR_MISSING_TOKEN_CODE, ERROR_MISSING_TOKEN_MSG))); } //Use JWT to create and sign an auth cookies var session = new JWTUserIdentity() { UserID = user.user_id, UserName = user.username }; var token = jwt.CreateToken(session); return(Response.AsXml(new UserAuthorized() { FSOBranch = VersionName, FSOVersion = VersionNumber, FSOUpdateUrl = DownloadURL }) .WithCookie("fso", token.Token)); } }; //Return a list of the users avatars this.Get["/app/AvatarDataServlet"] = _ => { this.RequiresAuthentication(); var user = (JWTUserIdentity)this.Context.CurrentUser; var result = new XMLList <AvatarData>("The-Sims-Online"); using (var db = DAFactory.Get()) { var avatars = db.Avatars.GetSummaryByUserId(user.UserID); foreach (var avatar in avatars) { result.Add(new AvatarData { ID = avatar.avatar_id, Name = avatar.name, ShardName = shardsDomain.GetById(avatar.shard_id).Name, HeadOutfitID = avatar.head, BodyOutfitID = avatar.body, AppearanceType = (AvatarAppearanceType)Enum.Parse(typeof(AvatarAppearanceType), avatar.skin_tone.ToString()), Description = avatar.description, LotId = avatar.lot_id, LotName = avatar.lot_name, LotLocation = avatar.lot_location }); } } return(Response.AsXml(result)); }; this.Get["/app/ShardSelectorServlet"] = _ => { this.RequiresAuthentication(); var user = (JWTUserIdentity)this.Context.CurrentUser; var shardName = this.Request.Query["shardName"]; var avatarId = this.Request.Query["avatarId"]; if (avatarId == null) { //Using 0 to mean no avatar for CAS avatarId = "0"; } using (var db = DAFactory.Get()) { ShardStatusItem shard = shardsDomain.GetByName(shardName); if (shard != null) { var tryIP = Request.Headers["X-Forwarded-For"].FirstOrDefault(); if (tryIP != null) { tryIP = tryIP.Substring(tryIP.LastIndexOf(',') + 1).Trim(); } var ip = tryIP ?? this.Request.UserHostAddress; uint avatarDBID = uint.Parse(avatarId); if (avatarDBID != 0) { var avatar = db.Avatars.Get(avatarDBID); if (avatar == null) { //can't join server with an avatar that doesn't exist return(Response.AsXml(new XMLErrorMessage(ERROR_AVATAR_NOT_FOUND_CODE, ERROR_AVATAR_NOT_FOUND_MSG))); } if (avatar.user_id != user.UserID || avatar.shard_id != shard.Id) { //make sure we own the avatar we're trying to connect with LOG.Info("SECURITY: Invalid avatar login attempt from " + ip + ", user " + user.UserID); return(Response.AsXml(new XMLErrorMessage(ERROR_AVATAR_NOT_YOURS_CODE, ERROR_AVATAR_NOT_YOURS_MSG))); } } var ban = db.Bans.GetByIP(ip); if (ban != null || db.Users.GetById(user.UserID)?.is_banned != false) { return(Response.AsXml(new XMLErrorMessage(ERROR_BANNED_CODE, ERROR_BANNED_MSG))); } /** Make an auth ticket **/ var ticket = new ShardTicket { ticket_id = Guid.NewGuid().ToString().Replace("-", ""), user_id = user.UserID, avatar_id = avatarDBID, date = Epoch.Now, ip = ip }; db.Users.UpdateConnectIP(ticket.user_id, ip); db.Shards.CreateTicket(ticket); var result = new ShardSelectorServletResponse(); result.PreAlpha = false; result.Address = shard.PublicHost; result.PlayerID = user.UserID; result.Ticket = ticket.ticket_id; result.ConnectionID = ticket.ticket_id; result.AvatarID = avatarId; return(Response.AsXml(result)); } else { return(Response.AsXml(new XMLErrorMessage(ERROR_SHARD_NOT_FOUND_CODE, ERROR_SHARD_NOT_FOUND_MSG))); } } }; //Get a list of shards (cities) this.Get["/shard-status.jsp"] = _ => { var result = new XMLList <ShardStatusItem>("Shard-Status-List"); var shards = shardsDomain.All; foreach (var shard in shards) { var status = Protocol.CitySelector.ShardStatus.Down; /*switch (shard.Status) * { * case Database.DA.Shards.ShardStatus.Up: * status = Protocol.CitySelector.ShardStatus.Up; * break; * case Database.DA.Shards.ShardStatus.Full: * status = Protocol.CitySelector.ShardStatus.Full; * break; * case Database.DA.Shards.ShardStatus.Frontier: * status = Protocol.CitySelector.ShardStatus.Frontier; * break; * case Database.DA.Shards.ShardStatus.Down: * status = Protocol.CitySelector.ShardStatus.Down; * break; * case Database.DA.Shards.ShardStatus.Closed: * status = Protocol.CitySelector.ShardStatus.Closed; * break; * case Database.DA.Shards.ShardStatus.Busy: * status = Protocol.CitySelector.ShardStatus.Busy; * break; * }*/ result.Add(shard); } return(Response.AsXml(result)); }; }
public RegistrationController(IDAFactory daFactory, JWTFactory jwt, ApiServerConfiguration config) : base("/userapi/registration") { JWTTokenAuthentication.Enable(this, jwt); DAFactory = daFactory; After.AddItemToEndOfPipeline(x => { x.Response.WithHeader("Access-Control-Allow-Origin", "*"); }); //Create a new user Post["/"] = x => { var user = this.Bind <RegistrationModel>(); var tryIP = Request.Headers["X-Forwarded-For"].FirstOrDefault(); if (tryIP != null) { tryIP = tryIP.Substring(tryIP.LastIndexOf(',') + 1).Trim(); } var ip = tryIP ?? Request.UserHostAddress; user.username = user.username ?? ""; user.username = user.username.ToLowerInvariant(); user.email = user.email ?? ""; user.key = user.key ?? ""; string failReason = null; if (user.username.Length < 3) { failReason = "user_short"; } else if (user.username.Length > 24) { failReason = "user_long"; } else if (!USERNAME_VALIDATION.IsMatch(user.username ?? "")) { failReason = "user_invalid"; } else if ((user.password?.Length ?? 0) == 0) { failReason = "pass_required"; } if (failReason != null) { return(Response.AsJson(new RegistrationError() { error = "bad_request", error_description = failReason })); } bool isAdmin = false; if (config.Regkey != null && config.Regkey != user.key) { return(Response.AsJson(new RegistrationError() { error = "key_wrong", error_description = failReason })); } var passhash = PasswordHasher.Hash(user.password); using (var da = daFactory.Get) { //has this ip been banned? var ban = da.Bans.GetByIP(ip); if (ban != null) { return(Response.AsJson(new RegistrationError() { error = "registration_failed", error_description = "ip_banned" })); } //has this user registered a new account too soon after their last? var now = Epoch.Now; var prev = da.Users.GetByRegisterIP(ip); if (now - (prev.FirstOrDefault()?.register_date ?? 0) < REGISTER_THROTTLE_SECS) { //cannot create a new account this soon. return(Response.AsJson(new RegistrationError() { error = "registration_failed", error_description = "registrations_too_frequent" })); } //TODO: is this ip banned? var userModel = new User { username = user.username, email = user.email, is_admin = isAdmin, is_moderator = isAdmin, user_state = UserState.valid, register_date = now, is_banned = false, register_ip = ip, last_ip = ip }; var authSettings = new UserAuthenticate { scheme_class = passhash.scheme, data = passhash.data }; try { var userId = da.Users.Create(userModel); authSettings.user_id = userId; da.Users.CreateAuth(authSettings); userModel = da.Users.GetById(userId); if (userModel == null) { throw new Exception("Unable to find user"); } return(Response.AsJson(userModel)); } catch (Exception) { return(Response.AsJson(new RegistrationError() { error = "registration_failed", error_description = "user_exists" })); } } }; }
public AdminUsersController(IDAFactory daFactory, JWTFactory jwt) : base("/admin") { JWTTokenAuthentication.Enable(this, jwt); this.DAFactory = daFactory; this.After.AddItemToEndOfPipeline(x => { x.Response.WithHeader("Access-Control-Allow-Origin", "*"); }); //Get information about me, useful for the admin user interface to disable UI based on who you login as this.Get["/users/current"] = _ => { this.RequiresAuthentication(); JWTUserIdentity user = (JWTUserIdentity)this.Context.CurrentUser; using (var da = daFactory.Get()) { var userModel = da.Users.GetById(user.UserID); if (userModel == null) { throw new Exception("Unable to find user"); } return(Response.AsJson <User>(userModel)); } }; //Get the attributes of a specific user this.Get["/users/{id}"] = parameters => { this.DemandModerator(); using (var da = daFactory.Get()) { var userModel = da.Users.GetById((uint)parameters.id); if (userModel == null) { throw new Exception("Unable to find user"); } return(Response.AsJson <User>(userModel)); } }; //List users this.Get["/users"] = _ => { this.DemandModerator(); using (var da = daFactory.Get()) { var offset = this.Request.Query["offset"]; var limit = this.Request.Query["limit"]; if (offset == null) { offset = 0; } if (limit == null) { limit = 20; } if (limit > 100) { limit = 100; } var result = da.Users.All((int)offset, (int)limit); return(Response.AsPagedList <User>(result)); } }; //Create a new user this.Post["/users"] = x => { this.DemandModerator(); var user = this.Bind <UserCreateModel>(); if (user.is_admin) { //I need admin claim to do this this.DemandAdmin(); } using (var da = daFactory.Get()) { var userModel = new User(); userModel.username = user.username; userModel.email = user.email; userModel.is_admin = user.is_admin; userModel.is_moderator = user.is_moderator; userModel.user_state = UserState.valid; userModel.register_date = Epoch.Now; userModel.is_banned = false; var userId = da.Users.Create(userModel); userModel = da.Users.GetById(userId); if (userModel == null) { throw new Exception("Unable to find user"); } return(Response.AsJson <User>(userModel)); } return(null); }; }
public AdminOAuthController(IDAFactory daFactory, JWTFactory jwt) : base("/admin/oauth") { Post["/token"] = _ => { var grant_type = Request.Form["grant_type"]; if (grant_type == "password") { var username = Request.Form["username"]; var password = Request.Form["password"]; using (var da = daFactory.Get) { var user = da.Users.GetByUsername(username); if (user == null || user.is_banned || !(user.is_admin || user.is_moderator)) { return(Response.AsJson(new OAuthError { error = "unauthorized_client", error_description = "user_credentials_invalid" })); } var authSettings = da.Users.GetAuthenticationSettings(user.user_id); var isPasswordCorrect = PasswordHasher.Verify(password, new PasswordHash { data = authSettings.data, scheme = authSettings.scheme_class }); if (!isPasswordCorrect) { return(Response.AsJson(new OAuthError { error = "unauthorized_client", error_description = "user_credentials_invalid" })); } var identity = new JWTUserIdentity { UserName = user.username }; var claims = new List <string>(); if (user.is_admin || user.is_moderator) { claims.Add("moderator"); } if (user.is_admin) { claims.Add("admin"); } identity.Claims = claims; identity.UserID = user.user_id; var token = jwt.CreateToken(identity); return(Response.AsJson(new OAuthSuccess { access_token = token.Token, expires_in = token.ExpiresIn })); } } return(Response.AsJson(new OAuthError { error = "invalid_request", error_description = "unknown grant_type" })); }; }
public AuthenticateController(JWTFactory factory, IAuthenticationService authenticationService) { _factory = factory; _authenticationService = authenticationService; }