public async Task <AccessTokenModel> Get(ClaimsPrincipal identity) { if (!identity.IsAuthenticated()) { return(new AccessTokenModel()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, identity.FindFirstValue(ClaimTypes.NameIdentifier)), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, _jwtOptions.IssuedAt.ToUnixEpochDate().ToString(), ClaimValueTypes.Integer64), identity.FindFirst(ClaimTypes.Name) }.Concat(identity.FindAll(ClaimTypes.Role)).Where(x => x != null).ToArray(); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( _jwtOptions.Issuer, _jwtOptions.Audience, claims, _jwtOptions.NotBefore, _jwtOptions.Expiration, _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new AccessTokenModel { Token = encodedJwt, Expiration = _jwtOptions.Expiration }; return(response); }
public async Task <string> GenerateEncodedToken(string id, string userName, IEnumerable <string> roles, IEnumerable <string> roleClaims = null) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, id), new Claim(JwtRegisteredClaimNames.UniqueName, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), }; foreach (var role in roles) { claims.Add(new Claim(ClaimTypes.Role, role)); } if (roleClaims != null) { foreach (var rolecClaime in roleClaims) { claims.Add(new Claim(CustomClaimTypes.Permission, rolecClaime)); } } // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
public async Task <string> GenerateEncodedToken(string email, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, email), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(JwtConstants.Strings.JwtClaimIdentifiers.RolAdmin), identity.FindFirst(JwtConstants.Strings.JwtClaimIdentifiers.RolUser), identity.FindFirst(JwtConstants.Strings.JwtClaimIdentifiers.Id) }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( _jwtOptions.Issuer, _jwtOptions.Audience, claims, _jwtOptions.NotBefore, _jwtOptions.Expiration, _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Rol), identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Id) }; // Create the JWT security token and encode it. var user = await _userManager.FindByNameAsync(userName); var roles = await _userManager.GetRolesAsync(user); var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials ); jwt.Payload.Add("roles", roles); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
private async Task <string> GenerateToken(User user, IList <string> roles) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()), new Claim(ClaimTypes.Name, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), }; var roleClaims = roles.Select(r => new Claim(ClaimTypes.Role, r)); claims.AddRange(roleClaims); JwtSecurityToken jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials ); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
private async Task <string> CreateToken(ApplicationUser currentUser) { var roles = await _userManager.GetRolesAsync(currentUser); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, currentUser.Id.ToString()), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ConvertToUnixTimestamp(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), new Claim(ClaimTypes.NameIdentifier, currentUser.Id.ToString()) }; foreach (var role in roles) { claims.Add(new Claim(ClaimTypes.Role, role)); } // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity) { if (string.IsNullOrEmpty(userName)) { throw new ArgumentNullException(); } if (identity == null) { throw new ArgumentNullException(); } //Defailt claims for JWT var claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64) }; claims.AddRange(identity.Claims); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity) { IdentityOptions _option = new IdentityOptions(); var userbyname = _userManager.FindByNameAsync(userName).Result; var userrole = _userManager.GetRolesAsync(userbyname).Result; var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, userName, JwtRegisteredClaimNames.Acr, userrole.FirstOrDefault()), new Claim(JwtRegisteredClaimNames.Typ, userrole.FirstOrDefault()), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), //new Claim(_option.ClaimsIdentity.RoleClaimType, userrole.FirstOrDefault()), identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Rol), identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Id), new Claim(_option.ClaimsIdentity.RoleClaimType, userrole.FirstOrDefault()), }; AddRolesToClaims(claims, userrole); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <string> GenerateEncodedToken(string emailAddress, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, emailAddress), new Claim(JwtRegisteredClaimNames.Jti, await JwtIssuerOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(JwtIssuerOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(JwtClaimIdentifiers.Rol), identity.FindFirst(JwtClaimIdentifiers.Id) }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: JwtIssuerOptions.NotBefore, expires: JwtIssuerOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); string encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
private async Task <string> ProductedMimeoOAToken(string userName) { var identity = await GetClaimsIdentity(userName); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _jwtOptions.Subject), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("MimeoUser") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); // Serialize and return the response //var response = new //{ // access_token = encodedJwt, // expires_in = (int)_jwtOptions.ValidFor.TotalSeconds //}; //var json = JsonSerializationHelper.Seialize(response); //return json; }
private async Task <JwtSecurityToken> CreateToken(Model.User userFound) { var claims = new List <Claim> { new Claim(PrivateClaims.UserId, userFound.Id.ToString()), new Claim(JwtRegisteredClaimNames.Sub, userFound.Login), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64 ) }; if (!String.IsNullOrEmpty(userFound.Roles)) { userFound.Roles.Split(' ').ToList().ForEach(roleName => claims.Add(new Claim(PrivateClaims.Roles, roleName))); } return(new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials )); }
private async Task <TokenVm> GenerateTokenRequest(User user, ClaimsIdentity identity) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64) }; foreach (var claim in identity.Claims) { claims.Add(claim); } // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( _jwtOptions.Issuer, _jwtOptions.Audience, claims, _jwtOptions.NotBefore, _jwtOptions.Expiration, _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var token = new TokenVm { ExpiresAt = DateTimeOffset.UtcNow.AddSeconds((int)_jwtOptions.ValidFor.TotalSeconds), Token = encodedJwt, Email = user.Email }; return(token); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(Constants.Strings.JwtClaimIdentifiers.Id) }; var currAllClaims = claims.Union(identity.FindAll(ClaimTypes.Role)); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: currAllClaims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity) { List <Claim> permissions = new List <Claim>(); permissions.AddRange(identity.Claims.Select(claim => claim).Where(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Permission)); List <Claim> roles = new List <Claim>(); roles.AddRange(identity.Claims.Select(claim => claim).Where(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Role)); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(ClaimTypes.Name, userName), identity.FindFirst(Constants.Strings.JwtClaimIdentifiers.Id), }; claims.AddRange(permissions); claims.AddRange(roles); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, // Audience cannot be null claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <string> GenerateEncodedToken(Command request, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, request.UserName), new Claim("full_name", request.Employee.FullName), new Claim("employee_id", request.Employee.Id.ToString()), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, Extensions.ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(ClaimTypes.Role) }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials ); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <JObject> Get([FromBody] Login applicationUser) { var identity = await GetClaimsIdentity(applicationUser); if (identity == null) { _logger.LogInformation($"Invalid username ({applicationUser.Username}) or password ({applicationUser.Password})"); return(null); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, identity.Name), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("MentorAPI") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds, State = 1, expire_datetime = _jwtOptions.IssuedAt }; var json = JsonConvert.SerializeObject(response, _serializerSettings); // remeber to change this in order to run it more optimally Dictionary <string, object> parameters = new Dictionary <string, object>(); parameters.Add("Email", applicationUser.Email); parameters.Add("Password", applicationUser.Password); Login u = new Login().SearchDocument(parameters)[0]; /////////////////////////////////////////////////////// dynamic jsonObject = new JObject(); HttpContext.Session.SetString("token", response.access_token); HttpContext.Session.SetString("type", u.AccountType); HttpContext.Session.SetString("username", u.Username); jsonObject.token = response.access_token; jsonObject.type = u.AccountType; jsonObject.username = u.Username; return(jsonObject); }
public async Task <ActionResult> Login([FromBody] DTO.LoginModel loginModel) { // Depuis ASP.NET Core 2.1, ces deux lignes sont superflues. // En effet, le framework prend en charge le retour d'une erreur 400 // incluant le détail de cette dernière si la validation ne s'est pas bien déroulée. // Il est possible de désactiver ce mode de fonctionnement. Pour plus d'informations, voir https://docs.microsoft.com/en-us/aspnet/core/web-api/index?view=aspnetcore-2.1#automatic-http-400-responses // if (!ModelState.IsValid) // return BadRequest(ModelState); var repository = new AuthenticationRepository(); Model.User userFound = repository.GetUsers().FirstOrDefault(user => user.UserName == loginModel.UserName && user.Password == loginModel.Password); if (userFound == null) { return(Unauthorized()); } var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, userFound.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), new Claim(PrivateClaims.UserId, userFound.Id.ToString()) }; // rappel: le token est configurable. On y ajoute ce que l'on veut comme claims! // un ensemble de nom de claims est "réservé" (voir JwtRegisteredClaimNames) // le reste est utilisable à loisir! Voir classe PrivateClaims par exemple. if (userFound.Roles != null) { userFound.Roles.ToList().ForEach(roleName => claims.Add(new Claim("roles", roleName))); } //IEnumerable<string> roles = await _userManager.GetRolesAsync(user); JwtSecurityToken token = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials ); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(token); // Sérialisation et retour var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; return(Ok(response)); }
public static async Task <List <Claim> > GenerateClaimsForUserAsync(UserIdentity user, ClaimsIdentity identity, JwtIssuerOptions options) { return(new List <Claim>() { new Claim(JwtRegisteredClaimNames.Sub, user.Username), new Claim(JwtRegisteredClaimNames.Jti, await options.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, DateTimeHelper.ToUnixEpochDate(options.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(user.Username) }); }
public async Task <IActionResult> Get([FromQuery] string username, [FromQuery] string password) { var hashedPassword = _tokenizer.GetSHA1HashData(password); var jwtUser = new JwtUser { UserName = username, Password = hashedPassword }; var foundUser = _dbContext.JwtUsers.Where(u => u.UserName == username && u.Password == hashedPassword).FirstOrDefault(); if (foundUser == null) { _logger.LogInformation($"Invalid username ({username}) or password ({password})"); return(BadRequest("Invalid credentials")); } var identity = await GetClaimsIdentity(jwtUser, foundUser); if (identity == null) { _logger.LogInformation($"Invalid username ({username}) or password ({password})"); return(BadRequest("Missing credentials")); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, jwtUser.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("Academy.MentorsCharacter") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { api_key = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <IActionResult> Register([FromBody] UserViewModel user) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } User _newUser = Mapper.Map <UserViewModel, User>(user); _newUser.Salt = StringHash.SaltGen(); _newUser.Confirmation = _newUser.Salt; _newUser.isConfirmed = false; _newUser.Password = StringHash.GetHash(_newUser.Password + _newUser.Salt); _userRepository.Add(_newUser); await _userRepository.Commit(); var callbackUrl = "http://localhost:58969/" + Url.Action("Confirmation", "Customer", new { UserId = _newUser.Id, Code = _newUser.Confirmation }); await _mailSender.SendEmail(_newUser.Email, "Confirm your account", $"Please confirm your account by clicking this link: <a href='{callbackUrl}'>link</a>"); var identity = new ClaimsIdentity( new GenericIdentity(_newUser.UserName, "Token"), new[] { new Claim("Username", _newUser.UserName) }); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _newUser.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("Username") }; var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var result = new { Status = "Registration Success", Confirmed = false, access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalDays }; var json = JsonConvert.SerializeObject(result, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <IActionResult> Get([FromBody] ApplicationUser applicationUser) { var dbUser = _tokenService.GetUserByUserName(applicationUser.UserName); var identity = await GetClaimsIdentity(applicationUser, dbUser); if (identity == null) { _logger.LogInformation($"Invalid username ({applicationUser.UserName}) or password ({applicationUser.Password})"); Response.StatusCode = 401;//(Invalid credentials) return(Json(new { data = new object(), Message = "Invalid credentials", StatusCode = 401 })); //return BadRequest("Invalid credentials"); } var claims = new[] { new Claim("UserID", dbUser.Id.ToString()), new Claim("RoleID", dbUser.RoleID.ToString()), new Claim("UserName", dbUser.UserName.ToString()), new Claim("OrganizationID", dbUser.OrganizationID.ToString()), new Claim(JwtRegisteredClaimNames.Sub, applicationUser.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("HealthCare") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds, data = _tokenService.GetDoctorByUserID(dbUser.Id), }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <string> GenerateEncodedToken(string userName, ClaimsIdentity identity, bool InternalUser = false) { // Creates a JwtSecurityToken with a combination of registered claims (from the jwt spec) Sub, Jti, Iat and two specific to our app: Rol and Id. var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.Now).ToString(), ClaimValueTypes.Integer64), new Claim(JwtRegisteredClaimNames.Exp, ToUnixEpochDate(DateTime.Now.AddMinutes(3)).ToString(), ClaimValueTypes.Integer64), //identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.MHUser), identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Id), }; //var payload = new JwtPayload //{ // {"iss", _jwtOptions.Issuer}, // {"sub", _jwtOptions.Subject}, // {"aud", _jwtOptions.Audience}, // {"exp", _jwtOptions.Expiration}, // {"nbf", _jwtOptions.NotBefore}, // {"iat", _jwtOptions.IssuedAt}, // {"valid_for", _jwtOptions.ValidFor}, // {"unique_name", userName} //}; //var jwt = new JwtSecurityToken(_jwtHeader, payload); //var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, //expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); jwt.Payload["issueAt"] = _jwtOptions.IssuedAt.ToString(); jwt.Payload["expiredOn"] = _jwtOptions.Expiration.ToString(); jwt.Payload["customIssueAt"] = DateTime.Now.ToString(); jwt.Payload["customExpiredOn"] = DateTime.Now.AddMinutes(3).ToString(); if (InternalUser) { jwt.Payload[Helpers.Constants.Strings.JwtClaimIdentifiers.InternalUser] = Helpers.Constants.Strings.JwtClaims.ApiInternalAccess; } else { jwt.Payload[Helpers.Constants.Strings.JwtClaimIdentifiers.Rol] = Helpers.Constants.Strings.JwtClaims.ApiAccess; } var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <IActionResult> Post([FromBody] LoginDTO loginInfo) { if (loginInfo == null || loginInfo.UserName == null) { return(Unauthorized()); } var user = await _userManager.FindByNameAsync(loginInfo.UserName.ToLower()); if (user == null) { return(Unauthorized()); } Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(user, loginInfo.Password, true, false); if (!result.Succeeded) { _logger.LogInformation($"Invalid username ({loginInfo.UserName}) or password ({loginInfo.Password})"); return(BadRequest("Invalid credentials")); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), }; IEnumerable <string> roles = await _userManager.GetRolesAsync(user); IEnumerable <Claim> allClaimsWithRoles = roles.Select(roleName => new Claim("Role", roleName)) .Union(claims); // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: allClaimsWithRoles, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; return(Ok(response)); }
private Claim[] GetClaims(User user) { return(new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Username), new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Jti, _jwtOptions.JtiGenerator().Result), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), new Claim("userID", user.Id.ToString()), new Claim("userDetails", JsonConvert.SerializeObject(user)) }); }
public async Task <List <Claim> > GetJwtClaims(UserDto user) { var claims = new List <Claim>() { new Claim(JwtClaimIdentifiersEnum.Id.ToString(), user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await jwtIssuerOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(jwtIssuerOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64) }; return(await Task.FromResult(claims)); }
private async Task <OkObjectResult> GetClaimsIdentity(IAuthenticable user) { var identity = new ClaimsIdentity(new GenericIdentity(user.UserName, "Token"), new[] { new Claim("RoleId", user.Profile.Role.Id.ToString()) }); var role = "administrador"; if (user.Profile.Role.Id == 3) { role = "resident"; } if (user.Profile.Role.Id == 2) { role = "employee"; } var claims = new[] { new Claim("UserName", user.UserName), new Claim("UserType", user.ToString()), new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("RoleId"), new Claim("roles", role) }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new Token { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); _jwtFactory.JwtTokenLogSuccess(user, json); return(new OkObjectResult(json)); }
public async Task <IActionResult> Get([FromBody] ApplicationUser applicationUser) { var userIdentity = await GetClaimIdentity(applicationUser); if (userIdentity == null) { return(BadRequest("invalid credential")); } var roles = await _userRepository.GetSingleAsync(x => x.UserName == applicationUser.Username, y => y.UserRole); var confirmed = roles.isConfirmed; var roleClaims = new List <Claim>(); foreach (var item in roles.UserRole) { var role = _roleRepository.GetSingle(item.RoleId); roleClaims.Add(new Claim("Roles", role.RoleName)); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, applicationUser.Username), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), userIdentity.FindFirst("Username") }; var claimlist = claims.ToList(); claimlist.AddRange(roleClaims); var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claimlist.AsEnumerable(), notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new { Confirmed = confirmed, access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalDays }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <IActionResult> Login([FromForm] ApplicationUser user) { var identity = await GetClaimsIdentity(user); if (identity == null) { _logger.LogInformation($"Invalid username ({user.UserName}) or password ({user.Password})"); return(BadRequest("Invalid credentials")); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("TaskerUser") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); UserDTO u = repo_.GetUserByCredentials(user.UserName, user.Password); // Serialize and return the response var response = new CredentialsModel { AccessToken = encodedJwt, UserID = u.Id }; var ok = repo_.StartUserSession(response); if (ok) { var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); } else { return(new BadRequestResult()); } }
public async Task <IActionResult> Get([FromQuery] string username, [FromQuery] string password) { if (username == null || password == null) { //string autho = Request.Headers["Authorization"]; //if(autho.Trim().StartsWith()) } var identity = await GetClaimsIdentity(username, password); if (identity == null) { _logger.LogInformation($"Invalid username ({username}) or password ({password})"); return(BadRequest("Invalid credentials")); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, username), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst("RoleJa"), identity.FindFirst("customer_email"), identity.FindFirst("customer_fullname") }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <AccessToken> GenerateEncodedToken(string id, string userName) { var identity = GenerateClaimsIdentity(id, userName); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst(Infrastructure.CrossCutting.Helpers.Constants.Strings.JwtClaimIdentifiers.Rol), identity.FindFirst(Infrastructure.CrossCutting.Helpers.Constants.Strings.JwtClaimIdentifiers.Id) }; // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( _jwtOptions.Issuer, _jwtOptions.Audience, claims, _jwtOptions.NotBefore, _jwtOptions.Expiration, _jwtOptions.SigningCredentials); return(new AccessToken(this.jwtHandler.WriteToken(jwt), (int)_jwtOptions.ValidFor.TotalSeconds)); }