public EkonomiIframePageController(IUserManagementService userManager, IOrganizationUserRepository organizationUserRepository, HttpContextBase httpContext)
{
_userManager = userManager;
_httpContext = httpContext;
_tokenGenerator = new JwtTokenGenerator(ConfigurationManager.AppSettings["EkonomiSsoKey"]);
_organizationUserRepository = organizationUserRepository;
}
public async Task Token()
{
var UserName = Request.Form["username"];
var Password = Request.Form["password"];
JwtTokenGenerator Token = new JwtTokenGenerator(Context, UserName, Password);
var Jwt = Token.GetToken();
if (Token.Identity == null)
{
base.Response.StatusCode = 400;
await base.Response.WriteAsync("Invalid username or password.");
return;
}
var EncodedJwt = new JwtSecurityTokenHandler().WriteToken(Jwt);
var Response = new
{
access_token = EncodedJwt,
username = Token.Identity.Name
};
base.Response.ContentType = "application/json";
await base.Response.WriteAsync(JsonConvert.SerializeObject(Response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
public AuthenticationService(IOptions <AuthenticationOptions> options)
{
_passwordHasher = new PasswordHasher();
_secretKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(options.Value.JwtSecretKey));
_jwtTokenGenerator = new JwtTokenGenerator(_secretKey);
_tokenLifetimeInDays = options.Value.JwtLifetimeInDays;
}
public SessionController(SessionManager sessionManager, AccountManager accountManager,
JwtTokenGenerator tokenGenerator)
{
_sessionManager = sessionManager;
_accountManager = accountManager;
_tokenGenerator = tokenGenerator;
}
public IActionResult GenerateToken(string name = "aspnetcore-workshop-demo", bool admin = false, bool superUser = false, bool user = false, bool guest = false)
{
var jwt = JwtTokenGenerator
.Generate(name, admin, superUser, user, guest, _configuration["Tokens:Issuer"], _configuration["Tokens:Key"]);
return(Ok(new { token = jwt }));
}
public IActionResult SignIn(UserDTO userDTO)
{
try
{
ValidationResult result = _identityService.ValidationPassword(userDTO.Email, userDTO.Password);
if (!result.Succeeded)
{
return(StatusCode(422, "Email or Password is not correct."));
}
// generate a token and return
var user = result.User;
var token = JwtTokenGenerator.GenerateToken(result.User, _appSettings.Issuer, _appSettings.Secret);
return(Ok(new UserDTO()
{
Id = user.Id,
UserName = user.UserName,
Email = user.Email,
Token = token
}));
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public IActionResult SignUp(UserDTO userDTO)
{
try
{
var user = _mapper.Map <User>(userDTO);
user = _identityService.SignUp(user, userDTO.Password);
var token = JwtTokenGenerator.GenerateToken(user, _appSettings.Issuer, _appSettings.Secret);
return(Ok(new UserDTO()
{
Id = user.Id,
UserName = user.UserName,
Email = user.Email,
Token = token
}));
}
catch (DomainException dx)
{
return(Conflict($"This email has already been registered. Detail: {dx.Message}"));
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public IActionResult GetToken(string name = "aspnetcore-workshop-demo", bool admin = false)
{
var jwt = JwtTokenGenerator
.Generate(name, admin, _configuration["Tokens:Issuer"], _configuration["Tokens:Key"]);
return(Ok(jwt));
}
public async Task <Response <AuthResultDto> > Handle(LoginStudentCommand request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user is null)
{
return(Response.Fail <AuthResultDto>("User doesn't exist!"));
}
var passwordIsValid = await _userManager.CheckPasswordAsync(user, request.Password);
if (!passwordIsValid)
{
return(Response.Fail <AuthResultDto>("Password is wrong!"));
}
var userRoles = await _userManager.GetRolesAsync(user);
var role = userRoles.Contains("Admin") ? "Admin" : "Student";
var result = new AuthResultDto
{
Token = JwtTokenGenerator.GenerateToken(user.Email, user.Id,
_jwtSettings.Secret, role)
};
return(Response.Success <AuthResultDto>(result, "Token is created successfully"));
}
public UserController(UserManager <User> userManager, SignInManager <User> signInManager, IConfiguration configuration)
{
_userManager = userManager;
_signInManager = signInManager;
_jwtTokenGenerator = new JwtTokenGenerator(configuration);
}
public void Test2()
{
var tokenGen = new JwtTokenGenerator(
new TokenOptions(
"Me",
"Me2",
new SymmetricSecurityKey(
Encoding.ASCII.GetBytes(
"abcdefghijklmnopqr12345"))));
var tcp = tokenGen.GenerateAccessTokenWithClaimsPrincipal("*****@*****.**",
new[]
{
new Claim(ClaimTypes.GivenName, "FName"),
new Claim(ClaimTypes.Surname, "LName")
});
Assert.True(tcp.ClaimsPrincipal != null);
Assert.True(!string.IsNullOrWhiteSpace(tcp.AccessToken));
Assert.True(tcp.ClaimsPrincipal.FindFirst(ClaimTypes.GivenName).Value == "FName");
Assert.True(tcp.ClaimsPrincipal.FindFirst(ClaimTypes.Surname).Value == "LName");
Assert.True(tcp.AuthProperties != null &&
tcp.AuthProperties.Items.Any() &&
!string.IsNullOrWhiteSpace(tcp.AuthProperties.GetTokenValue(TokenConstants.TokenName)));
}
public UsersApiTests()
{
const string issuer = "http://localhost:49345";
const string key = "some-long-secret-key";
// Must initialize and open Sqlite connection in order to keep in-memory database tables
_connection = new SqliteConnection("DataSource=:memory:");
_connection.Open();
Startup.ConfigureDbContext = (configuration, builder) => builder.UseSqlite(_connection);
var server = new TestServer(new WebHostBuilder()
.UseSetting("Tokens:Issuer", issuer)
.UseSetting("Tokens:Key", key)
.UseStartup <Startup>()
.UseUrls("https://localhost:49345"))
{
BaseAddress = new Uri("https://localhost:49345")
};
// Force creation of InMemory database
var dbContext = server.Services.GetService <TimeTrackerDbContext>();
dbContext.Database.EnsureCreated();
_client = server.CreateClient();
_nonAdminToken = JwtTokenGenerator.Generate(
"aspnetcore-workshop-demo", false, issuer, key);
_adminToken = JwtTokenGenerator.Generate(
"aspnetcore-workshop-demo", true, issuer, key);
}
public AccountController(AccountManager accountManager,
IFileService fileService,
StatsManager statsManager,
AccountFriendManager accountFriendManager,
FriendRequestManager friendRequestManager,
DataContext dataContext,
SessionManager sessionManager,
AccountItemManager accountItemManager,
ShopItemManager shopItemManager,
IImageProcessingService imageProcessingService,
FileManager fileManager,
IOptions <FileOptions> options, JwtTokenGenerator tokenGenerator, NotificationManager notificationManager)
{
_accountManager = accountManager;
_fileService = fileService;
_statsManager = statsManager;
_accountFriendManager = accountFriendManager;
_friendRequestManager = friendRequestManager;
_dataContext = dataContext;
_sessionManager = sessionManager;
_accountItemManager = accountItemManager;
_shopItemManager = shopItemManager;
_imageProcessingService = imageProcessingService;
_fileManager = fileManager;
_tokenGenerator = tokenGenerator;
_notificationManager = notificationManager;
_options = options.Value;
}
public void GenerateJwtToken_ShouldCreate_ValidToken()
{
var token = JwtTokenGenerator.GenerateJwtToken(1, "THIS IS MY VERY LONG TESTING SECRET THAT NO ONE SHOULD KNOW");
Assert.IsType <string>(token);
Assert.NotNull(token);
}
public AccountController(AccountManager accountManager, IEmailService emailService,
FileManager fileManager,
IOptions <EmailVerificationOptions> emailVerificationOptions,
IOptions <ResetPasswordOptions> resetPasswordOptions,
IOptions <FinancialOptions> financialOptions,
IFileService fileService,
IHostingEnvironment hostingEnvironment,
IOptions <FileOptions> fileOptions,
JwtTokenGenerator tokenGenerator,
SessionManager sessionManager,
AccountItemManager accountItemManager,
ShopItemManager shopItemManager,
IImageProcessingService imageProcessingService,
StatsManager statsManager)
{
_accountManager = accountManager;
_emailService = emailService;
_fileManager = fileManager;
_fileService = fileService;
_accountItemManager = accountItemManager;
_shopItemManager = shopItemManager;
_imageProcessingService = imageProcessingService;
_statsManager = statsManager;
_emailVerificationOptions = emailVerificationOptions.Value;
_resetPasswordOptions = resetPasswordOptions.Value;
}
public IActionResult GenerateToken(string name = "dockertalk")
{
var jwt = JwtTokenGenerator
.Generate(name, true, _configuration["Tokens:Issuer"], _configuration["Tokens:Key"]);
return(Ok(jwt));
}
public AccountController(UserRepository userRepository,
SmsService smsService,
JwtTokenGenerator jwtTokenGenerator)
{
_userRepository = userRepository;
_smsService = smsService;
_jwtTokenGenerator = jwtTokenGenerator;
}
public AuthController(SignInManager <User> signInManager, UserManager <User> userManager, KinoContext context, IEncoder encoder, JwtTokenGenerator tokenGenerator)
{
this.signInManager = signInManager;
this.userManager = userManager;
this.context = context;
this.encoder = encoder;
this.tokenGenerator = tokenGenerator;
}
public UserController(UserManager <User> userManager, JwtTokenGenerator tokenGenerator, Json json)
{
Ensure.NotNull(userManager, "userManager");
Ensure.NotNull(tokenGenerator, "tokenGenerator");
Ensure.NotNull(json, "json");
this.userManager = userManager;
this.tokenGenerator = tokenGenerator;
this.json = json;
}
public AuthResponse Authenticate(AuthRequest model)
{
if (_user.Username == model.Username && _user.Password == model.Password)
{
var token = JwtTokenGenerator.Generate(_user, _appSettings.GetValue <string>("SecretKey"));
return(new AuthResponse(_user, token));
}
return(null);
}
public UserService(UserManager <User> userManager, SignInManager <User> signInManager,
IConfiguration configuration, ILogger <UserService> logger)
{
_userManager = userManager;
_signInManager = signInManager;
_configuration = configuration;
_logger = logger;
_jwtTokenGenerator = new JwtTokenGenerator(configuration);
}
public void JwtTokenGenerator_GenerateJwtToken()
{
var claimsIdentity = new ClaimsIdentity();
var tokenManager = new CertificateTokenManager(new FedCertificateDetails());
var jwtTokenGenerator = new JwtTokenGenerator(tokenManager);
var jwtToken = jwtTokenGenerator.GenerateJwtToken(claimsIdentity, 1);
Assert.IsInstanceOfType(jwtToken, typeof(string));
Assert.IsTrue(!string.IsNullOrEmpty(jwtToken));
}
public JwtTokenGeneratorTests()
{
var configuration = new MockConfiguration("none")
{
["Jwt:PrivateKey"] = "MIIEogIBAAKCAQEApTU5T4kF54Eqid0EYfALxYJdz6LAcJxNyXrVa8BFTb9qZyPyBUBNWI6bk/5yjkXgMStb+IwEcIXpMPdoVAY0W7qGsRq7W5W+abOFES4qkgcilhmZONBL0Zeau66qcUPIgt6AJNZqNmmZZ1Swv60u/kuPwlFx2eRCVAJDpTJZZwicVnSELYTHPzbUs24LQaj3ABajZBKtAVRo1giU6s+1Lnl4/v9+yVT5RBzvPcsmjxJeU5JmEt2gDZqEsDmpoeYasEkRsTq8jZNB6a5lVEvwlljktksmUtImcjLvibiRAGjMW86NiiYLjESTEBrKIteKhEH0DoioAoFzUBjapGWKrQIDAQABAoIBAHOZtIqE1M7TQRLKxqBJOdNwj3gU6BdkJ8IN43zMQzJN+IRHULh/8B9BWnfKGhqXpnKBZo+aWhjqeuu6kxQIa2asNEeE7wj81QpdhYUqCru3pmnla6OnjQYR0UH2zGkJBysbygr8xcFhTuhRCIR3CGUENonAN6xB3m+uTeswOgKvj8/873cn7UxeQQTzozXjsYp3f7UfiA0uJySVHV3yUCJFK11Il+NxLvjpdw29ncnxuTUVYR/zZM8uHOOeo5qQ5GvI25iMn+emxOSXxm1m14JISWdc5ejSjBOM2lrxhJ5XCrDNzBJrx/BFKrw78+3yhl3/ns9M9+eY7l2gSg6TxHkCgYEA6GT5zK4SvArj4DKeOAGqmwKHGFhod9pgMMix+8mGmPGy2brXwoCsYKTTISxNH/1pvDGL4i5lh8EGaBxq8ws28mzYfdGnTLzIt9CweaKkIAFkYDTKUO8cTAIDvGDaHJbo6oZvKG87+G4VEtUVziKxivcdN5m0dbooFAGc9VpcD0sCgYEAtf0tDon0fe7qE0/CwAyKaj9Fgfnn4EAS6NJltzmD5J8tD+gIqw5iCvj8EzpobJimkpNhIN0QW4rIw9FicLv44oBZKxU41503e8bQgeCszOb++D5BYFaWzHWPh/goPvpJsXIXdGCj1ZOiVmNJlKLw+XDzwywoZTa3DqMWgkveeucCgYBD2H7pF4TWqyM95+kzFqF1IbbJD75oBzP/6ge0J3CJJD7/u8GTwjcQ++27iJB3n2cIDzr0bHEtwdeZ+3npvMNs4QQPL271Q0QiDeYHjMj3oxBn2eGa4UPUmN34WBo1MIWNOnQnTNooPBMg7V6xUIWeuWgpPFFn8VIUDSiCpL+towKBgA305pmw1sE5q1XjzgmwbIUNaSU4pyG5iDm2uPo+PPExi+EmaFPF/Jre0WYgGpYJduzSxKYijfiXQiJSUnxWzhWAxlXZgMx4UCL78k2jj1z/chpTm+vpeBMiCOnijCOYSkKDf2z7ZFUix1Zcsu3lORnIIcmb/1UTxyImO7muW9eNAoGAd/6epupITJbWItujddk5WtQf1FbCKttEpJzZQV+S9h3ed55QK5wK7kXyTR2LFlPtb+R5ul0oeZwpu0ANNmUcZohTZPCd27mBhFAeGzPjWtA2dcQ0yS+cKPZOZWP/WbQygaX8LsB4lvA0PTTyXeBFb4cyAQNctD1CxpIXOmb7GPo=",
["Jwt:PublicKey"] = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTU5T4kF54Eqid0EYfALxYJdz6LAcJxNyXrVa8BFTb9qZyPyBUBNWI6bk/5yjkXgMStb+IwEcIXpMPdoVAY0W7qGsRq7W5W+abOFES4qkgcilhmZONBL0Zeau66qcUPIgt6AJNZqNmmZZ1Swv60u/kuPwlFx2eRCVAJDpTJZZwicVnSELYTHPzbUs24LQaj3ABajZBKtAVRo1giU6s+1Lnl4/v9+yVT5RBzvPcsmjxJeU5JmEt2gDZqEsDmpoeYasEkRsTq8jZNB6a5lVEvwlljktksmUtImcjLvibiRAGjMW86NiiYLjESTEBrKIteKhEH0DoioAoFzUBjapGWKrQIDAQAB",
["Jwt:ExpireDays"] = "1",
["Jwt:Issuer"] = "testIssuer"
};
_tokenGenerator = new JwtTokenGenerator(configuration);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = AuthOptions.ISSUER,
ValidateAudience = true,
ValidAudience = AuthOptions.AUDIENCE,
ValidateLifetime = true,
IssuerSigningKey = AuthOptions.GetSymmetricSecurityKey(),
ValidateIssuerSigningKey = true,
}
});
RouteBuilder routeBuilder = new RouteBuilder(app);
routeBuilder.MapGet("api/code/{id:int}", context =>
{
if (context.Authentication.HttpContext.User.Identity.IsAuthenticated)
{
var res = AppConfiguration[context.GetRouteValue("id").ToString()];
return(context.Response.WriteAsync(res == null ? (context.Response.StatusCode = 400).ToString()
: $"{AppConfiguration["Codeprefix"]}{DateTime.Now.Month}{DateTime.Now.Year}-{res}"));
}
return(context.Response.WriteAsync((context.Response.StatusCode = 401).ToString()));
});
routeBuilder.MapPost("token/", context =>
{
var token = new JwtTokenGenerator();
var identy = token.GetIdentity(context.Request.Headers["username"], context.Request.Headers["password"]);
if (identy == null)
{
return(context.Response.WriteAsync("Invalid username or password."));;
}
var response = new
{
access_token = token.GenerateToken(identy),
username = identy.Name
};
context.Response.ContentType = "application/json";
return(context.Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
})));
});
app.UseRouter(routeBuilder.Build());
}
public async Task <Response <AuthResultDto> > Handle(RegisterStudentCommand request, CancellationToken cancellationToken)
{
var existingStudent = await _userManager.FindByEmailAsync(request.Email);
if (existingStudent != null)
{
return(Response.Fail <AuthResultDto>($"User with this email ({request.Email} already exists)"));
}
var schoolClass = await _context.SchoolClasses.AsNoTracking()
.SingleOrDefaultAsync(c => c.Id == request.SchoolClassId, cancellationToken);
if (schoolClass is null)
{
return(Response.Fail <AuthResultDto>(
$"In our school we don't have class with Id#{request.SchoolClassId}"));
}
try
{
var newUser = _mapper.Map <Student>(request);
newUser.AbsentMarkCount = 0;
newUser.NormalizedEmail = request.Email.ToUpper();
var ph = new PasswordHasher <Student>();
newUser.PasswordHash = ph.HashPassword(newUser, request.Password);
newUser.SchoolClassId = request.SchoolClassId;
await _context.Students.AddAsync(newUser, cancellationToken);
var isAdded = await _context.SaveChangesAsync(cancellationToken);
if (isAdded == 0)
{
return(Response.Fail <AuthResultDto>("Problem occured while creating user entity"));
}
await _userManager.AddToRoleAsync(newUser, "Student");
var result = new AuthResultDto
{
Token = JwtTokenGenerator.GenerateToken(newUser.Email, newUser.Id,
_jwtSettings.Secret, "Student")
};
return(Response.Success <AuthResultDto>(result, "Token is created successfully"));
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
}
public AuthController(UserRepository userRepository,
PermissionRepository permissionRepository,
CompanyRepository companyRepository,
IPasswordHasher <UserEntity> passwordHasher,
JwtTokenGenerator jwtTokenGenerator,
ILogger <AuthController> logger)
{
_userRepository = userRepository;
this.permissionRepository = permissionRepository;
this.companyRepository = companyRepository;
_logger = logger;
_passwordHasher = passwordHasher;
_jwtTokenGenerator = jwtTokenGenerator;
}
public async Task <ActionResult <AuthenticateResponseDto> > AuthenticateAsync(AuthenticateRequestDto model)
{
var request = _mapper.Map <AuthenticateRequest>(model);
var response = await _userService.AuthenticateAsync(request);
if (response == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
response.Token = JwtTokenGenerator.GenerateJwtToken(response.Id, _appSettings.Secret);
return(Ok(_mapper.Map <AuthenticateResponseDto>(response)));
}
public AccountController(
JwtTokenGenerator jwtTokenGenerator,
UserManager <User> userManager,
SignInManager <User> signInManager,
IUserRepository userRepository,
IMediator mediator
)
{
_userManager = userManager;
_jwtTokenGenerator = jwtTokenGenerator;
_userRepository = userRepository;
_signInManager = signInManager;
_mediator = mediator;
}
public GamesApiTests()
{
const string issuer = "http://localhost:49194";
const string key = "some-long-secret-key";
var server = new TestServer(new WebHostBuilder()
.UseStartup <Startup>()
.UseSetting("Tokens:Issuer", issuer)
.UseSetting("Tokens:Key", key));
_client = server.CreateClient();
_nonAdminToken = JwtTokenGenerator.Generate("mscommunity", false, issuer, key);
_adminToken = JwtTokenGenerator.Generate("mscommunity", true, issuer, key);
}
public IActionResult Refresh([FromBody] RefreshToken authorizationHeader)
{
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.ReadJwtToken(authorizationHeader.Refresh);
if (token.ValidTo >= DateTime.UtcNow)
{
var accessToken = JwtTokenGenerator.Create(DateTime.UtcNow.AddSeconds(accessTokenLifetime), "access");
accessTokenRequestCount++;
return this.Ok(new
{
access = accessToken,
});
}
return this.Unauthorized(new { Error = "Wrong refresh token" });
}
