/// <summary>
/// 构造函数
/// </summary>
/// <param name="jwtTokenProvider"></param>
/// <param name="repository"></param>
public AuthController(JwtBearerConfig jwtBearerConfig, JwtTokenProvider jwtTokenProvider, IRepository <Users, string> repository, ILogger logger)
{
_jwtBearerConfig = jwtBearerConfig;
_jwtTokenProvider = jwtTokenProvider;
_repository = repository;
_logger = logger;
}
public UserService(IUserRepository repository,
UnitOfWork unitOfWork,
JwtTokenProvider jwtTokenProvider) : base(unitOfWork)
{
this.jwtTokenProvider = jwtTokenProvider;
this.repository = repository;
}
public ContractController(IConfiguration config, IServiceClient serviceClient)
{
_baseUri = config.GetValue <string>("Api:ContractUri");
_serviceClient = serviceClient;
_serviceClient.SetApiKey(config.GetValue <string>("Api:ContractApiKey"));
_jwtTokenProvider = new JwtTokenProvider(config);
}
public OrderController(IConfiguration config, IServiceClient serviceClient)
{
_baseUri = config.GetValue <string>("Api:OrderUri");
_orderTypeBaseUri = config.GetValue <string>("Api:OrderTypeUri");
_serviceClient = serviceClient;
_jwtTokenProvider = new JwtTokenProvider(config);
}
public async Task <ActionResult> Detail(int?id, bool partial = false)
{
UserModel user = JwtTokenProvider.GetUserModel(Request.Cookies["token"].Value);
var audits = await _prepareService.GetAudits(id);
if (!audits.Any())
{
return(HttpNotFound());
}
var audit = audits.First();
if (!user.Roles.Any(r => (new[] { KnownRoles.Administrator, KnownRoles.Supervisor, KnownRoles.Documentalist }.Contains(r))) && audit.AuditorId != user.UserId && !audit.Inspection.InspectionSteps.Any(s => s.InspectorId == user.UserId))
{
return(RedirectToAction("Index", new { userId = user.UserId, partial = partial }));
}
var inspection = await _prepareService.GetInspection(audit.InspectionId);
var inspectionSteps = InspectionController.GetInspectionStepAndChilds(inspection, inspection.Publication.PublishedActions.Distinct()
.OrderBy(a => a.WBSParts, new WBSPartsComparer()).ToList());
var anomalies = await _prepareService.GetAnomalies(audit.InspectionId);
var model = AuditMapper.ToAuditViewModel(audits.FirstOrDefault());
model.Inspection = InspectionMapper.ToInspectionViewModel(inspection, inspectionSteps, anomalies.ToList());
if (partial)
{
return(PartialView(model));
}
return(View(model));
}
public JwtController(IConfiguration config, IDigidClient digidClient)
{
_config = config;
_jwtTokenProvider = new JwtTokenProvider(config);
_digidCgi = new DigidCgi(config, digidClient);
_auditLogger = Log4NetLogManager.AuditLogger;
}
public async Task <ActionResult> Detail(int id, bool partial = false)
{
UserModel user = JwtTokenProvider.GetUserModel(Request.Cookies["token"].Value);
var usersRolesLanguages = await _applicationUsersService.GetUsersAndRolesAndLanguages();
var qualification = await _prepareService.GetQualification(id);
if (!user.Roles.Any(r => (new[] { KnownRoles.Administrator, KnownRoles.Supervisor, KnownRoles.Evaluator, KnownRoles.Trainer, KnownRoles.Documentalist }.Contains(r))) && qualification.UserId != user.UserId)
{
return(RedirectToAction("Index", new { userId = user.UserId, partial = partial }));
}
// Retrieve all the action of the publication
var actionSorted = qualification.Publication.PublishedActions.Distinct()
.OrderBy(a => a.WBSParts, new WBSPartsComparer())
.ToList();
var qualificationSteps = GetQualificationStepAndChilds(qualification, actionSorted);
var trainingPublications = await _prepareService.GetTrainingPublications(new[] { qualification.PublicationId });
var qualificationManageViewModel = QualificationMapper.ToQualificationViewModel(
qualification, qualificationSteps, usersRolesLanguages.Users.ToList(), trainingPublications);
if (partial)
{
return(PartialView(qualificationManageViewModel));
}
return(View(qualificationManageViewModel));
}
/// <summary>
/// Verify ans creare an audit if possible
/// </summary>
/// <param name="InspectionId"></param>
/// <param name="SurveyId"></param>
/// <returns></returns>
public async Task <JsonResult> VerifyAndCreateAudit(int InspectionId, int SurveyId)
{
try
{
UserModel user = JwtTokenProvider.GetUserModel(Request.Cookies["token"].Value);
var result = await _prepareService.GetActiveAudit(user.UserId);
if (result != null)
{
return(Json(new { verified = false }, JsonRequestBehavior.AllowGet));
}
var newAudit = new Audit
{
SurveyId = SurveyId,
AuditorId = user.UserId,
InspectionId = InspectionId,
StartDate = DateTime.Now
};
var audit = await _prepareService.SaveAudit(newAudit);
return(Json(new { verified = true }, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
var message = string.Join(" | ", ModelState.Values
.SelectMany(v => v.Errors)
.Select(e => e.ErrorMessage));
return(Json(new { verified = false, message = ex.Message }, JsonRequestBehavior.AllowGet));
}
}
public HttpResponseMessage RefreshToken()
{
var oldToken = Request.Headers.Contains("token") ? Request.Headers.GetValues("token").FirstOrDefault() : null;
var response = Request.CreateResponse(System.Net.HttpStatusCode.OK, false);
if (string.IsNullOrEmpty(oldToken))
{
return(response);
}
response = Request.CreateResponse(System.Net.HttpStatusCode.OK, false);
var requestSource = Request.Headers.Contains("RequestSource") ? Request.Headers.GetValues("RequestSource") : null;
var audience = JwtTokenProvider.DesktopAudience;
if (requestSource.Contains("App : KL²"))
{
audience = JwtTokenProvider.DesktopAudience;
}
else if (requestSource.Contains("App : Web"))
{
audience = JwtTokenProvider.WebAudience;
}
else
{
audience = JwtTokenProvider.TabletAudience;
}
response.Headers.Add("token", JwtTokenProvider.RegenerateAccessToken(audience, oldToken));
return(response);
}
public override Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
if (!(actionContext.Request.GetDependencyScope().GetService(typeof(ISecurityContext)) is ISecurityContext securityContext))
{
return(Task.CompletedTask);
}
var principal = actionContext.RequestContext.Principal;
var identity = principal?.Identity as ClaimsIdentity;
string username = identity?.Name;
if (string.IsNullOrEmpty(username))
{
return(Task.CompletedTask);
}
if (actionContext.Request.Headers.Authorization == null)
{
return(Task.CompletedTask);
}
var usermodel = JwtTokenProvider.GetUserModel(actionContext.Request.Headers.Authorization.Parameter);
securityContext.CurrentUser = new SecurityUser(User.FromUserModel(usermodel));
if (actionContext.Request.GetDependencyScope().GetService(typeof(ILocalizationManager)) is ILocalizationManager localizationManager)
{
localizationManager.CurrentCulture = new CultureInfo(usermodel.CurrentLanguageCode ?? usermodel.DefaultLanguageCode);
}
return(Task.CompletedTask);
}
internal PersonService(JwtTokenProvider jwtTokenProvider, IServiceClient serviceClient, IConfiguration config)
{
_baseUri = config.GetValue <string>("Api:BrpUri");
_jwtTokenProvider = jwtTokenProvider;
_serviceClient = serviceClient;
_serviceClient.SetApiKey(config.GetValue <string>("Api:BrpApiKey"));
}
public void LoadServices(MainActivity activity)
{
try
{
var sqliteConnectionManager = new SQLiteConnectionManager();
var httpClientManager = new Services.Mock.MockAuthorizationManager(sqliteConnectionManager);
activity.AuthorizationManager = httpClientManager;
var mapper = new DetailsMapper();
var passwordManager = new PasswordManager();
var unitofWork = new UnitOfWork(sqliteConnectionManager, mapper, passwordManager);
var migrator = new DemoMigrator(sqliteConnectionManager, passwordManager);
migrator.Migrate();
var jwtTokenProvider = new JwtTokenProvider(activity.AppSettings);
activity.PersistenceProvider = new PersistenceProvider();
activity.RoleManager = new RoleManager();
activity.AttributeService = new Services.Mock.AttributeService(unitofWork);
activity.AuthService = new Services.Mock.AuthService(unitofWork, jwtTokenProvider, passwordManager);
activity.CityService = new Services.Mock.CityService(unitofWork);
activity.CounterpartyService = new Services.Mock.CounterpartyService(unitofWork);
activity.InvoiceService = new Services.Mock.InvoiceService(unitofWork);
activity.HLocationService = new Services.Mock.LocationService(unitofWork);
activity.NoteService = new Services.Mock.NoteService(unitofWork);
activity.ProductService = new Services.Mock.ProductService(unitofWork);
activity.RoleService = new Services.Mock.RoleService(unitofWork);
activity.HUserService = new Services.Mock.UserService(unitofWork);
}
catch (System.Exception ex)
{
}
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var cookie = httpContext.Request.Cookies.AllKeys.Contains("token") ? httpContext.Request.Cookies["token"] : null;
if (cookie == null)
{
return(false);
}
var token = cookie.Value;
if (string.IsNullOrEmpty(token))
{
return(false);
}
var tokenIsValid = JwtTokenProvider.IsValid(token);
if (!tokenIsValid)
{
return(false);
}
var userModel = JwtTokenProvider.GetUserModel(token);
foreach (var role in allowedroles)
{
if (userModel.Roles.Any(r => r == role))
{
return(true);
}
}
return(false);
}
public PartialViewResult LanguageChoose()
{
var model = new LanguageChoose();
//model.CurrentLanguageCode = JwtTokenProvider.GetUserModelCurrentLanguage(Request.Cookies["token"].Value);
model.CurrentLanguageCode = JwtTokenProvider.GetUserModelCurrentLanguage(HttpContext.Request.Cookies["token"].Value);
return(PartialView(model));
}
public LoginController(IConfiguration configuration)
{
_configuration = configuration;
_jwtTokenProvider = new JwtTokenProvider(_configuration);
_authUser = new AuthUser();
_success = true;
_unsuccessful = !_success;
}
public AuthenticationController(UsersRepository usersRepository,
JwtTokenProvider tokenProvider,
PhoneNumberValidator phoneNumberValidator)
{
this.usersRepository = usersRepository;
this.tokenProvider = tokenProvider;
this.phoneNumberValidator = phoneNumberValidator;
}
public IActionResult SignOut()
{
var correlationId = JwtTokenProvider.GetCorrelationIdForLogging(HttpContext.User);
_auditLogger.Info("Gebruiker uitgelogd", correlationId);
return(Ok());
}
public JsonResult ChangeCurrentLanguage(string languageCode)
{
var userModel = JwtTokenProvider.GetUserModel(HttpContext.Request.Cookies["token"].Value);
userModel.CurrentLanguageCode = languageCode;
Response.SetAuthorizationCookie(userModel);
return(Json(new { changed = true }, JsonRequestBehavior.AllowGet));
}
public RefreshTokenController(IConfiguration configuration)
{
_configuration = configuration;
_jwtTokenProvider = new JwtTokenProvider(_configuration);
_authUser = new AuthUser();
_success = true;
_unsuccessful = !_success;
_usersBLL = new UsersBLL();
}
public async Task CreateTokenAsync_Creates_Token()
{
var provider = new JwtTokenProvider();
var secret = "1234567812345678";
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
var createTokenResult = await provider.CreateTokenAsync(null, secretKey, null, null);
createTokenResult.Token.Should().NotBeNullOrWhiteSpace();
}
public void When_Given_ClaimsPrincipal_Return_JWT()
{
// Assign
#region TokenProviderOptions
var secretKey = "A very secret key123!!!";
var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey));
var audience = "TestAudience";
var issuer = "TestIssuer";
var expiration = TimeSpan.FromMinutes(5);
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
IOptions <TokenProviderOptions> tokenProviderOptions = Options.Create
(
new TokenProviderOptions
{
Audience = audience,
Expiration = expiration,
Issuer = issuer,
SigningCredentials = signingCredentials,
}
);
#endregion
#region DateTimeFactoryMock
var dateTimeOffset = new DateTimeOffset(2017, 02, 10, 11, 11, 12, TimeSpan.FromMinutes(0));
var dateTimeFactoryMock = new Mock <IDateTimeFactory>();
dateTimeFactoryMock.Setup(m => m.DateTimeOffset).Returns(dateTimeOffset);
#endregion
#region ClaimsPrincipal
var user = new User
{
DisplayName = "Oskar",
IsAdmin = true,
Username = "******",
};
var authOptions = Options.Create(new LdapConfig());
var authService = new LdapAuthenticationService(authOptions);
var authProvider = new AuthenticationProvider(authService);
var userClaimsPrincipal = authProvider.GetClaimsPrincipal(user);
#endregion
#region JwtSecurityTokenHandler
var handler = new JwtSecurityTokenHandler();
#endregion
var jwtTokenProvider = new JwtTokenProvider(tokenProviderOptions, dateTimeFactoryMock.Object);
// Act
var encodedToken = jwtTokenProvider.GenerateToken(userClaimsPrincipal);
var jwt = handler.ReadJwtToken(encodedToken.accessToken);
// Assert
Assert.True(jwt.Claims.SingleOrDefault(c => c.Type == "displayName").Value == "Oskar");
Assert.True(jwt.Claims.SingleOrDefault(c => c.Type == JwtRegisteredClaimNames.Iat).Value == dateTimeOffset.ToUnixTimeSeconds().ToString());
}
public static void SetAuthorizationCookie(this HttpResponseBase response, UserModel userModel)
{
var jwtToken = JwtTokenProvider.GenerateAccessToken(JwtTokenProvider.WebAudience, userModel);
var cookie = new HttpCookie("token", jwtToken)
{
Expires = userModel.RememberMe ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddMinutes(30)
};
response.SetCookie(cookie);
}
public AccountController(
UserManager <IdentityUser> userManager,
SignInManager <IdentityUser> signInManager,
ILoggerFactory loggerFactory,
JwtTokenProvider tokenProvider)
{
this.userManager = userManager;
this.signInManager = signInManager;
this.tokenProvider = tokenProvider;
logger = loggerFactory.CreateLogger <AccountController>();
}
private static JwtTokenProvider GetNewProvider()
{
var optionsA = new Mock <IOptions <JwtTokenProviderOptions> >();
optionsA.Setup(a => a.Value).Returns(new JwtTokenProviderOptions()
{
Secret = Guid.NewGuid().ToString()
});
var providerA = new JwtTokenProvider(optionsA.Object, new NullLogger <JwtTokenProvider>());
return(providerA);
}
public OrderController(IConfiguration config, IServiceClient serviceClient)
{
_baseUri = config.GetValue <string>("Api:OrderUri");
_orderTypeBaseUri = config.GetValue <string>("Api:OrderTypeUri");
_webResourceBaseUri = config.GetValue <string>("Api:WebResourceUri");
_addressBaseUri = config.GetValue <string>("Api:AddressUri");
_serviceClient = serviceClient;
_serviceClient.SetApiKey(config.GetValue <string>("Api:OrderApiKey"));
_jwtTokenProvider = new JwtTokenProvider(config);
_personService = new PersonService(_jwtTokenProvider, serviceClient, config);
_cachedPersonsNames = new Dictionary <string, string>();
}
public Task CreateTokenAsync_When_Key_Too_Short_Throws_Exception()
{
var minLength = 16;
var tooShortKey = new String('a', minLength - 1);
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tooShortKey));
var provider = new JwtTokenProvider();
Func <Task> createToken = async() => await provider.CreateTokenAsync(null, secretKey, null, null);
createToken.ShouldThrow <ArgumentOutOfRangeException>();
return(Task.FromResult(0));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMemoryCache();
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
//add database based localization
services.AddSqlLocalization(options =>
{
var conString = Configuration["ConnectionStrings:ConnectionString"];
options.ConnectionString = conString;
});
//Enable JWTToken validation and Authentication
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearerPerTenant((options, tenant) =>
{
var settings = new JwtTokenSettings
{
SigningKey = tenant.SigningKey,
Issuer = tenant.HostName,
Audience = tenant.TenantName
};
var provider = new JwtTokenProvider(settings);
options.TokenValidationParameters = provider.GetTokenValidationParameters();
});
//Enable Scope based authorization
services.AddAuthorization();
services.AddSingleton <IAuthorizationPolicyProvider, ScopeAuthorizationPolicyProvider>();
services.AddSingleton <IAuthorizationHandler, ScopeAuthorizationHandler>();
services.AddMvc().AddJsonOptions(options =>
options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver());
services.Configure <RequestLocalizationOptions>(options =>
{
var supportedCultures = new List <CultureInfo>
{
new CultureInfo("en-US"),
new CultureInfo("ne-NP")
};
options.DefaultRequestCulture = new RequestCulture(supportedCultures.First());
options.SupportedCultures = supportedCultures;
options.SupportedUICultures = supportedCultures;
});
//Register repository and business services
Register(services);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
ITraceManager traceManager = DependencyResolver.Current.GetService(typeof(ITraceManager)) as ITraceManager;
try
{
IAuthenticationService authenticationService = DependencyResolver.Current.GetService(typeof(IAuthenticationService)) as IAuthenticationService;
ISecurityContext securityContext = DependencyResolver.Current.GetService(typeof(ISecurityContext)) as ISecurityContext;
ILocalizationManager localizationManager = DependencyResolver.Current.GetService(typeof(ILocalizationManager)) as ILocalizationManager;
if (securityContext == null)
{
traceManager.TraceWarning($"Security context can be retrieve from Unity. Skipping ..");
return;
}
/*IPrincipal principal = filterContext.HttpContext.User;
* ClaimsIdentity identity = principal?.Identity as ClaimsIdentity;
* string username = identity?.Name;
* if (string.IsNullOrEmpty(username))
* {
* traceManager.TraceWarning($"Claim username not found. Skipping ..");
* return;
* }*/
var user = JwtTokenProvider.GetUserModel(filterContext.HttpContext.Request.Cookies["token"].Value);
securityContext.CurrentUser = new SecurityUser(new User
{
Username = user.Username,
Firstname = user.Firstname,
Name = user.Name,
RoleCodes = user.Roles.ToList()
});
localizationManager.CurrentCulture = new CultureInfo(JwtTokenProvider.GetUserModelCurrentLanguage(filterContext.HttpContext.Request.Cookies["token"].Value));
filterContext.Controller.ViewBag.LicenseExpired = Task.Run(() => LicenseMapper.CheckLicenseIsExpired()).Result;
//Refresh cookie if not idle
filterContext.HttpContext.Response.SetAuthorizationCookie(user);
//traceManager.TraceDebug($"Current user set to {username} inside security context");
base.OnActionExecuting(filterContext);
}
catch (Exception ex)
{
traceManager.TraceError(ex, $"Error while setting action context...");
}
}
public async Task Invoke(HttpContext context)
{
try
{
await _next(context);
}
catch (Exception exception)
{
var calledUrl = context.Request.GetDisplayUrl();
var correlationId = JwtTokenProvider.GetCorrelationIdForLogging(context.User);
Log4NetLogManager.ErrorLogger.Error($"Onverwachte fout bij het opvragen van URL '{calledUrl}'", correlationId, exception);
throw;
}
}
async Task <JwtToken> CreateTokenAsync(TokenRequestArgs args)
{
//sign and return access token along with refresh token
var settings = new JwtTokenSettings
{
SigningKey = _tenant.SigningKey,
Issuer = _tenant.HostName,
Audience = _tenant.TenantName
};
var provider = new JwtTokenProvider(settings);
var token = await provider.SignAsync(args.username, null);
token.refresh_token = args.refresh_token;
return(token);
}
