// The Method is used to generate token for user when user is authentic. public string GenerateTokenForUser(string userName, int userId) { var signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(communicationKey)); var now = DateTime.UtcNow; var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(signingKey, System.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature, System.IdentityModel.Tokens.SecurityAlgorithms.Sha256Digest); var claimsIdentity = new ClaimsIdentity(new List <Claim>() { new Claim(ClaimTypes.Name, userName), new Claim(ClaimTypes.NameIdentifier, userId.ToString()), }, "Custom"); var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { //AppliesToAddress = "http://www.example.com", //TokenIssuerName = "self", Issuer = "self", Expires = DateTime.MaxValue, Subject = claimsIdentity, SigningCredentials = signingCredentials, //Lifetime = new Lifetime(now, now.AddYears(1)), }; var tokenHandler = new JwtSecurityTokenHandler(); var plainToken = tokenHandler.CreateToken(securityTokenDescriptor); var signedAndEncodedToken = tokenHandler.WriteToken(plainToken); return(signedAndEncodedToken); }
public models.SecurityToken Authenticate(string email, string password) { var user = _users.SingleOrDefault(x => x.Email == email && x.Password == password); // return null if user not found if (user == null) { return(null); } // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("id", user.Id.ToString()), new Claim("firstName", user.FirstName), new Claim("lastName", user.LastName), new Claim("email", user.Email), new Claim("profilePicture", user.ProfilePicture) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var jwtSecurityToken = tokenHandler.WriteToken(token); return(new models.SecurityToken() { Auth_token = jwtSecurityToken }); }
public string IssueToken(Microsoft.AspNetCore.Authentication.AuthenticationTicket data) { System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); System.DateTime now = System.DateTime.UtcNow; Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor desc = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { //Subject = new System.Security.Claims.ClaimsIdentity(claimList), Subject = (System.Security.Claims.ClaimsIdentity)data.Principal.Identity, Issuer = this.m_validationParameters.ValidIssuer, //SecurityConstants.TokenIssuer, Audience = this.m_validationParameters.ValidAudience, // SecurityConstants.TokenAudience, IssuedAt = now, Expires = now.AddMinutes(this.m_tokenLifetimeMinutes), NotBefore = now.AddTicks(-1), SigningCredentials = this.m_signingCredentials }; // System.IdentityModel.Tokens.Jwt.JwtSecurityToken tok = // tokenHandler.CreateJwtSecurityToken(desc); // // tok.Header.Add("jti", "foo"); // // tok.Payload.Add("jti", "foobar"); // System.Console.WriteLine(tok.Id); // string tokk = tok.ToString(); // System.Console.WriteLine(tokk); return(tokenHandler.CreateEncodedJwt(desc)); } // End Function IssueToken
public string PublishToken(string userName, string password, int epireTime, int notBeforeTime) { var hmac = new HMACSHA256(); var key = Convert.ToBase64String(hmac.Key); var symmetricKey = Convert.FromBase64String(key); var tokenHandler = new JwtSecurityTokenHandler(); var now = DateTime.Now; var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Email, userName), new Claim(ClaimTypes.Hash, password), }), NotBefore = now.AddMinutes(Convert.ToInt32(notBeforeTime)), Expires = now.AddMinutes(Convert.ToInt32(epireTime)), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(symmetricKey), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var stoken = tokenHandler.CreateToken(tokenDescriptor); var token = tokenHandler.WriteToken(stoken); return(token); }
public override System.IdentityModel.Tokens.SecurityToken CreateToken(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) { Utility.VerifyNonNullArgument("tokenDescriptor", tokenDescriptor); if (tokenDescriptor.SigningCredentials == null) { throw new System.ArgumentException("tokenDescriptor.SigningCredentials cannot be null"); } if (tokenDescriptor.Subject == null) { throw new System.ArgumentException("tokenDescriptor.Subject cannot be null"); } if (string.IsNullOrEmpty(tokenDescriptor.TokenIssuerName)) { throw new System.ArgumentException("tokenDescriptor.TokenIssuerName cannot be null"); } System.DateTime dateTime = System.DateTime.UtcNow; System.DateTime validTo = DateTimeUtil.Add(dateTime, System.TimeSpan.FromHours(1.0)); if (tokenDescriptor.Lifetime != null) { if (tokenDescriptor.Lifetime.Created.HasValue) { dateTime = DateTimeUtil.ToUniversalTime(tokenDescriptor.Lifetime.Created.Value); } if (tokenDescriptor.Lifetime.Expires.HasValue) { validTo = DateTimeUtil.ToUniversalTime(tokenDescriptor.Lifetime.Expires.Value); } } System.Collections.Generic.List <JsonWebTokenClaim> list = new System.Collections.Generic.List <JsonWebTokenClaim>(); foreach (Claim current in tokenDescriptor.Subject.Claims) { list.Add(new JsonWebTokenClaim(current.ClaimType, current.Value)); } return(new JsonWebSecurityToken(tokenDescriptor.TokenIssuerName, this.GetAppliesTo(tokenDescriptor), dateTime, validTo, list, tokenDescriptor.SigningCredentials)); }
private string IssueJwtToken(System.IdentityModel.Tokens.Jwt.JwtSecurityToken aadToken) { var msKey = GetTokenSignKey(); var msSigningCredentials = new Microsoft.IdentityModel.Tokens .SigningCredentials(msKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature); var claimsIdentity = new System.Security.Claims.ClaimsIdentity(new List <Claim>() { new Claim(ClaimTypes.NameIdentifier, "*****@*****.**"), new Claim(ClaimTypes.Role, "admin"), }, "MassRover.Authentication"); var msSecurityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Audience = "massrover.client", Issuer = "massrover.authservice", Subject = claimsIdentity, Expires = DateTime.UtcNow.AddHours(8), SigningCredentials = msSigningCredentials }; var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var plainToken = tokenHandler.CreateToken(msSecurityTokenDescriptor); var signedAndEncodedToken = tokenHandler.WriteToken(plainToken); return(signedAndEncodedToken); }
public async Task <ApplicationUser> Authenticate(LoginViewModel loginViewModel) { var result = await _applicationSignInManager.PasswordSignInAsync(loginViewModel.Username, loginViewModel.Password, false, false); if (result.Succeeded) { var applicationUser = await _applicationUserManager.FindByNameAsync(loginViewModel.Username); applicationUser.PasswordHash = null; var tokenHandler = new JwtSecurityTokenHandler(); var key = System.Text.Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, applicationUser.Id), new Claim(ClaimTypes.Email, applicationUser.Email) }), Expires = DateTime.UtcNow.AddHours(8), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); applicationUser.Token = tokenHandler.WriteToken(token); return(applicationUser); } else { return(null); } }
public static string generateToken(us user, Main setings) { byte[] key = Encoding.ASCII.GetBytes(setings.key); var securitykey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key: key); var alguritm = Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature; var creatioal = new Microsoft.IdentityModel.Tokens.SigningCredentials(securitykey, alguritm); var tokendiscriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new System.Security.Claims.ClaimsIdentity (new[] { new System.Security.Claims.Claim(nameof(user.lastname), user.lastname), new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name, user.firstname), new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Email, user.email), new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.NameIdentifier, user.id.ToString()), }), Expires = DateTime.UtcNow.AddMinutes(setings.timeOut), SigningCredentials = creatioal, }; var tokenHandled = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); Microsoft.IdentityModel.Tokens.SecurityToken securitytoken = tokenHandled.CreateToken(tokendiscriptor); string token = tokenHandled.WriteToken(securitytoken); return(token); }
public ActionResult <User> Login([FromBody] User user) { if (user.Name != "Dinesh" || user.Password != "123456") { return(NotFound()); } else { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jwtSettings.SecretKey); var tokenDescriptior = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Name) }), Expires = DateTime.UtcNow.AddMinutes(2), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials( new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptior); user.Token = tokenHandler.WriteToken(token); return(user); } }
protected virtual string GetAppliesTo(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) { if (string.IsNullOrEmpty(tokenDescriptor.AppliesToAddress)) { throw new System.ArgumentException("tokenDescriptor.AppliesToAddress cannot be null"); } return(tokenDescriptor.AppliesToAddress); }
public async Task <ApplicationUser> Register(RegisterViewModel signUpViewModel) { var applicationUser = new ApplicationUser(); applicationUser.UserName = signUpViewModel.Name; applicationUser.Email = signUpViewModel.Email; applicationUser.CountryId = signUpViewModel.CountryId; applicationUser.StateId = signUpViewModel.StateId; applicationUser.CityId = signUpViewModel.CityId; applicationUser.Role = "Employee"; var result = await userManager.CreateAsync(applicationUser, signUpViewModel.Password); if (result.Succeeded) { if ((await userManager.AddToRoleAsync(await userManager.FindByNameAsync(signUpViewModel.Email), "Employee")).Succeeded) { var result2 = await signInManager.PasswordSignInAsync(signUpViewModel.Email, signUpViewModel.Password, false, false); if (result2.Succeeded) { //token var tokenHandler = new JwtSecurityTokenHandler(); var key = System.Text.Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, applicationUser.Id), new Claim(ClaimTypes.Email, applicationUser.Email), new Claim(ClaimTypes.Role, applicationUser.Role) }), Expires = DateTime.UtcNow.AddHours(8), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); applicationUser.Token = tokenHandler.WriteToken(token); return(applicationUser); } else { return(null); } } else { return(null); } } else { return(null); } }
public static string GenerateJwtToken(Models.User user, string secretKey) { // Generate token that is valid for 8 hours var key = System.Text.Encoding.ASCII.GetBytes(secretKey); var symmetricSecurityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key: key); var securityAlgorithm = Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature; var signingCredentials = new Microsoft.IdentityModel.Tokens .SigningCredentials(key: symmetricSecurityKey, algorithm: securityAlgorithm); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new System.Security.Claims.ClaimsIdentity (new[] { new System.Security.Claims.Claim (type: "LastName", value: user.LastName), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.Name, value: user.Username), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.Email, value: user.EmailAddress), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.NameIdentifier, value: user.Id.ToString()), }), Expires = System.DateTime.UtcNow.AddHours(8), SigningCredentials = signingCredentials, }; var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor: tokenDescriptor); string tokenString = tokenHandler.WriteToken(token: token); return(tokenString); }
public static Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor Convert(SecurityTokenDescriptor tokenDescriptor) { v1SecurityTokenDescriptor v1TokenDescriptor = new v1SecurityTokenDescriptor(); if (tokenDescriptor.AppliesToAddress != null) { v1TokenDescriptor.AppliesToAddress = tokenDescriptor.AppliesToAddress; } if (tokenDescriptor.AttachedReference != null) { v1TokenDescriptor.AttachedReference = tokenDescriptor.AttachedReference; } if (tokenDescriptor.AuthenticationInfo != null) { v1TokenDescriptor.AuthenticationInfo = Convert(tokenDescriptor.AuthenticationInfo); } if (tokenDescriptor.Lifetime != null) { v1TokenDescriptor.Lifetime = new Microsoft.IdentityModel.Protocols.WSTrust.Lifetime(tokenDescriptor.Lifetime.Created, tokenDescriptor.Lifetime.Expires); } if (tokenDescriptor.ReplyToAddress != null) { v1TokenDescriptor.ReplyToAddress = tokenDescriptor.ReplyToAddress; } if (tokenDescriptor.SigningCredentials != null) { v1TokenDescriptor.SigningCredentials = tokenDescriptor.SigningCredentials; } if (tokenDescriptor.Subject != null) { v1TokenDescriptor.Subject = Convert(tokenDescriptor.Subject); } if (tokenDescriptor.TokenIssuerName != null) { v1TokenDescriptor.TokenIssuerName = tokenDescriptor.TokenIssuerName; } if (tokenDescriptor.TokenType != null) { v1TokenDescriptor.TokenType = tokenDescriptor.TokenType; } return(v1TokenDescriptor); }
public async Task <ApplicationUser> Authenticate(LoginViewModel loginViewModel) { try { var result = await _applicationSignInManager.PasswordSignInAsync(loginViewModel.UserName, loginViewModel.Password, false, false); if (result.Succeeded) { var applicationUser = await _applicationUserManager.FindByNameAsync(loginViewModel.UserName); applicationUser.PasswordHash = null; if (await this._applicationUserManager.IsInRoleAsync(applicationUser, "Admin")) { applicationUser.Role = "Admin"; } else if (await this._applicationUserManager.IsInRoleAsync(applicationUser, "Employee")) { applicationUser.Role = "Employee"; } var tokenHandler = new JwtSecurityTokenHandler(); var key = System.Text.Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { //payload Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, applicationUser.Id), new Claim(ClaimTypes.Email, applicationUser.Email), new Claim(ClaimTypes.Role, applicationUser.Role) }), //payload Expires = DateTime.UtcNow.AddHours(8), //hashing algorithm SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); applicationUser.Token = tokenHandler.WriteToken(token); return(applicationUser); } else { return(null); } } catch (Exception ex) { throw; } }
public ApiResponse Login(dynamic loginData) { string email = loginData.Email; string password = loginData.Password; string name = string.Empty; using (var context = new AgmDataContext()) { if (context.Users.All(u => u.Email.ToLower() != email.ToLower() || u.Password != password || u._sectionMonthlyReportsVisible != 1 || u._isDeleted || u._isActive != 1)) { return new ApiResponse(false) { Errors = new ApiResponseError[] { new ApiResponseError() { Message = "Email o password errati" } } } } ; name = context.Users.First(u => u.Email.ToLower() == email.ToLower() && u.Password == password && !u._isDeleted).Name; } var tokenHandler = new JwtSecurityTokenHandler(); var claims = new List <Claim>() { new Claim(ClaimTypes.Name, string.Format("{0}${1}", loginData.Email.ToString(), name)) }; var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claims), Issuer = "Agm" }; var jwtToken = tokenHandler.CreateToken(tokenDescriptor); return(new ApiResponse() { Succeed = true, Token = tokenHandler.WriteToken(jwtToken) }); }
public bool GenerateDomainToken(DomainUser user) { log.WriteLogEntry("Starting GenerateDomainToken..."); bool result = false; log.WriteLogEntry(string.Format("Current user {0} {1}", user.DomainUpn, user.UserEmail)); try { RandomNumberGenerator rng = RandomNumberGenerator.Create(); byte[] rngKey = new byte[32]; rng.GetBytes(rngKey); var signatureKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(rngKey); log.WriteLogEntry("Success create security key."); var signatureCreds = new Microsoft.IdentityModel.Tokens.SigningCredentials(signatureKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest); log.WriteLogEntry("Success create signing credentials."); var claimsID = new ClaimsIdentity(new List <Claim>() { new Claim(ClaimTypes.NameIdentifier, user.DomainUpn), new Claim(ClaimTypes.Email, user.UserEmail), new Claim(ClaimTypes.Role, "DomainUser") }, "DomainUser"); log.WriteLogEntry("Success create claims identity."); var TokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Issuer = Constants.Issuer, Audience = Constants.Audience, Subject = claimsID, SigningCredentials = signatureCreds, }; log.WriteLogEntry("Success create security token descriptor."); var plainToken = CreateToken(TokenDescriptor); log.WriteLogEntry("Plain token " + plainToken.ToString()); string token = WriteToken(plainToken); log.WriteLogEntry("Encoded session token " + token); user.Token.SessionKey = token; result = true; } catch (Exception ex) { log.WriteLogEntry("ERROR generating JWT " + ex.Message); result = false; } log.WriteLogEntry("End GenerateDomainToken."); return(result); }
static string GetJwtFromTokenIssuer() { byte[] key = Convert.FromBase64String("80ssGCKB931r2r8Lm3om1SIt5YY05yBZ34pna3+dYi8="); var symmetricKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key); //var symmetricKey = new InMemorySymmetricSecurityKey(key); var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(symmetricKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest); var claimsIdentity = new System.Security.Claims.ClaimsIdentity(new System.Security.Claims.Claim[] { new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name, "Johnny") }); var descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = claimsIdentity, Audience = "http://localhost:5000/api", Issuer = "http://authzserver.demo", Expires = DateTime.UtcNow.AddMinutes(1), SigningCredentials = signingCredentials }; //var descriptor = new SecurityTokenDescriptor() //{ // TokenIssuerName = "http://authzserver.demo", // AppliesToAddress = "http://localhost:5000/api", // Lifetime = new System.IdentityModel.Protocols.WSTrust.Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(1)), // SigningCredentials = signingCredentials, // Subject = new System.Security.Claims.ClaimsIdentity(new System.Security.Claims.Claim[] // { // new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name, "Johnny") // }) //}; var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(descriptor); return(tokenHandler.WriteToken(token)); }
/// <summary> /// トークン作成メソッド_issuerがSCM1_AdminのJWTを生成する /// </summary> /// <param name="empid"></param> /// <returns></returns> public static bool CreateToken(string empid) { // 共通鍵を用意 var dateKeyString = DateTime.Now.ToString(); var keyString = dateKeyString + FetchTokenPublicKeyString() + empid; // トークン操作用のクラスを用意 var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); // 共通鍵なのでSymmetricSecurityKeyクラスを使う // 引数は鍵のバイト配列 var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.UTF8.GetBytes(keyString)); // 署名情報クラスを生成 // 共通鍵を使うのでアルゴリズムはHS256使っとけばいいはず var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, "HS256"); // トークンの詳細情報クラス?を生成 var descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Issuer = SCMIssuer, SigningCredentials = credentials, }; // トークンの生成 //SecurityTokenDescriptor使わずにhandler.CreateJwtSecurityToken("GHKEN", null, null, null, null, null, credentials)でもOK var token = handler.CreateJwtSecurityToken(descriptor); // トークンの文字列表現を取得 var tokenString = handler.WriteToken(token); // トークンのDB保存 try { // ↓はxml内に記述されたSQLの「#」で括られた部分 var param = new { ACCESS_TOKEN = tokenString, TOKEN_CREATE_DATE = dateKeyString, EMP_NO = empid }; MST_EMP_Repository.StoreAccessToken_Repository(param); return(true); } catch (Exception ex) { return(false); } }
public void ProcessRequest(HttpContext context) { HttpRequest request = context.Request; string userName = request["username"]; string password = request["password"]; bool isAuthentic = !String.IsNullOrEmpty(userName) && userName.Equals(password); if (isAuthentic) { // I use a hard-coded key byte[] key = Convert.FromBase64String("qqO5yXcbijtAdYmS2Otyzeze2XQedqy+Tp37wQ3sgTQ="); var signingCredentials = new SigningCredentials(new InMemorySymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest); var descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Issuer = ISSUER, Audience = AUDIENCE, Expires = DateTime.UtcNow.AddMinutes(5), SigningCredentials = signingCredentials, Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, userName) }) }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(descriptor); context.Response.Write(tokenHandler.WriteToken(token)); } else { context.Response.StatusCode = 401; } }
public async Task <IActionResult> Login(UserForLoginDTO userForLoginDTO) { // validate request var userFromRepo = await _repo.Login(userForLoginDTO.Username, userForLoginDTO.Password); if (userFromRepo is null) { return(Unauthorized()); } //build the token var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new Microsoft.IdentityModel.Tokens.SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public static Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor Convert( SecurityTokenDescriptor tokenDescriptor ) { v1SecurityTokenDescriptor v1TokenDescriptor = new v1SecurityTokenDescriptor(); if ( tokenDescriptor.AppliesToAddress != null ) v1TokenDescriptor.AppliesToAddress = tokenDescriptor.AppliesToAddress; if ( tokenDescriptor.AttachedReference != null ) v1TokenDescriptor.AttachedReference = tokenDescriptor.AttachedReference; if ( tokenDescriptor.AuthenticationInfo != null ) v1TokenDescriptor.AuthenticationInfo = Convert(tokenDescriptor.AuthenticationInfo); if ( tokenDescriptor.Lifetime != null ) v1TokenDescriptor.Lifetime = new Microsoft.IdentityModel.Protocols.WSTrust.Lifetime( tokenDescriptor.Lifetime.Created, tokenDescriptor.Lifetime.Expires ); if ( tokenDescriptor.ReplyToAddress != null ) v1TokenDescriptor.ReplyToAddress = tokenDescriptor.ReplyToAddress; if ( tokenDescriptor.SigningCredentials != null ) v1TokenDescriptor.SigningCredentials = tokenDescriptor.SigningCredentials; if ( tokenDescriptor.Subject != null ) v1TokenDescriptor.Subject = Convert( tokenDescriptor.Subject ); if ( tokenDescriptor.TokenIssuerName != null ) v1TokenDescriptor.TokenIssuerName = tokenDescriptor.TokenIssuerName; if ( tokenDescriptor.TokenType != null ) v1TokenDescriptor.TokenType = tokenDescriptor.TokenType; return v1TokenDescriptor; }
public Microsoft.AspNetCore.Mvc.IActionResult Login(ViewModels.Account.LoginViewModel viewModel) { // References: // https://jwt.io // https://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/ // Create Jwt Security Token Handler Object var jwtSecurityTokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); // ************************************************** // Symmetric key must be atleast 128 bits long string strSymmetricKey = "This is the Symmetric Key"; var symmetricSecurityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey (System.Text.Encoding.ASCII.GetBytes(strSymmetricKey)); var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials (key: symmetricSecurityKey, algorithm: Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature); // ************************************************** // Creating Token Description part var securityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new System.Security.Claims.ClaimsIdentity(new System.Security.Claims.Claim[] { new System.Security.Claims.Claim("Username", "[Any Name]"), new System.Security.Claims.Claim("RoleName", "[Any Role]"), //new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Name, "[Any Name]"), //new System.Security.Claims.Claim(System.Security.Claims.ClaimTypes.Role, "[Any Role]"), }), Issuer = "[Token Issuer Name]", Audience = "http://www.IranianExperts.com", // define lifetime of the token Expires = System.DateTime.Now.AddMinutes(5), SigningCredentials = signingCredentials, }; // Create Token var securityToken = jwtSecurityTokenHandler.CreateToken(securityTokenDescriptor); // convert Token to string string strTokenString = jwtSecurityTokenHandler.WriteToken(securityToken); var result = new { Token = strTokenString, }; VerifyToken(strTokenString); //VerifyToken("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IltBbnkgTmFtZV0iLCJyb2xlIjoiW0FueSBSb2xlXSIsIm5iZiI6MTQ5MzU1MzAxOSwiZXhwIjoxNDkzNTUzMzE2LCJpYXQiOjE0OTM1NTMwMTksImlzcyI6IltUb2tlbiBJc3N1ZXIgTmFtZV0iLCJhdWQiOiJodHRwOi8vd3d3LklyYW5pYW5FeHBlcnRzLmNvbSJ9.zLgzHAUxoCsNLhC-nLkYyMhckD-uNop5JRM_m-PGz5o"); // ************************************************** return(Json(data: result, serializerSettings: Infrastructure.JsonSerializerSettings.Instance)); }
public void ConfigureJwtAuthorizationFlow(string clientId, string userId, string oauthBasePath, string privateKeyFilename, int expiresInHours) { JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor descriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Expires = DateTime.UtcNow.AddHours(expiresInHours), }; descriptor.Subject = new ClaimsIdentity(); descriptor.Subject.AddClaim(new Claim("scope", "signature")); descriptor.Subject.AddClaim(new Claim("aud", oauthBasePath)); descriptor.Subject.AddClaim(new Claim("iss", clientId)); if (userId != null) { descriptor.Subject.AddClaim(new Claim("sub", userId)); } if (privateKeyFilename != null) { string pemKey = File.ReadAllText(privateKeyFilename); var rsa = CreateRSAKeyFromPem(pemKey); Microsoft.IdentityModel.Tokens.RsaSecurityKey rsaKey = new Microsoft.IdentityModel.Tokens.RsaSecurityKey(rsa); descriptor.SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(rsaKey, SecurityAlgorithms.RsaSha256Signature); } var token = handler.CreateToken(descriptor); string jwtToken = handler.WriteToken(token); Uri baseUrl = this.RestClient.BaseUrl; this.RestClient.BaseUrl = new Uri(string.Format("https://{0}", oauthBasePath)); string path = "oauth/token"; string contentType = "application/x-www-form-urlencoded"; Dictionary <string, string> formParams = new Dictionary <string, string>(); formParams.Add("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer"); formParams.Add("assertion", jwtToken); Dictionary <string, string> queryParams = new Dictionary <string, string>(); Dictionary <string, string> headerParams = new Dictionary <string, string>(); headerParams.Add("Content-Type", "application/x-www-form-urlencoded"); Dictionary <string, FileParameter> fileParams = new Dictionary <string, FileParameter>(); Dictionary <string, string> pathParams = new Dictionary <string, string>(); object postBody = null; try { var response = CallApi(path, Method.POST, queryParams, postBody, headerParams, formParams, fileParams, pathParams, contentType); TokenResponse tokenInfo = JsonConvert.DeserializeObject <TokenResponse>(((RestResponse)response).Content); var config = Configuration.Default; config.AddDefaultHeader("Authorization", string.Format("{0} {1}", tokenInfo.token_type, tokenInfo.access_token)); } catch (Exception ex) { } this.RestClient.BaseUrl = baseUrl; }
public async Task <ApplicationUser> Register(SignUpViewModel signUpViewModel) { ApplicationUser applicationUser = new ApplicationUser(); applicationUser.FirstName = signUpViewModel.PersonName.FirstName; applicationUser.LastName = signUpViewModel.PersonName.LastName; applicationUser.Email = signUpViewModel.Email; applicationUser.PhoneNumber = signUpViewModel.Mobile; applicationUser.ReceiveNewsLetters = signUpViewModel.ReceiveNewsLetters; applicationUser.CountryID = signUpViewModel.CountryID; applicationUser.Gender = signUpViewModel.Gender; applicationUser.Role = "Employee"; applicationUser.UserName = signUpViewModel.Email; var result = await _applicationUserManager.CreateAsync(applicationUser, signUpViewModel.Password); if (result.Succeeded) { if ((await _applicationUserManager.AddToRoleAsync(await _applicationUserManager.FindByNameAsync(signUpViewModel.Email), "Employee")).Succeeded) { var result2 = await _applicationSignInManager.PasswordSignInAsync(signUpViewModel.Email, signUpViewModel.Password, false, false); if (result2.Succeeded) { //token var tokenHandler = new JwtSecurityTokenHandler(); var key = System.Text.Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, applicationUser.Id), new Claim(ClaimTypes.Email, applicationUser.Email), new Claim(ClaimTypes.Role, applicationUser.Role) }), Expires = DateTime.UtcNow.AddHours(8), SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); applicationUser.Token = tokenHandler.WriteToken(token); //Skills foreach (var sk in signUpViewModel.Skills) { Skill skill = new Skill(); skill.SkillName = sk.SkillName; skill.SkillLevel = sk.SkillLevel; skill.Id = applicationUser.Id; skill.ApplicationUser = null; this._db.Skills.Add(skill); this._db.SaveChanges(); } return(applicationUser); } else { return(null); } } else { return(null); } } else { return(null); } }
public static string GenerateJwtToken (Models.User user, ApplicationSettings.Main mainSettings) { // Generate token that is valid for 8 hours byte[] key = System.Text.Encoding.ASCII.GetBytes(mainSettings.SecretKey); var symmetricSecurityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(key: key); var securityAlgorithm = Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature; var signingCredentials = new Microsoft.IdentityModel.Tokens .SigningCredentials(key: symmetricSecurityKey, algorithm: securityAlgorithm); var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor { Subject = new System.Security.Claims.ClaimsIdentity (new[] { //new System.Security.Claims.Claim // (type: "RoleId", value: user.RoleId), //new System.Security.Claims.Claim // (type: "LastName", value: user.LastName), new System.Security.Claims.Claim (type: nameof(user.LastName), value: user.LastName), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.Name, value: user.Username), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.Email, value: user.EmailAddress), new System.Security.Claims.Claim (type: System.Security.Claims.ClaimTypes.NameIdentifier, value: user.Id.ToString()), }), //Issuer = "", //Audience = "", //Expires = // System.DateTime.UtcNow.AddHours(8), Expires = System.DateTime.UtcNow.AddMinutes(mainSettings.TokenExpiresInMinutes), SigningCredentials = signingCredentials, }; var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); Microsoft.IdentityModel.Tokens.SecurityToken securityToken = tokenHandler.CreateToken(tokenDescriptor: tokenDescriptor); string token = tokenHandler.WriteToken(token: securityToken); return(token); }