Exemple #1
0
        private void AddAuthentication(IServiceCollection services)
        {
            services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; })
            .AddJwtBearer(options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer           = true,
                    ValidateAudience         = true,
                    ValidateLifetime         = true,
                    ValidateIssuerSigningKey = true,
                    ValidIssuer       = Configuration["Hosting:Domain"],
                    ValidAudience     = Configuration["Hosting:Domain"],
                    IssuerSigningKey  = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:Secret"])),
                    LifetimeValidator = (before, expires, token, parameters) =>
                    {
                        var now = DateTimeOffset.UtcNow;
                        var res = expires > now;
                        return(res);
                    },
                    RoleClaimType = "ro",
                    NameClaimType = "id",
                };
            });

            services.AddAuthorization(options =>
            {
                options.AddPolicy("Admin", p => p.RequireAuthenticatedUser()
                                  .RequireRole(RoleParser.ToInt(Role.Admin).ToString()));
            });
        }
Exemple #2
0
        public void ParseValid5()
        {
            var parser = new RoleParser("ApplicationName:Role1,");

            Assert.IsTrue(parser.IsParsed());
            Assert.AreEqual(1, parser.Roles.Count);

            Assert.AreEqual("ApplicationName", parser.ApplicationName);
            Assert.AreEqual("Role1", parser.Roles[0]);
        }
Exemple #3
0
        public void ParseValid7()
        {
            var parser = new RoleParser(" ApplicationName: Role1,Role2,Role3");

            Assert.IsTrue(parser.IsParsed());
            Assert.AreEqual(3, parser.Roles.Count);

            Assert.AreEqual("ApplicationName", parser.ApplicationName);
            Assert.AreEqual("Role1", parser.Roles[0]);
            Assert.AreEqual("Role2", parser.Roles[1]);
            Assert.AreEqual("Role3", parser.Roles[2]);
        }
Exemple #4
0
        public bool IsAuthorized(AuthorizationContext filterContext, string accessRule, string actionKey, string parentActionKey)
        {
            bool?result = null;

            try
            {
                RoleParser  parser        = new RoleParser();
                IAccessRule accessRuleObj = parser.Parse(accessRule);
                result = accessRuleObj.Evaluate(
                    role => filterContext.HttpContext.User.IsInRole(role)
                    , userName => filterContext.HttpContext.User.Identity.Name.ToLowerInvariant() == userName.ToLowerInvariant()
                    );
            }
            catch
            {
                result = false;
            }
            return(result.HasValue? result.Value: false);
        }
Exemple #5
0
        public Token CreateLoginToken(User user, IPAddress ipAddress, string audience, string issuer, TimeSpan?lifespan = null)
        {
            if (!lifespan.HasValue)
            {
                lifespan = _defaultLifetime;
            }

            var exp = DateTimeOffset.UtcNow.Add(lifespan.Value);

            var claims = new Dictionary <string, object>
            {
                { CustomClaims.Role, RoleParser.ToInt(user.Role) },
                { CustomClaims.Ip, ipAddress.ToString() },
                { CustomClaims.Id, user.Id },
                { "exp", exp.ToUnixTimeSeconds() }
            };

            if (!string.IsNullOrEmpty(audience))
            {
                claims.Add("aud", audience);
            }

            if (!string.IsNullOrEmpty(issuer))
            {
                claims.Add("iss", issuer);
            }

            var tokenString = CreateToken(claims);

            return(new Token
            {
                Audience = audience,
                Claims = claims,
                Expires = exp,
                Issuer = issuer,
                Lifespan = lifespan,
                TokenString = tokenString
            });
        }
Exemple #6
0
        public void ParseInvalid7()
        {
            var parser = new RoleParser(":Role1,Role2,Role3");

            Assert.IsFalse(parser.IsParsed());
        }
Exemple #7
0
        public void ParseInvalid6()
        {
            var parser = new RoleParser("ApplicationName:");

            Assert.IsFalse(parser.IsParsed());
        }
Exemple #8
0
        public void ParseInvalid2()
        {
            var parser = new RoleParser();

            Assert.IsFalse(parser.IsParsed());
        }
Exemple #9
0
        public void ParseInvalid1(string roles)
        {
            var parser = new RoleParser(roles);

            Assert.IsFalse(parser.IsParsed());
        }