private void AddAuthentication(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = Configuration["Hosting:Domain"], ValidAudience = Configuration["Hosting:Domain"], IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT:Secret"])), LifetimeValidator = (before, expires, token, parameters) => { var now = DateTimeOffset.UtcNow; var res = expires > now; return(res); }, RoleClaimType = "ro", NameClaimType = "id", }; }); services.AddAuthorization(options => { options.AddPolicy("Admin", p => p.RequireAuthenticatedUser() .RequireRole(RoleParser.ToInt(Role.Admin).ToString())); }); }
public void ParseValid5() { var parser = new RoleParser("ApplicationName:Role1,"); Assert.IsTrue(parser.IsParsed()); Assert.AreEqual(1, parser.Roles.Count); Assert.AreEqual("ApplicationName", parser.ApplicationName); Assert.AreEqual("Role1", parser.Roles[0]); }
public void ParseValid7() { var parser = new RoleParser(" ApplicationName: Role1,Role2,Role3"); Assert.IsTrue(parser.IsParsed()); Assert.AreEqual(3, parser.Roles.Count); Assert.AreEqual("ApplicationName", parser.ApplicationName); Assert.AreEqual("Role1", parser.Roles[0]); Assert.AreEqual("Role2", parser.Roles[1]); Assert.AreEqual("Role3", parser.Roles[2]); }
public bool IsAuthorized(AuthorizationContext filterContext, string accessRule, string actionKey, string parentActionKey) { bool?result = null; try { RoleParser parser = new RoleParser(); IAccessRule accessRuleObj = parser.Parse(accessRule); result = accessRuleObj.Evaluate( role => filterContext.HttpContext.User.IsInRole(role) , userName => filterContext.HttpContext.User.Identity.Name.ToLowerInvariant() == userName.ToLowerInvariant() ); } catch { result = false; } return(result.HasValue? result.Value: false); }
public Token CreateLoginToken(User user, IPAddress ipAddress, string audience, string issuer, TimeSpan?lifespan = null) { if (!lifespan.HasValue) { lifespan = _defaultLifetime; } var exp = DateTimeOffset.UtcNow.Add(lifespan.Value); var claims = new Dictionary <string, object> { { CustomClaims.Role, RoleParser.ToInt(user.Role) }, { CustomClaims.Ip, ipAddress.ToString() }, { CustomClaims.Id, user.Id }, { "exp", exp.ToUnixTimeSeconds() } }; if (!string.IsNullOrEmpty(audience)) { claims.Add("aud", audience); } if (!string.IsNullOrEmpty(issuer)) { claims.Add("iss", issuer); } var tokenString = CreateToken(claims); return(new Token { Audience = audience, Claims = claims, Expires = exp, Issuer = issuer, Lifespan = lifespan, TokenString = tokenString }); }
public void ParseInvalid7() { var parser = new RoleParser(":Role1,Role2,Role3"); Assert.IsFalse(parser.IsParsed()); }
public void ParseInvalid6() { var parser = new RoleParser("ApplicationName:"); Assert.IsFalse(parser.IsParsed()); }
public void ParseInvalid2() { var parser = new RoleParser(); Assert.IsFalse(parser.IsParsed()); }
public void ParseInvalid1(string roles) { var parser = new RoleParser(roles); Assert.IsFalse(parser.IsParsed()); }