Exemple #1
0
        public static string GetTokenFromApiKeyAsync(this HttpContext context)
        {
            var apiKey      = context.Request.Query["ApiKey"];
            var key         = SigningCertificate.Load().GetRSAPrivateKey();
            var client      = (HttpClient)context.RequestServices.GetService(typeof(HttpClient));
            var keys        = (List <ApiKeyConfig>)Service.Config.ServiceConfiguration.ApiKeys;
            var validApiKey = keys.FirstOrDefault(x => x.ApiKey == apiKey);

            if (validApiKey == null)
            {
                return(null);
            }
            var decryptedApiKey = Encoding.UTF8.GetString(key.Decrypt(Convert.FromBase64String(validApiKey.EncryptedCredentials),
                                                                      RSAEncryptionPadding.OaepSHA512));
            var userName = decryptedApiKey.Split(':')[0];
            var password = decryptedApiKey.Split(':')[1];

            var json = Login(validApiKey, userName, password, client).Result;

            return(json?.access_token);
        }
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            var apiKey   = context.HttpContext.Request.Query["ApiKey"];
            var jwtToken = context.HttpContext.Request.Query.ContainsKey("ApiKey")
                ? GetTokenFromApiKeyAsync(context.HttpContext.Request.Query["ApiKey"])
                : GetAuthJwtToken(context)
            ;

            try
            {
                var key          = SigningCertificate.Load().GetRSAPrivateKey();
                var payload      = JWT.Decode <JwtToken>(jwtToken.Replace("Bearer ", ""), key, JwsAlgorithm.RS256);
                var tokenExpires = DateTimeOffset.FromUnixTimeSeconds(payload.exp);
                _user = tokenExpires > DateTime.UtcNow ? _userManager.SetUser(payload, jwtToken) : null;
            }
            catch (Exception e)
            {
                LoggingBootstrapper.GetLogger().Fatal(e);
                _user = null;
            }

            base.OnActionExecuting(context);
        }