public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId; string clientSecret; //first try to get the client details from the Authorization Basic header if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { //no details in the Authorization Header so try to find matching post values context.TryGetFormCredentials(out clientId, out clientSecret); } if (string.IsNullOrWhiteSpace(clientId) || string.IsNullOrWhiteSpace(clientSecret)) { context.SetError("client_not_authorized", "invalid client details"); return(Task.FromResult <object>(null)); } Audience audienceDto; using (var dbContext = new URDEV_SW_MOBILITYEntities()) { audienceDto = dbContext.Audiences.FirstOrDefaultAsync(x => x.ClientId == clientId).Result; } if (audienceDto == null || !clientSecret.Equals(audienceDto.Secret)) { context.SetError("unauthorized_client", "unauthorized client"); return(Task.FromResult <object>(null)); } context.Validated(); return(Task.FromResult <object>(null)); }
public string Protect(AuthenticationTicket data) { if (data == null) { throw new ArgumentNullException("data"); } string audienceId = data.Properties.Dictionary.ContainsKey("audience") ? data.Properties.Dictionary["audience"] : null; if (string.IsNullOrWhiteSpace(audienceId) || audienceId.Length != 36) { throw new InvalidOperationException("audience missing from AuthenticationTicket.Properties"); } Audience audienceDto; using (var dbContext = new URDEV_SW_MOBILITYEntities()) { audienceDto = dbContext.Audiences.FirstOrDefaultAsync(x => x.ClientId == audienceId).Result; } if (audienceDto == null) { throw new InvalidOperationException("invalid_client"); } var keyByteArray = Convert.FromBase64String(audienceDto.Secret); //var signingKey = new HmacSigningCredentials(keyByteArray); var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray); var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials( securityKey, SecurityAlgorithms.HmacSha256Signature); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); }
public static IEnumerable <Audience> GetAllAudiences() { var dbContext = new URDEV_SW_MOBILITYEntities(); return(dbContext.Audiences.Where(a => a.StatusCode == 0).ToList <Audience>()); }