Esempio n. 1
0
        private string ProduceToken(long?pkSystemUser, string client_id, ApiContext context)
        {
            var apiSession = Aparte.WebApi.BeginApiSession.Execute(context, pkSystemUser);

            Aparte.WebApi.GetTenant.Execute(context, apiSession);
            context = null;

            var token = new JWEAsymmetric();

            try
            {
                token.AsymmetricKey = Audiences.Item(client_id).PublicKey;
                token.SetExpiry(apiSession.TokenExpiry);
                token.AddClaim(JWTConstant.PK_SYSTEM_USER, apiSession.PKSystemUser.ToString());
                token.AddClaim(JWTConstant.USER_NAME, apiSession.UserName);
                token.AddClaim(JWTConstant.USER_CODE, apiSession.UserCode);
                token.AddClaim(JWTConstant.ACCESS_TOKEN, apiSession.AccessToken.ToString());
                token.AddClaim(JWTConstant.REFRESH_TOKEN, apiSession.RefreshToken.ToString());
            }
            catch (Exception ex)
            {
            }

            var encryptedToken = token.SerializeToBase64UrlString();

            UserList.Add(apiSession.PKSystemUser, apiSession.UserName, apiSession.UserCode, apiSession.AccessToken, apiSession.RefreshToken, apiSession.TokenExpiry);
            return(encryptedToken);
        }
Esempio n. 2
0
        public IHttpActionResult VerifyClient([FromBody] Aparte.Credentials.ApplicationCredential application)
        {
            var token = new JWEAsymmetric();

            token.AddClaim(JWTConstant.CLAIM_SYMMETRIC_KEY, Audiences.Item(KeyFile.JEDIX_WIN_CLIENT_NAME).SecretSymmetricKey);
            token.AsymmetricKey = Audiences.Item(KeyFile.JEDIX_WIN_CLIENT_NAME).PublicKey;
            return(Ok <string>(token.SerializeToBase64UrlString()));
        }
Esempio n. 3
0
        public IHttpActionResult RefreshToken([FromBody] Aparte.Credentials.UserToken userToken)
        {
            var accessToken  = AsymmetricEncryption.Decrypt(userToken.AccessToken, AuthenticationServer.PRIVATE_KEY);
            var refreshToken = AsymmetricEncryption.Decrypt(userToken.RefreshToken, AuthenticationServer.PRIVATE_KEY);

            var context    = new ApiContext();
            var apiSession = Aparte.WebApi.RefreshApiSession.Execute(context, userToken.PKSystemUser, accessToken, refreshToken);
            var token      = new JWEAsymmetric();

            token.AsymmetricKey = Audiences.Item(KeyFile.JEDIX_WIN_CLIENT_NAME).PublicKey;
            token.SetExpiry(apiSession.TokenExpiry);
            token.AddClaim(JWTConstant.PK_SYSTEM_USER, apiSession.PKSystemUser.ToString());
            token.AddClaim(JWTConstant.ACCESS_TOKEN, apiSession.AccessToken.ToString());
            var encryptedToken = token.SerializeToBase64UrlString();

            UserList.Add(apiSession.PKSystemUser, apiSession.UserName, apiSession.UserCode, apiSession.AccessToken, apiSession.RefreshToken, apiSession.TokenExpiry);
            return(Ok <string>(encryptedToken));
        }