public object CreateJwt(AuthUserResponse authUser) { var claimsIdentity = GetClaimsIdentity(authUser); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor() { Subject = claimsIdentity, Issuer = _jwtSettings.Issuer, Audience = _jwtSettings.Audience, SigningCredentials = _jwtSettings.SigningCredentials, NotBefore = _jwtSettings.NotBefore, Expires = _jwtSettings.Expires }); var accessToken = handler.WriteToken(securityToken); return(new { authenticated = true, created = _jwtSettings.NotBefore.ToString("yyyy-MM-dd HH:mm:ss"), expiration = _jwtSettings.Expires.ToString("yyyy-MM-dd HH:mm:ss"), accessToken, message = "Ok", userName = authUser.UserName }); }
public AuthUserResponse CreateScreen(AuthUserRequest request) { var response = new AuthUserResponse(); try { response.Success = true; response.Message = null; response.IsAuthed = false; response.CurrentUser = null; //Call the Service Layer BookyService s = new BookyService(); bool isauth = s.AuthenticateUser(request.Username, request.PasswordHash); //todo..create the response..see tb if (isauth) { //Get the user //s.GetUser //response.IsAuthed = true; } //todo get the user object } catch (Exception ex) { response.ErrorCode = ErrorCodes.WebServiceCall; response.Message = ex.Message; response.Success = false; } return(response); }
public (string, AuthUserResponse) AuthUser(AuthUserRequest request) { (string error, User user) = _userRepository.AuthUser(request); var userIdentity = new ClaimsIdentity(); userIdentity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, user.Id.ToString())); if (user.UserLogin == "admin") { userIdentity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, "admin")); } else { userIdentity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, "user")); } // создаем JWT-токен var jwt = new JwtSecurityToken( issuer: AuthOptions.ISSUER, audience: AuthOptions.AUDIENCE, notBefore: DateTime.UtcNow, claims: userIdentity.Claims, expires: DateTime.UtcNow.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); AuthUserResponse response = new AuthUserResponse() { AccessToken = encodedJwt, UserId = userIdentity.Name }; return(error, response); }
public HttpResponseMessage Register([FromBody] RegisterRequest request) { try { if (request == null) { return(CreateErrorResponse(HttpStatusCode.BadRequest, "No se recibieron los parámetros de entrada.")); } var currentUsers = _userService.FindBy(x => x.Email.ToUpper().Trim() == request.Email.ToUpper().Trim()); if (currentUsers.Count() > 0) { return(CreateErrorResponse(HttpStatusCode.BadRequest, "El correo electrónico proporcionado ya se encuentra registrado.")); } /*if (!FormatUtil.IsEmailValid(request.Email.Trim())) * { * return CreateErrorResponse(HttpStatusCode.BadRequest, "El formato de correo electrónico no es válido."); * }*/ Role roleBO = _roleService.FindBy(x => x.Code == Constants.ROLE_DEFAULT_API).FirstOrDefault(); User user = new User { FirstName = request.FirstName, LastName = request.LastName, Username = request.Email.Trim(), //DEFAULT Email = request.Email.Trim(), MobileNumber = request.MobileNumber, Password = SecurityUtil.EncryptPassword(request.Password), Uuid = Guid.NewGuid().ToString(), Role = roleBO, Permissions = roleBO.Permissions.ToList(), CreatedAt = DateUtil.GetDateTimeNow(), UpdatedAt = DateUtil.GetDateTimeNow(), Status = true }; _userService.Create(user); if (user.Id > 0) { var response = new AuthUserResponse { Uuid = user.Uuid, FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, MobilePhone = user.MobileNumber, }; return(CreateResponse(response, "La cuenta del usuario se creó correctamente")); } else { return(CreateErrorResponse(HttpStatusCode.BadRequest, "No se pudo crear la cuenta del usuario.")); } } catch (Exception e) { return(CreateErrorResponse(e)); } }
private void OnAuthUserResponse(AuthUserResponse response) { Logger.Dispatch(LoggerTypes.Info, string.Format("PlayFab Says AuthTicket isValid:{0}", response.Authorized)); var uconn = UnityNetworkingData.Connections.Find(c => c.PlayFabId == response.PlayFabId); if (uconn != null) { uconn.IsAuthenticated = response.Authorized; uconn.Connection.Send(201, new StringMessage() { value = "Client Authenticated Successfully" }); } }
private ClaimsIdentity GetClaimsIdentity(AuthUserResponse authUser) { var jtiClaim = new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()); var userClaim = new Claim("user", authUser.ToString()); var admRole = new Claim("role", "Adm"); var claims = new[] { jtiClaim, userClaim, admRole }; var genericIdentity = new GenericIdentity(authUser.IdUser.ToString(), "Id"); var claimsIdentity = new ClaimsIdentity(genericIdentity, claims); return(claimsIdentity); }
public async Task <AuthUserResponse> Authenticate(AuthUserDto authUserDto) { try { _logger.LogDebug("Beginning Authentication"); var userList = await _userRepository.Select(a => a.UserName == authUserDto.Identity || a.Email == authUserDto.Identity); var user = userList.FirstOrDefault(a => CryptographyService.HashPassword(authUserDto.Password + a.PasswordSalt) == a.Password); if (user == null) { throw new AuthenticationException("Invalid user. Check your password and/or username"); } _logger.LogDebug("User found: {@User}", user); var jwtToken = GenerateJwtToken(user); _logger.LogDebug("New token generated: {@JwtToken}", jwtToken); var refreshToken = GenerateRefreshToken(authUserDto.IpAddress); refreshToken.UserId = user.Id; await _refreshTokenRepository.Insert(refreshToken); _refreshTokenRepository.Save(); _logger.LogDebug("New refresh token generated: {@RefreshToken}", refreshToken); var authUserResponse = new AuthUserResponse() { Username = user.UserName, JwtToken = jwtToken, RefreshToken = refreshToken.Token }; _logger.LogDebug("Authentication successful"); return(authUserResponse); } catch (Exception e) { _logger.LogError(e, "Error during authentication"); throw; } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { try { IServiceUser serviceUser = _container.Resolve <IServiceUser>(); AuthUserRequest request = new AuthUserRequest(); request.Email = context.UserName; request.Password = context.Password; AuthUserResponse response = serviceUser.AuthUser(request); if (serviceUser.IsInvalid()) { if (response == null) { context.SetError("invalid_grant", Message.X0_IsInvalid.ToFormat(Message.Email + Message.Or + Message.Password)); return; } } serviceUser.ClearNotifications(); if (response == null) { context.SetError("invalid_grant", Message.DataNotFound); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); //Definindo as Claims identity.AddClaim(new Claim("GTUser", JsonConvert.SerializeObject(response))); var principal = new GenericPrincipal(identity, new string[] { }); Thread.CurrentPrincipal = principal; context.Validated(identity); } catch (Exception ex) { context.SetError("invalid_grant", ex.Message); return; } }
public HttpResponseMessage Login([FromBody] LoginRequest request) { try { if (request == null) { return(CreateErrorResponse(HttpStatusCode.BadRequest, "No se recibieron los parámetros de entrada.")); } var user = _authService.Authenticate(request.Username, SecurityUtil.EncryptPassword(request.Password)); if (user == null) { return(CreateErrorResponse(HttpStatusCode.BadRequest, "El usuario no existe o contraseña inválida.")); } if (!user.Status) { return(CreateErrorResponse(HttpStatusCode.BadRequest, "La cuenta del usuario se encuentra inactiva o no se ha confirmado.")); } /*if (user.Role.Code != Constants.ROLE_DEFAULT_API) * { * return CreateErrorResponse(HttpStatusCode.BadRequest, "El usuario no cuenta con acceso al API"); * }*/ var expiration = DateUtil.GetDateTimeNow().AddHours(Constants.HOURS_EXPIRATION_KEY).ToUniversalTime(); user.ApiKey = Guid.NewGuid().ToString(); user.ExpiraApiKey = expiration; user.LastLoginAt = DateUtil.GetDateTimeNow(); _userService.Update(user); var response = new AuthUserResponse { ApiKey = user.ApiKey, ApiKeyExpiration = DateUtil.ConvertToUnixTime(expiration), Uuid = user.Uuid, FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, MobilePhone = user.MobileNumber, }; return(CreateResponse(response)); } catch (Exception e) { return(CreateErrorResponse(e)); } }
/// <summary> /// Validates a user with the PlayFab service /// </summary> public static void AuthUser(AuthUserRequest request, AuthUserCallback resultCallback, ErrorCallback errorCallback, object customData = null) { if (PlayFabSettings.DeveloperSecretKey == null) { throw new Exception("Must have PlayFabSettings.DeveloperSecretKey set to call this method"); } string serializedJson = JsonConvert.SerializeObject(request, Util.JsonFormatting, Util.JsonSettings); Action <CallRequestContainer> callback = delegate(CallRequestContainer requestContainer) { AuthUserResponse result = ResultContainer <AuthUserResponse> .HandleResults(requestContainer, resultCallback, errorCallback); if (result != null) { } }; PlayFabHTTP.Post("/Matchmaker/AuthUser", serializedJson, "X-SecretKey", PlayFabSettings.DeveloperSecretKey, callback, request, customData); }
private static string GetToken() { AuthUserRequest aurequest = new AuthUserRequest() { Login = "******", Password = "******" }; string jsonString = JsonConvert.SerializeObject(aurequest); using (var client = new HttpClient()) { var response = client.PostAsync( "https://photoapimsp.azurewebsites.net/api/Security/", new StringContent(jsonString, Encoding.UTF8, "application/json")); string str = response.Result.Content.ReadAsStringAsync().GetAwaiter().GetResult(); AuthUserResponse auresponse = JsonConvert.DeserializeObject <AuthUserResponse>(str); return(auresponse.AccessToken); } }
public HttpResponseMessage Get() { List <MessageResponse> messages = new List <MessageResponse>(); int UserId = GetUserId(); var user = _userService.GetById(UserId); if (user != null) { var response = new AuthUserResponse { Uuid = user.Uuid, FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, MobilePhone = user.MobileNumber, }; return(CreateResponse(response, "Datos devueltos correctamente")); } else { return(CreateErrorResponse(HttpStatusCode.BadRequest, "El usuario no existe o cuenta inválida.")); } }
public HttpResponseMessage GetAccount() { int UserId = GetUserId(); var user = _userService.GetById(UserId); if (user != null) { var response = new AuthUserResponse { //ApiKey = user.ApiKey, //ApiKeyExpiration = user.ExpiraApiKey, Uuid = user.Uuid, FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, MobilePhone = user.MobileNumber, }; return(CreateResponse(response, "Datos devueltos correctamente")); } else { return(CreateErrorResponse(HttpStatusCode.BadRequest, "No se pudo obtener los datos del usuario.")); } }