Esempio n. 1
0
        public async Task <TokenResponse> CreateJwtTokenAsync([FromBody] TokenRequest request)
        {
            if (request == null)
            {
                throw new ArgumentException(nameof(TokenRequest));
            }
            TokenResponse response;

            try
            {
                DateTime          expireDateTimeUtc = DateTime.UtcNow.AddMilliseconds(QLAuthenticationOptions.TokenLifetimeMS);
                ClaimsIdentityBox identityBox       = await GetUserIdentityAsync(request.Login, request.Password, request.GrantType);

                if (identityBox != null)
                {
                    JwtSecurityToken token = JwtTokenHandler
                                             .CreateJwtSecurityToken(
                        subject: identityBox.ClaimsIdentity,
                        signingCredentials: QLAuthenticationOptions.GetSigningCredentials(),
                        audience: QLAuthenticationOptions.Audience,
                        issuer: QLAuthenticationOptions.Issuer,
                        expires: expireDateTimeUtc);
                    response = new TokenResponse(
                        token.Issuer, token.Audiences.ToList(), JwtTokenHandler.WriteToken(token), TokenType, identityBox.Sub, expireDateTimeUtc,
                        await ParseIdentityInfoFromIdentityClaimsAsync(identityBox.ClaimsIdentity.Claims.ToDictionary((item) => item.Type, (item) => item.Value)));
                }
                else
                {
                    throw new AuthorizationException("Login or password is incorrect.");
                }
            }
            catch (AuthorizationException)
            {
                Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                response            = null;
            }
            return(response);
        }
Esempio n. 2
0
        private async Task <ClaimsIdentityBox> GetUserIdentityAsync(string login, string password, string grantType)
        {
            ClaimsIdentityBox claimsIdentityBox;
            UserInfo          userInfo = await UserDomainService.GetUserInfoAsync(login, password, GetLoginComparer(grantType));

            if (userInfo != null)
            {
                ClaimsIdentity identity = new ClaimsIdentity(
                    new GenericIdentity(IdentityName),
                    new[]
                {
                    new Claim(UserIdClaimKey, userInfo.UserId.ToString()),
                    new Claim(UsernameClaimKey, userInfo.Username),
                    new Claim(GrantedRolesClaimKey, String.Join(",", userInfo.GrantedRoles)),
                    new Claim(GrantedPermissionsClaimKey, String.Join(",", userInfo.GrantedPermissions))
                });
                claimsIdentityBox = new ClaimsIdentityBox(userInfo.Sub, userInfo.Username, identity);
            }
            else
            {
                claimsIdentityBox = null;
            }
            return(claimsIdentityBox);
        }