public IActionResult ValidateToken([FromForm] string token)
{
var claimsPrincipal = jwtManager.ValidateToken(token);
return(Ok(new {
Name = claimsPrincipal.Identity.IsAuthenticated,
Schema = claimsPrincipal.Identity.AuthenticationType,
Claims = claimsPrincipal.Claims.Select(c => new {
Issuer = c.Issuer,
Value = c.Value,
ValueType = c.ValueType
})
}));
}
public void OnActionExecuting(ActionExecutingContext context)
{
if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor)
{
var actionAttributes = controllerActionDescriptor.MethodInfo.GetCustomAttributes(inherit: true).ToList();
if (actionAttributes.Any(a => a is NoTokenCheckAttribute))
{
return;
}
if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out StringValues authorizationToken))
{
if (!authorizationToken.ToString().Contains("Bearer"))
{
context.Result = context.Result = new JsonResult(StringResult.Error("Authorization header must be 'Bearer xxxxxxxx'"))
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
var jwt = authorizationToken.ToString().Replace("Bearer ", "");
var result = _jwtManager.ValidateToken(jwt);
if (result.Success)
{
var controller = context.Controller as BaseController;
controller.Jwt = jwt;
controller.IdUsuario = result.ResultOk;
}
else
{
context.Result = new JsonResult(result)
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
}
else
{
context.Result = new JsonResult(StringResult.Error("Authorization header is missing"))
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
}
}