public async Task <AuthToken> AuthenticateAsync(string username, string password)
{
await ValidateCredentialsAsync(username, password);
var token = _jwtTokenHandler.Create(username, Expiry);
return(AuthToken.Create(token, DateTime.UtcNow.AddTicks(Expiry.Ticks)));
}
public string IssueToken(ApplicationUser applicationUser)
{
var claims = GetClaims(applicationUser);
var clientConfiguration = "userId"; //_clientConfigurationProvider.GetClientConfiguration(applicationUser.ClientId);
var secureTokenConfiguration = ""; //clientConfiguration.SecureTokenConfiguration;
if (secureTokenConfiguration == null)
{
throw new ArgumentNullException(nameof(secureTokenConfiguration));
}
return(_jwtTokenHandler.Create("secureTokenConfiguration.PrivateKey", claims, "secureTokenConfiguration.TokenIssuer", TimeSpan.FromSeconds(6000)));
}
public AuthenticationModule(ICommandDispatcher commandDispatcher,
IValidatorResolver validatorResolver,
IIdentityProvider identityProvider,
IUserStorage userStorage,
IOperationStorage operationStorage,
IJwtTokenHandler jwtTokenHandler,
JwtTokenSettings jwtTokenSettings)
: base(commandDispatcher, validatorResolver, identityProvider, modulePath: "")
{
Post("sign-in", async(ctx, p) => await For <SignIn>()
.Set(c =>
{
c.IpAddress = Request.UserHostAddress;
c.UserAgent = Request.Headers.UserAgent;
})
.SetResourceId(c => c.SessionId)
.OnSuccess(async c =>
{
var operation = await operationStorage.GetUpdatedAsync(c.Request.Id);
if (operation.HasNoValue || !operation.Value.Success)
{
return(HttpStatusCode.Unauthorized);
}
var session = await userStorage.GetSessionAsync(c.SessionId);
if (session.HasNoValue)
{
return(HttpStatusCode.Unauthorized);
}
return(new
{
token = jwtTokenHandler.Create(session.Value.UserId),
sessionId = session.Value.Id,
sessionKey = session.Value.Key,
expiry = DateTime.UtcNow.AddDays(jwtTokenSettings.ExpiryDays).ToTimestamp()
});
})
.DispatchAsync());
Post("sign-up", async args => await For <SignUp>()
.OnSuccessAccepted("account")
.DispatchAsync());
Post("sign-out", async args => await For <SignOut>()
.OnSuccess(HttpStatusCode.NoContent)
.DispatchAsync());
}
public AuthenticationModule(IJwtTokenHandler jwtTokenHandler)
: base("auth", requireAuthentication: false)
{
Post("", async args =>
{
var request = this.BindRequest <SignIn>();
var token = jwtTokenHandler.Create("user1", "admin");
await Task.CompletedTask;
return(new
{
token = token.Value.Token,
expires = token.Value.Expires
});
});
}
public Maybe <string> CreateToken(Credentials credentials)
{
if (credentials == null)
{
return(null);
}
if (credentials.Username.Empty() || credentials.Password.Empty())
{
return(null);
}
if (credentials.Username.Equals(_serviceSettings.Username) &&
credentials.Password.Equals(_serviceSettings.Password))
{
return(_jwtTokenHandler.Create(credentials.Username, Expiry));
}
return(null);
}
public Maybe <JwtBasic> CreateToken(Credentials credentials)
{
if (credentials == null)
{
return(null);
}
if (credentials.Username.Empty() || credentials.Password.Empty())
{
return(null);
}
if (credentials.Username.Equals(_serviceSettings.Username) &&
credentials.Password.Equals(_serviceSettings.Password))
{
var token = _jwtTokenHandler.Create(credentials.Username, string.Empty,
TimeSpan.FromDays(1000));
return(token.Value);
}
return(null);
}
private async Task <Maybe <JwtSession> > HandleSessionAsync(Guid sessionId)
{
var session = await _authenticationService.GetSessionAsync(sessionId);
if (session.HasNoValue)
{
return(null);
}
var user = await _userService.GetAsync(session.Value.UserId);
var token = _jwtTokenHandler.Create(user.Value.UserId,
user.Value.Role, state: user.Value.State);
return(new JwtSession
{
Token = token.Value.Token,
Expires = token.Value.Expires,
SessionId = session.Value.Id,
Key = session.Value.Key
});
}
public async Task <string> CreateAsync(string username, TimeSpan?expiry = null)
{
var user = await _userRepository.GetAsync(username);
if (user == null)
{
throw new ArgumentNullException(nameof(user), $"User '{username}' has not been found.");
}
if (!user.IsActive)
{
throw new AuthenticationException($"User '{username}' is not active.");
}
var apiKey = _jwtTokenHandler.Create(username, expiry);
user.AddApiKey(apiKey);
await _userRepository.UpdateAsync(user);
Logger.Info($"API key was created by user '{username}'.");
return(apiKey);
}
public async Task <JwtSession> GetJwtSessionAsync(Guid sessionId, string ipAddress, string userAgent)
{
var session = await _userSessionRepository.GetByIdAsync(sessionId);
if (session.HasNoValue())
{
return(null);
}
var user = await _userRepository.GetByUserIdAsync(session.UserId);
var token = _jwtTokenHandler.Create(user.Id, session.Id,
user.Role, user.State, ipAddress, userAgent);
return(new JwtSession
{
Token = token.Token,
Expires = token.Expires,
SessionId = session.Id,
Key = session.Key
});
}