public async Task InitializeAsync(string token)
{
if (token.Empty())
{
await DisconnectAsync();
}
JwtDetails jwt = null;
try
{
var maybeJwt = _jwtHandler.Parse(token);
if (maybeJwt.HasNoValue)
{
await DisconnectAsync();
return;
}
jwt = maybeJwt.Value;
}
catch
{
await DisconnectAsync();
return;
}
await Groups.AddAsync(Context.ConnectionId, jwt.Subject);
}
private static StatelessAuthenticationConfiguration Configuration(IJwtTokenHandler jwtTokenHandler)
=> new StatelessAuthenticationConfiguration(ctx =>
{
var authToken = jwtTokenHandler.GetFromAuthorizationHeader(ctx.Request.Headers.Authorization);
if (authToken.HasNoValue)
{
return(null);
}
var jwt = jwtTokenHandler.Parse(authToken.Value);
if (jwt.HasNoValue)
{
return(null);
}
var token = jwt.Value;
return(jwt.HasValue ? new CollectivelyIdentity(token.Subject,
token.Role, token.State, token.Claims) : null);
});
public AccessTokenValidationResult ValidateToken(string secret, string jwtToken, string tokenIssuer)
{
if (string.IsNullOrWhiteSpace(secret))
{
throw new ArgumentNullException(nameof(secret));
}
if (string.IsNullOrWhiteSpace(tokenIssuer))
{
throw new ArgumentNullException(nameof(tokenIssuer));
}
AccessTokenValidationResult result;
try
{
var claims = _jwtTokenHandler.Parse(secret, jwtToken);
result = ValidateTokenIssuer(claims, tokenIssuer)
? new AccessTokenValidationResult(AccessTokenStatus.Valid, claims: claims)
: new AccessTokenValidationResult(AccessTokenStatus.Invalid, message: AccessTokenValidationResult.InvalidTokenIssuerMessage);
}
catch (TokenExpiredException tokenExpiredException)
{
_logger.LogError(tokenExpiredException, $"{AccessTokenValidationResult.TokenExpiredMessage}. jwtToken={jwtToken}");
result = new AccessTokenValidationResult(AccessTokenStatus.Expired, message: AccessTokenValidationResult.TokenExpiredMessage);
}
catch (SignatureVerificationException signatureVerificationException)
{
_logger.LogError(signatureVerificationException, $"{AccessTokenValidationResult.InvalidSignatureMessage}. jwtToken={jwtToken}");
result = new AccessTokenValidationResult(AccessTokenStatus.Invalid, message: AccessTokenValidationResult.InvalidSignatureMessage);
}
catch (Exception ex)
{
_logger.LogError(ex, $"{AccessTokenValidationResult.InvalidTokenMessage}. jwtToken={jwtToken}");
result = new AccessTokenValidationResult(AccessTokenStatus.Invalid, message: AccessTokenValidationResult.InvalidTokenMessage);
}
return(result);
}
public async Task CheckIpAddressOrDevice(string ipAddress, string userAgent, string token)
{
var jwtValues = _jwtTokenHandler.Parse(token);
if (jwtValues.HasNoValue())
{
_logger.LogError($"Unable to get jwt details, because token is empty or invalid.");
return;
}
var success = Guid.TryParse(jwtValues.SessionId, out var sessionId);
if (!success)
{
_logger.LogError($"Parsing sessionId failed. SessionId: {sessionId}");
return;
}
var session = await _userSessionRepository.GetByIdAsync(sessionId);
if (session.HasNoValue())
{
_logger.LogError($"Session with id: {sessionId} was not found!");
return;
}
if (jwtValues.IpAddress != ipAddress || jwtValues.UserAgent != userAgent)
{
_logger.LogWarning($"Destroying session with id: {sessionId} for user with id: {session.UserId}" +
", because detect attempt to login from another location.");
session.Destroy();
_userSessionRepository.Update(session);
await _userSessionRepository.UnitOfWork.SaveEntitiesAsync();
}
}