private async Task <string> GenerateTokenAsync(ApplicationUser user, DateTime expires, string refreshToken)
{
List <Claim> claims = await GetClaimsAsync(user);
claims.AddRange(new[]
{
new Claim("Id", user.Id.ToString()),
new Claim("Username", user.UserName),
new Claim("RefreshToken", refreshToken)
});
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(
issuer: MixService.GetAuthConfig <string>("Issuer"),
audience: MixService.GetAuthConfig <string>("Audience"),
notBefore: DateTime.UtcNow,
claims: claims,
// our token will live 1 hour, but you can change you token lifetime here
expires: expires,
signingCredentials: new SigningCredentials(JwtSecurityKey.Create(MixService.GetAuthConfig <string>("SecretKey")), SecurityAlgorithms.HmacSha256));
return(new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken));
}
public string Post(string login)
{
// Implementar método para login no banco com usuário e senha
// Implementação após sucesso no login
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("a-password-very-big-to-be-good"))
.AddSubject("Alan Batista")
.AddIssuer("banku.com")
.AddAudience("banku.com")
// Adicionar as permissões
.AddClaimRole("ADMIN")
.AddClaimRole("CUSTOMER")
.AddExpiry(1)
.Build();
return(token.Value);
}
private async Task <string> GenerateTokenAsync(ApplicationUser user, DateTime expires, string refreshToken)
{
List <Claim> claims = await GetClaimsAsync(user);
claims.AddRange(new[]
{
new Claim("Id", user.Id.ToString()),
new Claim("Username", user.UserName),
new Claim("RefreshToken", refreshToken)
});
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(
issuer: SWCmsConstants.JwtSettings.ISSUER,
audience: SWCmsConstants.JwtSettings.AUDIENCE,
notBefore: DateTime.UtcNow,
claims: claims,
// our token will live 1 hour, but you can change you token lifetime here
expires: expires,
signingCredentials: new SigningCredentials(JwtSecurityKey.Create(SWCmsConstants.JwtSettings.SECRET_KEY), SecurityAlgorithms.HmacSha256));
return(new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken));
}
public async Task <IActionResult> Create([FromBody] UserLoginDTO inputModel)
{
var user = await _userService.Login(inputModel);
if (user == null)
{
return(Unauthorized());
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("huppa-secret-key"))
.AddSubject(string.Format("{0} {1}", user.FirstName, user.LastName))
.AddIssuer("StampMe.API.Controller")
.AddAudience("StampMe.API.Controller")
.AddClaim("UserId", user.Id)
.AddExpiry(99999)
.Build();
//return Ok(token);
return(Ok(new { UserId = user.Id, token = token.Value }));
}
public static void AddJwtBearerServices(this IServiceCollection services)
{
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ClockSkew = TimeSpan.Zero,
ValidIssuer = "ZackTechSecurityBearer",
ValidAudience = "ZackTechSecurityBearer",
IssuerSigningKey = JwtSecurityKey.Create("ZackTechSecretKey")
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
Console.WriteLine($"{DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")} OnAuthenticationFailed: " + context.Exception.Message);
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
Console.WriteLine($"{DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")} OnTokenValidated: {context.SecurityToken}");
return(Task.CompletedTask);
}
};
});
services.AddTransient <IJwtTokenBuilder, JwtTokenBuilder>();
//services.AddTransient<IJwtToken, JwtToken>();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = "Fiver.Security.Bearer",
ValidAudience = "Fiver.Security.Bearer",
IssuerSigningKey = JwtSecurityKey.Create("fiver-secret-key")
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context => Task.CompletedTask,
OnTokenValidated = context => Task.CompletedTask
};
});
services.AddAuthorization(options =>
{
options.AddPolicy("Member",
policy => policy.RequireClaim("MembershipId"));
});
services.AddMvc();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddDbContext <ApplicationContext>(
options =>
{
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"), b => b.MigrationsAssembly("PSK48"));
});
services.AddScoped(typeof(IRepository <>), typeof(Repository <>));
// Add Jwt web token service
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["JwtIssuerOptions:Issuer"],
ValidAudience = Configuration["JwtIssuerOptions:Audience"],
IssuerSigningKey = JwtSecurityKey.Create(Configuration["JwtIssuerOptions:SecurityKey"])
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
return(Task.CompletedTask);
}
};
});
}
public void ConfigureServices(
IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = "Fiver.Security.Bearer",
ValidAudience = "Fiver.Security.Bearer",
IssuerSigningKey = JwtSecurityKey.Create("fiver-secret-key")
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
Console.WriteLine("OnAuthenticationFailed: " + context.Exception.Message);
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
Console.WriteLine("OnTokenValidated: " + context.SecurityToken);
return(Task.CompletedTask);
}
};
});
services.AddAuthorization(options =>
{
options.AddPolicy("Member",
policy => policy.RequireClaim("MembershipId"));
});
services.AddMvc();
}
public static User CreateToken(User user)
{
User userTruly = DefaultController.privateWeakCheckByPassword(user).Result;
if (userTruly == null)
{
return(userTruly);
}
else
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("Test-secret-key-1234"))
.AddSubject(userTruly.Login)
.AddIssuer("Test.Security.Bearer")
.AddAudience("Test.Security.Bearer")
.AddClaim(userTruly.Role, userTruly.ID.ToString())
.AddExpiry(200)
.Build();
//пихаем новый токен пользователю в бд
var values = new JObject();
values.Add("id", userTruly.ID);
values.Add("login", userTruly.Login);
values.Add("password", userTruly.Password);
values.Add("role", userTruly.Role);
values.Add("lasttoken", token.Value);
var result = QueryClient.SendQueryToService(HttpMethod.Put, "http://localhost:54196", "/api/Users/" + userTruly.ID, null, values).Result;
try
{
User resultUser = JsonConvert.DeserializeObject <User>(result);
return(resultUser);
}
catch
{
return(userTruly);
}
}
}
public async Task <IActionResult> TokenAsync([FromBody] AkunLoginViewModel inputModel)
{
if (ModelState.IsValid)
{
var valid = unitofwork.AkunUser.ValidateUserLogin(inputModel);
if (!valid)
{
return(Unauthorized());
}
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, inputModel.Email),
new Claim(JwtRegisteredClaimNames.Sub, inputModel.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var cls = new ClaimsIdentity(claims, JwtBearerDefaults.AuthenticationScheme);
var claimsPrincipal = new ClaimsPrincipal(cls);
await HttpContext.SignInAsync(claimsPrincipal);
var credentials = new SigningCredentials(JwtSecurityKey.Create(),
SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(JwtSecurityKey.Issuer,
JwtSecurityKey.Audience,
claimsPrincipal.Claims, DateTime.Now, DateTime.Now.AddDays(1),
credentials);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
return(BadRequest(inputModel));
}
public async Task <IActionResult> Create([FromBody] User user)
{
var usr = await _AuthRepository.GetUser(user.Login, user.Password);
if (usr != null)
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("key-value-token-expires"))
.AddSubject(user.Login)
.AddIssuer("issuerTest")
.AddAudience("bearerTest")
.AddClaim("MembershipId", "111")
.AddExpiry(1)
.Build();
return(Ok(token.Value));
}
else
{
return(Unauthorized());
}
}
public IActionResult Login([FromBody] PortalUser _PortalUser)
{
var user = objBALPortalUser.GetLoginUser(_PortalUser);
Thread.Sleep(2000);
if (user == null)
{
return(Ok(null));
}
;
var mamber = objBALDimMbr.GetMember(user.MbrId);
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("myowndemo-secret-key"))
.AddSubject(user.UserName)
.AddIssuer("MyOwnDemo.Security.Bearer")
.AddAudience("MyOwnDemo.Security.Bearer")
.AddClaim("MembershipId", "111")
.AddExpiry(60)
.Build();
return(Ok(new { token = token.Value, user = new { UserName = user.UserName, MamberId = user.MbrId, UserFirstName = user.UserFirstName, UserLastName = user.UserLastName, MamberType = mamber.MbrName } }));
}
protected void ConfigJWTToken(IServiceCollection services, IConfiguration Configuration)
{
services.AddAuthentication()
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters =
new TokenValidationParameters
{
ClockSkew = TimeSpan.Zero,//.FromMinutes(MixService.GetAuthConfig<int>("ClockSkew")), //x minute tolerance for the expiration date
ValidateIssuer = MixService.GetAuthConfig <bool>("ValidateIssuer"),
ValidateAudience = MixService.GetAuthConfig <bool>("ValidateAudience"),
ValidateLifetime = MixService.GetAuthConfig <bool>("ValidateLifetime"),
ValidateIssuerSigningKey = MixService.GetAuthConfig <bool>("ValidateIssuerSigningKey"),
//ValidIssuer = MixService.GetAuthConfig<string>("Issuer"),
//ValidAudience = MixService.GetAuthConfig<string>("Audience"),
ValidIssuers = MixService.GetAuthConfig <string>("Issuers").Split(','),
ValidAudiences = MixService.GetAuthConfig <string>("Audiences").Split(','),
IssuerSigningKey = JwtSecurityKey.Create(MixService.GetAuthConfig <string>("SecretKey"))
};
// TODO Handle Custom Auth
//options.Events = new JwtBearerEvents
//{
// OnAuthenticationFailed = context =>
// {
// Console.WriteLine("OnAuthenticationFailed: " + context.Exception.Message);
// return Task.CompletedTask;
// },
// OnTokenValidated = context =>
// {
// Console.WriteLine("OnTokenValidated: " + context.SecurityToken);
// return Task.CompletedTask;
// },
//};
});
services.AddAuthentication("Bearer");
}
public IActionResult Create([FromBody] LoginInputModel inputModel)
{
//Substituir pela validacao no banco de dados ou outra
if (inputModel.Username == "seccom" && inputModel.Password == "seccom")
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("senhasecretasisbolapi"))
.AddSubject("Aplicacao Seccom")
.AddIssuer("Sisbol.Security.Bearer")
.AddAudience("Sisbol.Security.Bearer")
.AddClaim("InspecaoSaude", "true")
.AddClaim("Punicoes", "true")
.AddClaim("Elogios", "true")
.AddExpiry(10)
.Build();
return(Ok(token.Value));
}
else
{
return(Unauthorized());
}
}
public async Task <IActionResult> Login([FromBody] LoginModel user)
{
_logger.LogInformation("User try to login");
var usr = await _userService.GetUser(user.Login, user.Password);
if (usr != null)
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("key-value-token-expires"))
.AddSubject(user.Login)
.AddIssuer("issuerTest")
.AddAudience("bearerTest")
.AddClaim("MembershipId", "111")
.AddExpiry(1)
.Build();
_logger.LogInformation("User login successful");
return(Ok(token.Value));
}
_logger.LogInformation("User login failure");
return(Unauthorized());
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
//ValidateIssuer = true,
//ValidateAudience = true,
//ValidateLifetime = true,
ValidateIssuerSigningKey = true,
//ValidIssuer = "stephanybatista.com",
//ValidAudience = "stephanybatista.com",
IssuerSigningKey = JwtSecurityKey.Create(jwtdao.GetJwtKey())
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
Console.WriteLine("OnAuthenticationFailed: " + context.Exception.Message);
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
Console.WriteLine("OnTokenValidated: " + context.SecurityToken);
return(Task.CompletedTask);
}
};
});
services.AddSingleton <IConfiguration>(_ => Configuration);
services.AddTransient <UserDao>();
services.AddTransient <BoardDao>();
services.AddMvc();
}
private ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = MixService.GetAuthConfig <bool>("ValidateIssuer"),
ValidateAudience = MixService.GetAuthConfig <bool>("ValidateAudience"),
ValidateLifetime = MixService.GetAuthConfig <bool>("ValidateLifetime"),
ValidateIssuerSigningKey = MixService.GetAuthConfig <bool>("ValidateIssuerSigningKey"),
IssuerSigningKey = JwtSecurityKey.Create(MixService.GetAuthConfig <string>("SecretKey"))
};
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken securityToken;
var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out securityToken);
var jwtSecurityToken = securityToken as JwtSecurityToken;
if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
throw new SecurityTokenException("Invalid token");
}
return(principal);
}
public void ConfigureServices(IServiceCollection services)
{
string key = Configuration.GetSection("Token").GetValue <string>("Key");
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
ClockSkew = TimeSpan.Zero,
ValidIssuer = "Angel",
ValidateIssuer = true,
ValidAudience = "Angel",
ValidateAudience = true,
ValidateLifetime = true,
IssuerSigningKey = JwtSecurityKey.Create(key)
};
});
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
services.AddMvc();
}
private void ConfigureJwt(IServiceCollection services)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = "Armut.Sample.Messaging",
ValidAudience = "Armut.Sample.Messaging",
IssuerSigningKey = JwtSecurityKey.Create("armut.sample.messaging.secret")
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
Console.WriteLine("OnAuthenticationFailed: " + context.Exception.Message);
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
Console.WriteLine("OnTokenValidated: " + context.SecurityToken);
return(Task.CompletedTask);
}
};
});
services.AddAuthorization(options =>
{
options.AddPolicy("User",
policy => policy.RequireClaim("Username"));
});
}
public async Task <IActionResult> CreateBearerToken()
{
string richiestaJson = await Request.GetRawBodyStringAsync();
if (richiestaJson == null)
{
logger.LogError("CreateBearerToken: Contenuto Nullo - Ip: " + accessor.HttpContext.Connection.RemoteIpAddress);
return(ActionResultGenerator.GeneraRisposta("Contenuto Nullo", TipoDiRisposta.Nok));
}
BearerTokenLoginModel bearerTokenLoginModel = JsonConvert.DeserializeObject <BearerTokenLoginModel>(richiestaJson);
if (bearerTokenLoginModel != new BearerTokenLoginModel(username, password))
{
logger.LogError("CreateBearerToken: Credenziali Errate - Ip: " + accessor.HttpContext.Connection.RemoteIpAddress);
return(Unauthorized());
}
try
{
JwtToken token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create(key))
.AddSubject("Angel")
.AddIssuer("Angel")
.AddAudience("Angel")
.AddClaim("AngelId", "1000")
.AddExpiry(expiryInMinutes)
.Build();
logger.LogInformation("CreateBearerToken: Richiesta Token da Ip: " + accessor.HttpContext.Connection.RemoteIpAddress);
return(ActionResultGenerator.GeneraRisposta(token.Value, TipoDiRisposta.Ok));
}
catch (Exception ex)
{
return(Ok(ex.ToString()));
}
}
public string SignIn(string email, string password)
{
bool validate = UserValidate(email, password);
if (!validate)
{
throw new UnauthorizedAccessException("Email or password is incorrect");
}
User user = UserFindByEmail(email);
UserGroup userGroup = _userGroupRepository.Find(user.UserGroupId);
var roles = _userGroupService.GetAuthorizedRoles(userGroup);
string userGroupName = "";
if (userGroup != null)
{
userGroupName = userGroup.Name;
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("fiver-secret-key"))
.AddSubject(email)
.AddIssuer("fiver.Security.Bearer")
.AddAudience("fiver.Security.Bearer")
.AddClaim("UserId", user.Id.ToString())
.AddClaim("User", user.ConvertJsonFromObject())
.AddClaim("Roles", roles.ConvertJsonFromObject())
.AddClaim("UserGroup", userGroupName)
.AddExpiry(10)
.Build();
return(token.Value);
}
public async Task <IActionResult> CreateAsync([FromBody] Itoken inputModel)
{
var user = await _context.User.SingleOrDefaultAsync(m => m.EMail == inputModel.Username);
if (user == null)
{
var dict1 = new Dictionary <string, string>();
dict1.Add("status", "Failed");
dict1.Add("token", "");
return(Ok(dict1));
}
if (inputModel.Username != user.EMail || inputModel.Password != user.UserPassword)
{
var dict2 = new Dictionary <string, string>();
dict2.Add("status", "Failed");
dict2.Add("token", "");
return(Ok(dict2));
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("this is my custom Secret key for authnetication"))
.AddSubject("Ounifi Bearer Authentication")
.AddIssuer("Ounifi.AbdelRahim.JWT")
.AddAudience("Ounifi.AbdelRahim.JWT")
.AddClaim("ID", user.UserId.ToString())
.AddClaim("Privilege", user.Privilege)
.AddClaim("UserName", user.UserName)
.AddClaim("UserLName", user.UserLName)
.AddExpiry(10)
.Build();
var dict = new Dictionary <string, string>();
dict.Add("status", "success");
dict.Add("token", token.Value);
return(Ok(dict));
}
public async Task <GameSeverIdentityResult> CreateGameServerIdentityToken(LoginBody login)
{
var gameServer =
await(from gs in this.dbContext.GameServer
join gsg in this.dbContext.GameServerGroup
on gs.GroupId equals gsg.Id
where gs.PrivateKey == login.GameServerPrivateKey &&
gsg.PrivateKey == login.GameServerGroupPrivateKey &&
gs.IsActive && gs.IsValid &&
gsg.IsActive && gsg.IsValid
select new
{
Name = gs.Name,
GameServerGroupIdentifier = gsg.Id,
GameServerGroupPublicKey = gsg.PublicKey,
GameServerIdentifier = gs.Id,
GameServerPublicKey = gs.PublicKey
})
.SingleOrDefaultAsync();
if (gameServer == null)
{
return(null);
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create(this.configuration["IdentityService:IssuerSigningKey"]))
.AddSubject(gameServer.Name)
.AddIssuer(this.configuration["IdentityService:ValidIssuer"])
.AddAudience(this.configuration["IdentityService:ValidAudience"])
.AddClaim("GameServerGroupIdentifier", gameServer.GameServerGroupIdentifier.ToString())
.AddClaim("GameServerIdentifier", gameServer.GameServerIdentifier.ToString())
.AddExpiry(int.Parse(this.configuration["IdentityService:TokenExpiry"] ?? "60"))
.Build();
return(new GameSeverIdentityResult(token.Value, gameServer.GameServerGroupPublicKey, gameServer.GameServerPublicKey));
}
public IActionResult Login([FromBody] Usuario usuario)
{
UsuarioService usuarioService = new UsuarioService();
usuario = usuarioService.Login(usuario);
if (usuario.Id == 0)
{
return(Unauthorized());
}
var token = new TokenJWTBuilder()
.AddSecurityKey(JwtSecurityKey.Create("Secret_Key-70707070"))
.AddSubject("Valid Ferreira")
.AddIssuer("Teste.Security.Bearer")
.AddAudience("Teste.Security.Bearer")
.AddClaim("UsuarioApiNumero", "1")
.AddExpiry(5)
.Builder();
CurrentUser currentUser = new CurrentUser(usuario, token);
return(Ok(currentUser));
}
public static void AddCustomAuthentication(this IServiceCollection services, IConfiguration configuration)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.AccessDeniedPath = "/";
options.LoginPath = "/";
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = configuration.GetSection("TokenAuthentication:Issuer").Value,
ValidAudience = configuration.GetSection("TokenAuthentication:Audience").Value,
IssuerSigningKey = JwtSecurityKey.Create(configuration.GetSection("TokenAuthentication:SecurityKey").Value)
};
options.Events = new JwtBearerEvents
{
OnAuthenticationFailed = context =>
{
Log.Error("Authentication Failed - {Message}", context.Exception.Message);
return(Task.CompletedTask);
},
OnTokenValidated = context =>
{
Log.Information("Token Validated - {SecurityToken}", context.SecurityToken);
return(Task.CompletedTask);
}
};
});
}
public async Task <IActionResult> Authenticate([FromBody] Login login)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var usr = await _userRepository.Authenticate(login.Email, login.Password);
if (usr != null)
{
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("token-login-expires"))
.AddSubject(login.Email)
.AddIssuer(Configuration.GetSection("Authentication:Issuer").Value)
.AddAudience(Configuration.GetSection("Authentication:Audience").Value)
.AddClaim(ClaimTypes.Role, UserTypeEnum.User.ToString())
.AddExpiry(Configuration.GetSection("Authentication:ExpireInMinutes").Value)
.Build();
var loginSuccess = new LoginSuccess()
{
AccessToken = token.Value,
AccessTokenExpiration = token.ValidTo,
Email = usr.Email,
Name = usr.Name,
RefreshToken = string.Empty //TODO: Implement Refresh Token
};
return(Ok(loginSuccess));
}
else
{
return(Unauthorized());
}
}
public IActionResult Login(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(BadRequest());
}
var user = m_UserRepository.GetByUserName(username);
if (user == null)
{
return(NotFound(ResponseFactory.CreateResponse("User Not Found")));
}
else
{
if (PasswordHelper.Compare(user.Password, password))
{
//TODO: move secret key to config
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("armut.sample.messaging.secret"))
.AddSubject(user.UserName)
.AddIssuer("Armut.Sample.Messaging")
.AddAudience("Armut.Sample.Messaging")
.AddClaim("Username", user.UserName)
.AddExpiry(10)
.Build();
m_Logger.LogInformation("User Logged in with Id: {0}", user.UserID);
return(Ok(token.Value));
}
else
{
m_Logger.LogInformation("Invalid Log in with Id: {0}", user.UserID);
return(Unauthorized());
}
}
}
public IActionResult Create([FromBody] LoginDTO inputModel)
{
string message = "";
UserData userInfo = ValidateUser(inputModel.NTUser, inputModel.Password, ref message);
if (userInfo == null)
{
return(Unauthorized());
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create())
.AddSubject(inputModel.NTUser)
.AddIssuer("All")
.AddAudience("Charly Core")
.AddClaim("title", userInfo.Title == null ? "" : userInfo.Title)
.AddClaim("name", userInfo.DisplayName == null ? "" : userInfo.DisplayName)
.AddClaim("Department", userInfo.Department == null ? "" : userInfo.Department)
.AddExpiry(60 * 24)
.Build();
return(Ok(token));
//return Ok(token.Value);
}
public void ConfigureServices(IServiceCollection services)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateLifetime = true,
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = JwtSecurityKey.Create()
};
services.AddDbContext <AppDbContext>(options =>
options.UseSqlite("DataSource=loja.db"));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(
options =>
{
options.TokenValidationParameters = tokenValidationParameters;
}
);
services.AddMvc();
}
public async Task <LoginDto> Handle(LoginCommand request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByNameAsync(request.Username);
if (!await _userManager.CheckPasswordAsync(user, request.Password))
{
throw new CheckPasswordException();
}
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create(_configuration["Jwt:SecretKey"]))
//.AddClaim("Fullname", user.PrikazIme)
.AddSubject(user.Email)
.AddIssuer(_configuration["Jwt:Issuer"])
.AddAudience(_configuration["Jwt:Audience"])
.AddClaim("Id", user.Id.ToString())
.Build();
return(new LoginDto
{
Username = user.UserName,
Token = token.Value
});
}
