Esempio n. 1
0
        public HttpResponseMessage Post([FromBody] LoginRequest login)
        {
            var loginResponse = new LoginResponse {
            };

            bool isUsernamePasswordValid = false;

            if (login != null)
            {
                try
                {
                    isUsernamePasswordValid = this.context.IsValid(login.Username, login.Password);
                }
                catch (Exception e)
                {
                    return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
                }
            }

            // if credentials are valid
            if (isUsernamePasswordValid)
            {
                var    tokenValidator = new TokenValidationHandler();
                string token          = tokenValidator.CreateToken(login.Username);
                //return the token
                return(Request.CreateResponse(HttpStatusCode.OK, token));
            }
            else
            {
                return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Tài khoản hoặc mật khẩu không đúng"));
            }
        }
Esempio n. 2
0
        public IHttpActionResult RefreshToken()
        {
            string refreshToken;

            TokenValidationHandler.TryRetrieveRefreshToken(Request, out refreshToken);

            if (string.IsNullOrWhiteSpace(refreshToken))
            {
                return(CreateErrorResponse("User unauthorized as no valid token found."));
            }

            try
            {
                var claimsPrincipal = TokenValidationHandler.GetPrincipal(refreshToken, LifetimeValidator) as ClaimsPrincipal;
                if (claimsPrincipal == null)
                {
                    throw new InvalidOperationException("Token vannot be validated. Failed to get User Principal");
                }

                var emailClaim = claimsPrincipal.Claims.FirstOrDefault(claim => claim.Type.Equals(ClaimTypes.Email));
                var email      = emailClaim?.Value;
                if (string.IsNullOrWhiteSpace(email))
                {
                    return(CreateErrorResponse("User unauthorized as no valid refresh token found."));
                }

                var user = _userService.GetUserByEmail(email);
                if (!user.RefreshToken.Equals(refreshToken))
                {
                    return(CreateErrorResponse("User unauthorized as no valid refresh token found."));
                }

                var newToken = Token.CreateNewToken(claimsPrincipal, Config.AuthTokenExpiryInMins);

                return(CreateResponse(new UserToken {
                    Authorization = newToken, Refresh = refreshToken
                }));
            }
            catch (SecurityTokenExpiredException tokenExpiredException)
            {
                return(CreateErrorResponse(
                           $"Refresh token validation error: {tokenExpiredException}",
                           tokenExpiredException,
                           HttpStatusCode.Unauthorized));
            }
            catch (SecurityTokenValidationException tokenValidationException)
            {
                return(CreateErrorResponse(
                           $"Refresh token validation error: {tokenValidationException.Message}",
                           tokenValidationException,
                           HttpStatusCode.Unauthorized));
            }
            catch (Exception exception)
            {
                return(CreateErrorResponse(
                           exception.Message,
                           exception,
                           HttpStatusCode.InternalServerError));
            }
        }
Esempio n. 3
0
 public HttpResponseMessage AuthSession(string sessionID)
 {
     try
     {
         var user = this.provider.CheckSession(sessionID);
         if (user != null)
         {
             var    tokenValidator = new TokenValidationHandler();
             string token          = tokenValidator.CreateToken(user.Username);
             var    loggerDB       = new LoggerCapabilityDB();
             loggerDB.Create(new SYS_Logger_Capability
             {
                 TacVu    = "Truy cập Quản lý tài khoản",
                 ThoiGian = DateTime.Now,
                 Username = user.Username
             });
             //return the token
             return(Request.CreateResponse(HttpStatusCode.OK, token));
         }
         else
         {
             return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Tài khoản hoặc mật khẩu không đúng"));
         }
     }
     catch (Exception e)
     {
         return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e.InnerException));
     }
 }
        public HttpResponseMessage GetFdoDetalladoPorNumero([FromUri] string numero)
        {
            var dataValue         = TokenValidationHandler.ReadToken(this.Request, "fdo_ues_id");
            var idUnidadEjecutora = Convert.ToInt64(dataValue);

            var bc     = FrenteObraComponent.Instance;
            var result = bc.FdoDetalladoPorNumero(numero, idUnidadEjecutora);

            return(result == null
                ? Request.CreateErrorResponse(HttpStatusCode.NotFound, "El Frente Obra no existe.")
                : Request.CreateResponse(HttpStatusCode.OK, result as IDictionary <string, object>));
        }
Esempio n. 5
0
        public HttpResponseMessage Authenticate([FromBody] LoginRequest login)
        {
            var loginResponse        = new LoginResponse {
            };
            SYS_Account loginRequest = new SYS_Account
            {
                Username = login.Username.ToLower(),
                Password = login.Password
            };

            SYS_Account dbAccount = null;

            if (login != null)
            {
                try
                {
                    dbAccount = provider.IsValid(loginRequest);
                }
                catch (Exception e)
                {
                    return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
                }
            }

            // if credentials are valid
            if (dbAccount != null)
            {
                var    tokenValidator = new TokenValidationHandler();
                string token          = tokenValidator.CreateToken(dbAccount.Username);
                var    loggerDB       = new LoggerCapabilityDB();

                loggerDB.Create(new SYS_Logger_Capability
                {
                    TacVu    = "Đăng nhập",
                    ThoiGian = DateTime.Now,
                    Username = dbAccount.Username
                });
                //return the token
                return(Request.CreateResponse(HttpStatusCode.OK, token));
            }
            else
            {
                return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Tài khoản hoặc mật khẩu không đúng"));
            }
        }
Esempio n. 6
0
        public ClaimsPrincipal GetClaim()
        {
            try
            {
                var token             = this.Context.QueryString["token"];
                var validationHandler = new TokenValidationHandler();
                var claims            = validationHandler.getClaimData(token);

                return(validationHandler.getClaimData(token));
            }
            catch (SecurityTokenValidationException)
            {
                return(null);
            }
            catch (Exception)
            {
                return(null);
            }
        }