public async Task RealizarLogin(UsuarioRespostaLogin resposta) { var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim> { new Claim("JWT", resposta.AccessToken), new Claim("RefreshToken", resposta.RefreshToken) }; claims.AddRange(token.Claims); var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddHours(8), IsPersistent = true }; await _authenticationService.SignInAsync( _user.ObterHttpContext(), CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task <UsuarioRespostaLogin> GerarJwt(string email) { var user = await _userManager.FindByEmailAsync(email); var claims = await _userManager.GetClaimsAsync(user); var userRoles = await _userManager.GetRolesAsync(user); string encodedToken = EncodeToken(user, claims, userRoles); var response = new UsuarioRespostaLogin { AccessToken = encodedToken, ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds, UserToken = new UsuarioToken { Id = user.Id, Email = user.Email, Claims = claims.Select(c => new UsuarioClaim { Type = c.Type, Value = c.Value }) } }; return(response); }
private async Task RealizarLogin(UsuarioRespostaLogin resposta) { // Obtendo token formatado em JwtSecurityToken var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim>(); claims.Add(new Claim("JWT", resposta.AccessToken)); // Armazenando token na claim em "JWT" claims.AddRange(token.Claims); // Adicionando minha lista de claims que venho formatada em outra lsita // Gera claims dentro do Cookie, em formatado de cookies var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); // Propriedades do cookie var authProperties = new AuthenticationProperties() { ExpiresUtc = DateTime.UtcNow.AddMinutes(60), // O Cookie expira depois de quantos minutos IsPersistent = true // Se é persistente }; // Logando await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, // Formato Cookie new ClaimsPrincipal(claimsIdentity), // Claims usuario authProperties // propriedades do cookie ); }
private async Task RealizarLogin(UsuarioRespostaLogin resposta) { var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim> { new Claim("JWT", resposta.AccessToken) }; claims.AddRange(token.Claims);// adicionado uma lista //claimsIdentity: var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true }; //pegar o cookie de autenticacao await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task RealizarLogin(UsuarioRespostaLogin usuarioRespostaLogin) { // Install-Package Microsoft.AspNetCore.Authentication.JwtBearer -Version 3.1.10 var token = ObterTokenFormatado(usuarioRespostaLogin.AccessToken); var claims = new List <Claim> { new Claim("JWT", usuarioRespostaLogin.AccessToken) }; claims.AddRange(token.Claims); var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true }; await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task RealizarLogin(UsuarioRespostaLogin resposta) { var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim>(); claims.Add(new Claim(type: "JWT", value: resposta.AccessToken)); claims.AddRange(token.Claims); // e necessario este novo objeto pq precisamos dos claims no schema correto para armazenamento em um cookie var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true // cookie vai ser mantido por varios requests, respeitando a expiracao acima }; // SignInAsync e um metodo do proprio .NET Core (Microsoft.AspNetCore.Authentication) - nao esta associado ao Identity diretamente await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties ); }
private async Task <UsuarioRespostaLogin> GerarJwt(string email) { var user = await _userManager.FindByEmailAsync(email); var claims = await _userManager.GetClaimsAsync(user); var userRoles = await _userManager.GetRolesAsync(user); claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id)); claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}")); claims.Add(new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}")); foreach (var userRole in userRoles) { claims.Add(new Claim("role", userRole)); } var identityClaims = new ClaimsIdentity(); identityClaims.AddClaims(claims); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var token = tokenHandler.CreateToken(new SecurityTokenDescriptor { Issuer = _appSettings.Emissor, Audience = _appSettings.ValidoEm, Subject = identityClaims, Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }); var encodedToken = tokenHandler.WriteToken(token); var refreshToken = await GerarRefreshToken(email); var response = new UsuarioRespostaLogin { AccessToken = encodedToken, RefreshToken = refreshToken.Token, ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds, UsuarioToken = new UsuarioToken { Id = user.Id, Email = user.Email, Claims = claims.Select(c => new UsuarioClaim { Type = c.Type, Value = c.Value }) } }; return(response); }
private async Task RealizarLogin(UsuarioRespostaLogin respostaLogin) { var token = ObterTokenFomatado(respostaLogin.AccessToken); var claims = new List <Claim>(); claims.Add(new Claim("JWT", respostaLogin.AccessToken)); claims.AddRange(token.Claims); var identityClain = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authPropertis = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identityClain), authPropertis); }
private UsuarioRespostaLogin ObterRespostaToken(string encodedToken, IdentityUser user, IEnumerable <Claim> claims) { var response = new UsuarioRespostaLogin { AccessToken = encodedToken, ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds, UsuarioToken = new UsuarioToken { Id = user.Id, Email = user.Email, Claims = claims.Select(x => new UsuarioClaim { Type = x.Type, Value = x.Value }) } }; return(response); }
public async Task <IActionResult> Login(UsuarioLogin usuarioLogin) { if (!ModelState.IsValid) { return(View(usuarioLogin)); } UsuarioRespostaLogin resposta = await _autenticacaoService.Login(usuarioLogin); if (ResponsePossuiErros(resposta.ResponseResult)) { return(View(usuarioLogin)); } await RealizarLogin(resposta); return(RedirectToAction("Index", "Home")); }
private async Task RealizarLogin(UsuarioRespostaLogin resposta) { var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim> { new Claim("JWT", resposta.AccessToken) }; claims.AddRange(token.Claims); var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(resposta.ExpiresIn), IsPersistent = true //vai durar vários requests }; await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task RealizarLogin(UsuarioRespostaLogin respostaLogin) { JwtSecurityToken token = ObterTokenFormatado(respostaLogin.AccessToken); List <Claim> claims = new List <Claim> { new Claim("JWT", respostaLogin.AccessToken) }; claims.AddRange(token.Claims); ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); AuthenticationProperties authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task RealizarLogin(UsuarioRespostaLogin resposta) { var token = ObterTokenFormatado(resposta.AccessToken); var claims = new List <Claim>(); claims.Add(new Claim("JWT", resposta.AccessToken)); claims.AddRange(token.Claims); var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true }; ///<summary> ///Configura que o HttpContext vai trabalhar no esquema de autenticação de usuários utilizando Cookies. ///</summary> await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); }
private async Task <UsuarioRespostaLogin> GerarJwt2(string email) { /*Método GerarJwt acima refatorado*/ //recuperando dados do user identity para colocar no token var user = await _userManager.FindByEmailAsync(email); var claims = await _userManager.GetClaimsAsync(user); var userRoles = await _userManager.GetRolesAsync(user); //add em uma lista de clamis claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id)); claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64)); //add como claim cada um das roles foreach (var userRole in userRoles) { claims.Add(new Claim("role", userRole)); } //add dentro do IdentityClaims var identityClaims = new ClaimsIdentity(); identityClaims.AddClaims(claims); //passando dados para o token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var token = tokenHandler.CreateToken(new SecurityTokenDescriptor { Issuer = _appSettings.Emissor, Audience = _appSettings.ValidoEm, Subject = identityClaims, //dados do usuário fornecido acima Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }); //gera token codificado com base na key var encodedToken = tokenHandler.WriteToken(token); //preparando o dados para o response var response = new UsuarioRespostaLogin { AccessToken = encodedToken, ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds, UsuarioToken = new UsuarioToken { Id = user.Id, Email = user.Email, Claims = claims.Select(c => new UsuarioClaim { Type = c.Type, Value = c.Value }) } }; //response return(response); }
private async Task <UsuarioRespostaLogin> GerarJwt(string email) { var user = await _userManager.FindByEmailAsync(email); var claims = await _userManager.GetClaimsAsync(user); var userRoles = await _userManager.GetRolesAsync(user); claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id)); claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); // O Nbf é sobre quando o token vai expirar; claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString())); // O Iat é sobre quando o token foi emitido; claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64)); foreach (var userRole in userRoles) { // Uma Role é um papel; // Uma Claim é um dado aberto, ele pode representar tanto uma permissão // quanto um dado do usuário; Só que como Claims e Roles são diferentes, mas // ao mesmo tempo você vê da mesma forma, eu estou adicionado as roles como claim, // apesar do Identity ver diferença, estamos tratanto tudo da mesma forma; claims.Add(new Claim("role", userRole)); } // O ClaimsIdentity é o objeto real, da coleção de Claims que aquele usuário vai ter na representação dele; var identityClaims = new ClaimsIdentity(); identityClaims.AddClaims(claims); // Esse JwtSecurityTokenHandler ele vai pegar com base na chave que temos, e gerar o nosso token; var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var token = tokenHandler.CreateToken(new SecurityTokenDescriptor { Issuer = _appSettings.Emissor, Audience = _appSettings.ValidoEm, Subject = identityClaims, Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }); var encodedToken = tokenHandler.WriteToken(token); var response = new UsuarioRespostaLogin { AccessToken = encodedToken, ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds, UsuarioToken = new UsuarioToken { Id = user.Id, Email = user.Email, Claims = claims.Select(c => new UsuarioClaim { Type = c.Type, Value = c.Value }) } }; return(response); }