public string Refresh(string referenceCode, string expiredToken) { string claimId = _dataProtectionService.Unprotect(referenceCode); string token = _memoryCache.GetString(claimId); if (!string.IsNullOrEmpty(token)) { DateTime expire = DateTime.UtcNow.AddHours(HOURS_TO_EXPIRE); JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(token); ICollection <Claim> clonedClaims = jwtSecurityToken.Claims.Where(x => x.Type != JwtRegisteredClaimNames.Exp).ToList(); clonedClaims.Add(new Claim(JwtRegisteredClaimNames.Exp, ToUnixDate(expire).ToString())); JwtSecurityToken newToken = new JwtSecurityToken( issuer: _jwtConfiguration.Issuer, audience: _jwtConfiguration.Issuer, claims: clonedClaims, signingCredentials: _jwtConfiguration.SigningCredentials); string encodedJwt = new JwtSecurityTokenHandler().WriteToken(newToken); //Save to cache. TODO: persist? DistributedCacheEntryOptions cacheEntryOptions = new DistributedCacheEntryOptions().SetAbsoluteExpiration(expire.AddMinutes(10)); _memoryCache.Set(claimId, Encoding.UTF8.GetBytes(encodedJwt), cacheEntryOptions); return(encodedJwt); } return(null); }
/// <summary> /// Converts the XML document which contains a version 2 config, to a version 3 config. /// </summary> /// <param name="root">Root node of the XML document.</param> protected virtual void UpdateSettingsFrom2To3(XElement root) { XElement cloudStorageAcount = root.Element("cloud_storage_account"); if (cloudStorageAcount != null) { XElement cloudStorageCredentialsElement = new XElement("cloud_storage_credentials"); XElement cloudTypeElement = cloudStorageAcount.Element("cloud_type"); if (cloudTypeElement != null) { cloudStorageCredentialsElement.Add(new XElement("cloud_storage_id", cloudTypeElement.Value.ToLowerInvariant())); } XElement userElement = cloudStorageAcount.Element("username"); if (userElement != null) { cloudStorageCredentialsElement.Add(new XElement("username", EncryptProperty(userElement.Value))); } XElement passwordElement = cloudStorageAcount.Element("protected_password"); if (passwordElement != null) { byte[] passwordBytes = _dataProtectionService.Unprotect(passwordElement.Value); SecureString password = SecureStringExtensions.BytesToSecureString(passwordBytes, Encoding.Unicode); cloudStorageCredentialsElement.Add(new XElement("password", EncryptProperty(password.SecureStringToString()))); } XElement urlElement = cloudStorageAcount.Element("url"); if (urlElement != null) { cloudStorageCredentialsElement.Add(new XElement("url", urlElement.Value)); } XElement accessTokenElement = cloudStorageAcount.Element("oauth_access_token"); if (accessTokenElement != null) { cloudStorageCredentialsElement.Add(new XElement("access_token", EncryptProperty(accessTokenElement.Value))); } root.AddFirst(cloudStorageCredentialsElement); } }
public IActionResult LogOut(string ReferenceCode, string IdpName) { return(ActionHelper.TryCatchWithLoggerGeneric <IActionResult>(() => { if (string.IsNullOrEmpty(ReferenceCode)) { _logger.LogWarning("LogOut -> parameter reference code is null"); return BadRequest(); } string idpUrl = _idpHelper.GetSingleLogoutUrl(IdpName); if (string.IsNullOrEmpty(idpUrl)) { throw new Exception(string.Concat("Auth -> idp url not found for idp ", idpUrl)); } string token = _tokenService.Find(_dataProtectionService.Unprotect(ReferenceCode)); string idpReferenceId = string.Empty; if (!string.IsNullOrEmpty(token)) { JwtSecurityToken jwtToken = new JwtSecurityTokenHandler().ReadJwtToken(token); idpReferenceId = jwtToken.Claims.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.NameId)?.Value; } _tokenService.Remove(ReferenceCode); _sessionAuthLogger.LogInformation("Disconnessione effettuata correttamente dall' utente {0}", idpReferenceId); ViewData["FormUrlAction"] = idpUrl; if (_spidConfiguration.IdpType == Model.IDP.IdpType.FedERa) { ViewData["SPID"] = _spidConfiguration.SPDomain; ViewData["SPURL"] = _spidConfiguration.LogoutCallback; _traceLogger.LogInformation("LogoutReq_SPID: {0}|LogoutReq_SPURL: {1}", _spidConfiguration.SPDomain, _spidConfiguration.LogoutCallback); return View("LogOutFedera"); } SamlRequestOption samlRequestOption = _requestOptionFactory.GenerateLogoutRequestOption(IdpName); if (samlRequestOption == null) { throw new Exception("Auth -> error on generate saml model option"); } string samlrequest = _authRequest.PostableLogOutRequest(samlRequestOption, _spidConfiguration.CertificatePrivateKey); ClearCookies(); this.SetCookie("SpidLogoutRequestId", samlRequestOption.Id.ToString(), 20); ViewData["RelayState"] = Guid.NewGuid(); ViewData["SAMLRequest"] = samlrequest; return View("LogOutSPID"); }, _logger)); }