private object CreateToken(SigningConfig signConfig, TokenConfig tokenConfig, Operator operador) { var identity = new ClaimsIdentity(AuthExts.ToClaims(operador), tokenConfig.Type); var createdAt = DateTime.UtcNow; var expires = createdAt + TimeSpan.FromHours(tokenConfig.Hours); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfig.Issuer, Audience = tokenConfig.Audience, SigningCredentials = signConfig.SigningCredentials, Subject = identity, NotBefore = createdAt, Expires = expires }); var token = handler.WriteToken(securityToken); return(new { accessToken = token, expiresIn = expires, user = new { id = operador.Id, name = operador.Name, email = operador.Email, type = operador.Type.ToString().ToLower() } }); }
public async Task <IActionResult> Login([FromBody] LoginViewModel login, [FromServices] SigningConfig signingConfigs, [FromServices] TokenConfig tokenConfigs) { if (login == null) { NotificaErro("Login", "LoginViewModel null"); return(Response(null)); } ; var loginResponse = await _usuarioService.Login(login.UserName, login.Senha); if (!loginResponse) { return(Response(null)); } var usuario = await _usuarioService.TrazerPorUserName(login.UserName); if (usuario == null) { NotificaErro("Login", "Usuario não encontrado"); return(Response(null)); } var genericIdentity = new GenericIdentity(usuario.UserName, usuario.UserName); var claimList = new List <Claim> { new Claim("UserId", usuario.Id), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, usuario.UserName) }; ClaimsIdentity identity = new ClaimsIdentity(genericIdentity, claimList); DateTime dataCriacao = DateTime.Now; DateTime dataExpiracao = dataCriacao + new TimeSpan(24, 0, 0);//TimeSpan.FromSeconds(tokenConfigs.Seconds); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfigs.Issuer, Audience = tokenConfigs.Audience, SigningCredentials = signingConfigs.SigningCredentials, Subject = identity, NotBefore = dataCriacao, Expires = dataExpiracao }); var token = handler.WriteToken(securityToken); var response = new { created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"), expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"), accessToken = token }; return(Response(response)); }
private void SetupMocks() { _tokenOptions = new Mock <IOptions <TokenOptions> >(); _tokenOptions.Setup(to => to.Value).Returns(new TokenOptions { Audience = "Testing", Issuer = "Testing", AccessTokenExpiration = 30, RefreshTokenExpiration = 60 }); _signingConfigurations = new SigningConfig(_testKey); _user = new User { Id = 1, FirstName = "Aluwani", LastName = "Mathode", Email = "*****@*****.**", PasswordHash = "123", Roles = new Collection <UserRole> { new UserRole { Role = new Role { Id = 1, Name = ApplicationRolesEnum.Common.ToString() } } } }; }
public LoginAppService(IToken token, IUserService userService, SigningConfig signingConfig, TokenConfig tokenConfig) { _token = token; _userService = userService; _signingConfig = signingConfig; _tokenConfig = tokenConfig; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers(); services.AddScoped <UsuariosRepository>(); services.AddScoped <PromotoriasRepository>(); services.AddScoped <OpnioesRepository>(); services.AddScoped <CidadaosRepository>(); services.AddScoped <PromotoresRepository>(); services.AddScoped <AtendimentosRepository>(); services.AddScoped <SituacaoRepository>(); // Configurando o JWT #region Jwt var signingConfigurations = new SigningConfig(); services.AddSingleton(signingConfigurations); var tokenConfigurations = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>( Configuration.GetSection("TokenConfigurations")) .Configure(tokenConfigurations); services.AddSingleton(tokenConfigurations); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfigurations.Key; paramsValidation.ValidAudience = tokenConfigurations.Audience; paramsValidation.ValidIssuer = tokenConfigurations.Issuer; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; paramsValidation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); #endregion // Configurando o serviço de documentação do Swagger services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Title = "MPSP WEB API", Version = "v1" }); }); }
public AuthService( IUserRepository userRepository, SigningConfig signingConfig, TokenConfig tokenConfig ) { _userRepository = userRepository; _signingConfig = signingConfig; _tokenConfig = tokenConfig; }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Version_2_2) .AddFluentValidation(fv => { fv.RunDefaultMvcValidationAfterFluentValidationExecutes = false; fv.ImplicitlyValidateChildProperties = true; }); var signingConfig = new SigningConfig(); services.AddSingleton(signingConfig); var tokenConfig = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>(Configuration.GetSection("TokenConfig")) .Configure(tokenConfig); services.AddSingleton(tokenConfig); BootStrapper.Register(services); services.AddAuthentication(o => { o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.RequireHttpsMetadata = true; options.SaveToken = true; options.TokenValidationParameters = new TokenValidationParameters { ValidateLifetime = true, ValidateIssuer = true, ValidateAudience = true, ValidateIssuerSigningKey = true, ValidIssuer = tokenConfig.Issuer, ValidAudience = tokenConfig.Audience, IssuerSigningKey = signingConfig.Key, ClockSkew = TimeSpan.Zero }; }); services.AddAuthorization(auth => { auth.AddPolicy( "Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build() ); }); }
public UserService(UserManager <User> userManager, SignInManager <User> signInManager, SigningConfig signingConfig, JwtConfig jwtConfig, MSFIdentityDbContext context) { _userManager = userManager; _signInManager = signInManager; _signingConfig = signingConfig; _jwtConfig = jwtConfig; _context = context; configuration = ConfigurationFactory.GetConfiguration(); }
public void ConfigureServices(IServiceCollection services) { #region Auth Config var signingConfigurations = new SigningConfig(); services.AddSingleton(signingConfigurations); var tokenConfig = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>(Configuration.GetSection("TokenConfigurations")) .Configure(tokenConfig); services.AddSingleton(tokenConfig); services .AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var paramsValidation = options.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfigurations.Key; paramsValidation.ValidAudience = tokenConfig.Audience; paramsValidation.ValidIssuer = tokenConfig.Issuer; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; paramsValidation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(auth => { var jwtAuth = new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build(); auth.AddPolicy("JwtBearer", jwtAuth); auth.DefaultPolicy = jwtAuth; }); #endregion services.AddDbContext <TaskTopContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"))); services.AddAutoMapper(config => Mapping.Initialize(config)); services.AddMvc(opt => opt.CoreMvc()) .AddJsonOptions(opt => opt.CoreJson()) .SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddCors(); }
public static void SessionSetupResponse( ModelSmb2Status status, SigningModelSessionId sessionId, SigningFlagType signingFlagType, SessionFlags_Values sessionFlag, SigningConfig c) { Condition.IsTrue(State == ModelState.Connected); Condition.IsTrue(Config.IsServerSigningRequired == c.IsServerSigningRequired); SigningModelRequest sessionSetupRequest = ModelHelper.RetrieveOutstandingRequest <SigningModelRequest>(ref Request); if (!VerifySignature(status, sessionSetupRequest)) { State = ModelState.Uninitialized; return; } if (sessionSetupRequest.signingFlagType == SigningFlagType.SignedFlagSet || (!sessionFlag.HasFlag(SessionFlags_Values.SESSION_FLAG_IS_GUEST) && !Session_IsAnonymous && (Connection_ShouldSign || c.IsServerSigningRequired))) { ModelHelper.Log(LogType.Requirement, "3.3.5.5.3: 5. Session.SigningRequired MUST be set to TRUE under the following conditions:"); ModelHelper.Log(LogType.Requirement, "\tIf the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is set in the SecurityMode field of the client request."); ModelHelper.Log(LogType.Requirement, "\tIf the SMB2_SESSION_FLAG_IS_GUEST bit is not set in the SessionFlags field " + "and Session.IsAnonymous is FALSE and either Connection.ShouldSign or global RequireMessageSigning is TRUE."); ModelHelper.Log(LogType.TestInfo, "SMB2_NEGOTIATE_SIGNING_REQUIRED is {0}set.", sessionSetupRequest.signingFlagType == SigningFlagType.SignedFlagSet ? "" : "not "); ModelHelper.Log(LogType.TestInfo, "SMB2_SESSION_FLAG_IS_GUEST bit is {0}set.", sessionFlag.HasFlag(SessionFlags_Values.SESSION_FLAG_IS_GUEST) ? "" : "not "); ModelHelper.Log(LogType.TestInfo, "Session.IsAnonymous is {0}.", Session_IsAnonymous); ModelHelper.Log(LogType.TestInfo, "Connection.ShouldSign is {0}.", Connection_ShouldSign); ModelHelper.Log(LogType.TestInfo, "Global RequireMessageSigning is {0}.", c.IsServerSigningRequired); ModelHelper.Log(LogType.TestInfo, "So Session.SigningRequired is set to TRUE."); Session_SigningRequired = true; } VerifyResponseShouldSign(status, sessionSetupRequest, sessionId, signingFlagType); Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS); Session_IsExisted = true; }
public static IServiceCollection AddApplicationDependencies(this IServiceCollection services, IConfiguration configuration) { services.AddDbContext <ApplicationDbContext>(options => options.UseSqlServer(configuration.GetConnectionString("DefaultConnection"), b => b.MigrationsAssembly("Subscription.Data"))); //services.AddIdentity<User, Role>() //.AddEntityFrameworkStores<ApplicationDbContext>() //.AddDefaultTokenProviders(); services.AddIdentity <User, Role>() .AddUserStore <UserStore <User, Role, ApplicationDbContext, int, IdentityUserClaim <int>, UserRole, IdentityUserLogin <int>, IdentityUserToken <int>, IdentityRoleClaim <int> > >() .AddRoleStore <RoleStore <Role, ApplicationDbContext, int, UserRole, IdentityRoleClaim <int> > >() .AddDefaultTokenProviders(); services.AddScoped <IExceptionService, ExceptionService>(); services.AddScoped <IUnitOfWork, UnitOfWork>(); services.AddScoped <IAuthenticationService, AuthenticationService>(); services.AddScoped <ISubscriptionTypeService, SubscriptionTypeService>(); services.AddScoped <IBookService, BookService>(); services.AddScoped <IUserService, UserService>(); services.AddSingleton <ITokenHandler, Data.Security.Tokens.TokenHandler>(); services.Configure <Subscription.Data.Security.Tokens.TokenOptions>(configuration.GetSection("TokenOptions")); var tokenOptions = configuration.GetSection("TokenOptions").Get <Subscription.Data.Security.Tokens.TokenOptions>(); var signingConfigurations = new SigningConfig(tokenOptions.Secret); services.AddSingleton(signingConfigurations); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(jwtBearerOptions => { jwtBearerOptions.TokenValidationParameters = new TokenValidationParameters() { ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = tokenOptions.Issuer, ValidAudience = tokenOptions.Audience, IssuerSigningKey = signingConfigurations.SecurityKey, ClockSkew = TimeSpan.Zero }; }); return(services); }
public static void ReadConfigReturn(SigningConfig c) { Condition.IsTrue(State == ModelState.Uninitialized); Condition.IsNotNull(c); NegotiateDialect = DialectRevision.Smb2Unknown; Condition.IsTrue(c.MaxSmbVersionSupported == ModelDialectRevision.Smb2002 || c.MaxSmbVersionSupported == ModelDialectRevision.Smb21 || c.MaxSmbVersionSupported == ModelDialectRevision.Smb30 || c.MaxSmbVersionSupported == ModelDialectRevision.Smb302); Config = c; Request = null; State = ModelState.Initialized; }
public TokenModel Token(LoginModel user, SigningConfig signingConfigurations , TokenConfig tokenConfigurations) { try { ClaimsIdentity identity = new ClaimsIdentity( new GenericIdentity(user.Id.ToString(), "Login"), new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, user.Id.ToString()), } ); DateTime CreatedDate = DateTime.Now; DateTime ExpiredDate = CreatedDate + TimeSpan.FromMinutes(tokenConfigurations.Minutes); IdentityModelEventSource.ShowPII = true; var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfigurations.Issuer, Audience = tokenConfigurations.Audience, SigningCredentials = signingConfigurations.SigningCredentials, Subject = identity, NotBefore = CreatedDate, Expires = ExpiredDate }); var token = handler.WriteToken(securityToken); return(new TokenModel() { Authenticated = true, Created = CreatedDate.ToString("yyyy-MM-dd HH:mm:ss"), Expiration = ExpiredDate.ToString("yyyy-MM-dd HH:mm:ss"), AccessToken = token }); } catch { return(new TokenModel { Authenticated = false }); } }
private void ConfigureAuthentication(IServiceCollection services) { services.AddMvcCore().AddJsonOptions(opcoes => { opcoes.JsonSerializerOptions.IgnoreNullValues = true; }); var signingConfigurations = new SigningConfig(); services.AddSingleton(signingConfigurations); var tokenConfigurations = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>( Configuration.GetSection("TokenConfigurations")) .Configure(tokenConfigurations); services.AddSingleton(tokenConfigurations); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfigurations.Key; paramsValidation.ValidAudience = tokenConfigurations.Audience; paramsValidation.ValidIssuer = tokenConfigurations.Issuer; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; paramsValidation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); }
public async Task <IActionResult> Login( [FromBody] LoginRequest request, [FromServices] SigningConfig signConfig, [FromServices] TokenConfig tokenConfig) { var invalidExn = new ValidationExn("Nome de usuário ou senha está incorreto."); var username = request.username.ToTrim(); var usuarioSalt = await DbContext.Usuario .Where(u => u.Login == username) .Select(u => u.Chave) .SingleOrDefaultAsync(); if (usuarioSalt == null) { throw invalidExn; } var pass = Auth.GetPassword(request.password, usuarioSalt); var usuario = await DbContext.Usuario .Where(u => u.Login == username && u.Senha == pass) .Select(u => new Operator { Id = u.Id, Name = u.Nome, Email = u.Email, Type = (UserType)u.Tipo }) .SingleOrDefaultAsync(); if (usuario == null) { throw invalidExn; } return(Ok(CreateToken(signConfig, tokenConfig, usuario))); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddCors(); services.AddDbContext <RSApiContext>( opt => opt.UseNpgsql( Configuration.GetConnectionString("conexaoPostgreSQL") )); var signingConfig = new SigningConfig(); services.AddSingleton(signingConfig); var tokenConfig = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>(Configuration.GetSection("TokenConfigs")).Configure(tokenConfig); services.AddSingleton(tokenConfig); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfig.key; paramsValidation.ValidAudience = tokenConfig.audience; paramsValidation.ValidIssuer = tokenConfig.issuer; // Validade a assinatura do token paramsValidation.ValidateIssuerSigningKey = true; // Verifica validade do token paramsValidation.ValidateLifetime = true; services.AddAuthorization(auth => { auth.AddPolicy( "Bearer", new Microsoft.AspNetCore.Authorization.AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build() ); }); }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); // services.AddSwaggerGen(c => // { // c.SwaggerDoc("v1", new OpenApiInfo { Title = "Reports System - IMD/UFRN", Version = "v1" }); // }); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = "Sistema de Relatórios - IMD/UFRN", Version = "v1" }); var security = new Dictionary <string, IEnumerable <string> > { { "Bearer", new string[] { } }, }; c.AddSecurityDefinition("Bearer", new ApiKeyScheme { Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"", Name = "Authorization", In = "header", Type = "apiKey" }); c.AddSecurityRequirement(security); }); }
public TokenHandler(IOptions <TokenOptions> tokenOptionsSnapshot, SigningConfig signingConfigurations) { _tokenOptions = tokenOptionsSnapshot.Value; _signingConfigurations = signingConfigurations; }
public void ConfigureServices(IServiceCollection services) { ConfigureInjection.Database(services); ConfigureInjection.Services(services); ConfigureInjection.Repositories(services); var tokenConfig = Configuration.GetSection("TokenConfig").Get <TokenConfig>(); var signingConfig = new SigningConfig(tokenConfig); services.AddSingleton(tokenConfig); services.AddSingleton(signingConfig); services .AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var validation = options.TokenValidationParameters; validation.IssuerSigningKey = signingConfig.Key; validation.ValidAudience = tokenConfig.Audience; validation.ValidIssuer = tokenConfig.Issuer; validation.ValidateIssuerSigningKey = true; validation.ValidateLifetime = true; validation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(options => { options.DefaultPolicy = new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build(); }); services.AddMvcCore() .AddJsonOptions(options => { options.JsonSerializerOptions.IgnoreNullValues = true; }) .ConfigureApiBehaviorOptions( options => options.InvalidModelStateResponseFactory = ctx => { var errors = ctx.ModelState.Values .SelectMany(v => v.Errors) .Select(e => e.ErrorMessage); var result = new Result(EStatus.Invalid, errors); return(new BadRequestObjectResult(result)); } ); services.AddControllers(); services.AddSwaggerGen(options => { options.SwaggerDoc("v1", new OpenApiInfo { Version = "v1", Title = "Identity Server API", Description = "Identity Server", Contact = new OpenApiContact { Name = "Paulo Ricardo Busch", Email = "*****@*****.**", Url = new Uri("https://www.dynsoftware.net") } }); }); }
public object Post( [FromBody] Usuarios usuario, [FromServices] SigningConfig signingConfigurations, [FromServices] TokenConfig tokenConfigurations) { Usuarios usuarioBase = null; if (usuario != null && !String.IsNullOrWhiteSpace(usuario.Login)) { //Seleciona o usuário usuarioBase = _usuarioRepository.LoginUsuario(usuario); } if (usuarioBase != null) { ClaimsIdentity identity = new ClaimsIdentity( new GenericIdentity(usuario.Login, "Login"), new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, usuario.Login) } ); DateTime dataCriacao = DateTime.Now; DateTime dataExpiracao = dataCriacao + TimeSpan.FromSeconds(tokenConfigurations.Seconds); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfigurations.Issuer, Audience = tokenConfigurations.Audience, SigningCredentials = signingConfigurations.SigningCredentials, Subject = identity, NotBefore = dataCriacao, Expires = dataExpiracao }); var token = handler.WriteToken(securityToken); return(new { authenticated = true, criado = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"), expiracao = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"), accessToken = token, message = "OK", UserID = usuarioBase.ID, UserName = usuarioBase.Nome, Login = usuarioBase.Login, }); } else { return(new { authenticated = false, message = "Falha ao autenticar" }); } }
public object Post( [FromBody] Usuario usuario, [FromServices] SigningConfig signingConfigurations, [FromServices] TokenConfig tokenConfigurations) { bool credenciaisValidas = false; if (usuario != null && !String.IsNullOrWhiteSpace(usuario.login)) { try { var usuarioBase = _context.Usuarios.Where(u => u.login == usuario.login).First(); credenciaisValidas = (usuarioBase != null && usuario.login == usuarioBase.login && usuario.senha == usuarioBase.senha); } catch { return(new { authenticated = false, message = "Falha na autenticação! Usuário não encontrado " }); } } if (credenciaisValidas) { ClaimsIdentity identity = new ClaimsIdentity( new GenericIdentity(usuario.login, "Login"), new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, usuario.login) } ); DateTime dataCriacao = DateTime.Now; DateTime dataExpiracao = dataCriacao + TimeSpan.FromSeconds(tokenConfigurations.seconds); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfigurations.issuer, Audience = tokenConfigurations.audience, SigningCredentials = signingConfigurations.signingCredentials, Subject = identity, NotBefore = dataCriacao, Expires = dataExpiracao }); var usuarioBase = _context.Usuarios.Where(u => u.login == usuario.login).First(); var token = handler.WriteToken(securityToken); return(new { authenticated = true, user = new NewClass(usuarioBase.nome, usuarioBase.login, usuarioBase.id, usuarioBase.idPerfil), created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"), expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"), accessToken = token, message = "Login Realizado com Sucesso!" }); } else { return(new { authenticated = false, message = "Falha na auteticação! Senha incorreta ou usuário não informado." }); } }
public static void NegotiateResponse(ModelSmb2Status status, SigningEnabledType signingEnabledType, SigningRequiredType signingRequiredType, SigningConfig c) { Condition.IsTrue(State == ModelState.Connected); SigningModelRequest negotiateRequest = ModelHelper.RetrieveOutstandingRequest <SigningModelRequest>(ref Request); if (negotiateRequest.signingFlagType == SigningFlagType.SignedFlagSet) { ModelHelper.Log(LogType.Requirement, "3.3.5.2.4: If the SMB2 Header of the SMB2 NEGOTIATE request has the SMB2_FLAGS_SIGNED bit set in the Flags field, " + "the server MUST fail the request with STATUS_INVALID_PARAMETER."); ModelHelper.Log(LogType.TestInfo, "SMB2_FLAGS_SIGNED bit in the NEGOTIATE request is set."); ModelHelper.Log(LogType.TestTag, TestTag.UnexpectedFields); Condition.IsTrue(status == ModelSmb2Status.STATUS_INVALID_PARAMETER); State = ModelState.Uninitialized; return; } if (negotiateRequest.signingRequiredType == SigningRequiredType.SigningRequiredSet) { ModelHelper.Log(LogType.Requirement, "3.3.5.4: If SMB2_NEGOTIATE_SIGNING_REQUIRED is set in SecurityMode, the server MUST set Connection.ShouldSign to TRUE."); ModelHelper.Log(LogType.TestInfo, "Connection.ShouldSign is set to TRUE."); Connection_ShouldSign = true; } ModelHelper.Log(LogType.Requirement, "3.3.5.4: SecurityMode MUST have the SMB2_NEGOTIATE_SIGNING_ENABLED bit set."); Condition.IsTrue(signingEnabledType == SigningEnabledType.SigningEnabledSet); Condition.IsTrue(Config.IsServerSigningRequired == c.IsServerSigningRequired); if (Config.IsServerSigningRequired) { ModelHelper.Log(LogType.Requirement, "3.3.5.4: If RequireMessageSigning is TRUE, the server MUST also set SMB2_NEGOTIATE_SIGNING_REQUIRED in the SecurityMode field."); ModelHelper.Log(LogType.TestInfo, "RequireMessageSigning is TRUE."); Condition.IsTrue(signingRequiredType == SigningRequiredType.SigningRequiredSet); } Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS); }
public Token(SigningConfig signingConfig, TokenConfig tokenConfig) { _signingConfig = signingConfig; _tokenConfig = tokenConfig; }
public void ConfigureServices(IServiceCollection services) { services.AddDbContext <IMSFDbContext, MSFDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("MSF_DEV"))); services.AddDbContext <MSFIdentityDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("MSF_DEV"))); services.AddIdentity <User, Role>(options => { options.Password.RequireDigit = false; options.Password.RequiredLength = 5; options.Password.RequireNonAlphanumeric = false; options.Password.RequireUppercase = false; options.Password.RequireLowercase = false; }) .AddEntityFrameworkStores <MSFIdentityDbContext>() .AddDefaultTokenProviders(); services.AddTransient <IUnitOfWork, UnitOfWork>(); services.AddTransient <IUserService, UserService>(); services.AddTransient <IRoleService, RoleService>(); services.AddTransient <ICategoryService, CategoryService>(); services.AddTransient <IProviderService, ProviderService>(); services.AddTransient <IStateService, StateService>(); services.AddTransient <IShopService, ShopService>(); services.AddTransient <IWorkCenterService, WorkCenterService>(); services.AddTransient <IWorkCenterControlService, WorkCenterControlService>(); services.AddTransient <IProductService, ProductService>(); services.AddTransient <IStockService, StockService>(); services.AddTransient <IOperationService, OperationService>(); var signingConfig = new SigningConfig(); services.AddSingleton(signingConfig); var jwtConfig = new JwtConfig(); new ConfigureFromConfigurationOptions <JwtConfig>( Configuration.GetSection("JwtConfig") ).Configure(jwtConfig); services.AddSingleton(jwtConfig); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidAudience = jwtConfig.Audience, ValidIssuer = jwtConfig.Issuer, IssuerSigningKey = signingConfig.Key, ClockSkew = TimeSpan.Zero }; }); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); services.AddCors(); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.ConfigureProblemDetailsModelState(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { #region Security var signingConfigurations = new SigningConfig(); services.AddSingleton(signingConfigurations); var tokenConfig = new TokenConfig(); new ConfigureFromConfigurationOptions <TokenConfig>( Configuration.GetSection("TokenConfigurations")) .Configure(tokenConfig); services.AddSingleton(tokenConfig); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfigurations.Key; paramsValidation.ValidAudience = tokenConfig.Audience; paramsValidation.ValidIssuer = tokenConfig.Issuer; // Validates the signing of a received token paramsValidation.ValidateIssuerSigningKey = true; // Checks if a received token is still valid paramsValidation.ValidateLifetime = true; // Tolerance time for the expiration of a token (used in case // of time synchronization problems between different // computers involved in the communication process) paramsValidation.ClockSkew = TimeSpan.Zero; }); // Enables the use of the token as a means of // authorizing access to this project's resources services.AddAuthorization(auth => { auth.AddPolicy(AuthorizationNameOptions.Bearer, new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); #endregion Security #region CORS services.AddCors(o => o.AddPolicy("EnablingCors", builder => { builder.AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader(); })); #endregion CORS services.AddMvc(options => { options.RespectBrowserAcceptHeader = true; options.FormatterMappings.SetMediaTypeMappingForFormat("xml", MediaTypeHeaderValue.Parse("text/xml")); options.FormatterMappings.SetMediaTypeMappingForFormat("json", MediaTypeHeaderValue.Parse("application/json")); }) .SetCompatibilityVersion(CompatibilityVersion.Version_3_0); services.AddApiVersioning(options => options.ApiVersionReader = new HeaderApiVersionReader("api-version")); #region Swagger _ = services.AddSwaggerGen(c => { c.SwaggerDoc( "v1", new OpenApiInfo { Title = "Divulgação de ONG's", Version = "v1", Description = "API Rest desenvolvida em ASPNET Core 2.2", Contact = new OpenApiContact { Name = "Marcelo Ribeiro de Albuquerque", Url = new Uri("https://github.com/openid3as") } }); c.CustomSchemaIds(x => x.FullName); }); #endregion Swagger services.AddDependencyInjections(Configuration); }