public HomeModule(IConfigProvider configProvider, IJwtWrapper jwtWrapper) { Get["/login"] = _ => View["Login"]; Post["/login"] = _ => { var user = this.Bind<UserCredentials>(); //Verify user/pass if (user.User != "fred" && user.Password != "securepwd") { return 401; } var jwttoken = new JwtToken() { Issuer = "http://issuer.com", Audience = "http://mycoolwebsite.com", Claims = new List<Claim>(new[] { new Claim("http://schemas.microsoft.com/ws/2008/06/identity/claims/role", "Administrator"), new Claim(ClaimTypes.Name, "Fred") }), Expiry = DateTime.UtcNow.AddDays(7) }; var token = jwtWrapper.Encode(jwttoken, configProvider.GetAppSetting("securekey"), JwtHashAlgorithm.HS256); return Negotiate.WithModel(token); }; Get["/"] = _ => "Hello Secure World!"; }
public ClaimsPrincipal ValidateUser(string token) { try { //Claims don't deserialize :( //var jwttoken = JsonWebToken.DecodeToObject<JwtToken>(token, configProvider.GetAppSetting("securekey")); var decodedtoken = JsonWebToken.DecodeToObject(token, configProvider.GetAppSetting("securekey")) as Dictionary <string, object>; var jwttoken = new JwtToken() { Audience = (string)decodedtoken["Audience"], Issuer = (string)decodedtoken["Issuer"], Expiry = DateTime.Parse(decodedtoken["Expiry"].ToString()), }; if (decodedtoken.ContainsKey("Claims")) { var claims = new List <Claim>(); for (int i = 0; i < ((ArrayList)decodedtoken["Claims"]).Count; i++) { var type = ((Dictionary <string, object>)((ArrayList)decodedtoken["Claims"])[i])["Type"].ToString(); var value = ((Dictionary <string, object>)((ArrayList)decodedtoken["Claims"])[i])["Value"].ToString(); claims.Add(new Claim(type, value)); } jwttoken.Claims = claims; } if (jwttoken.Expiry < DateTime.UtcNow) { return(null); } //TODO Tidy on 3.8 Mono release var claimsPrincipal = new ClaimsPrincipal(); var claimsIdentity = new ClaimsIdentity("Token"); claimsIdentity.AddClaims(jwttoken.Claims); claimsPrincipal.AddIdentity(claimsIdentity); return(claimsPrincipal); } catch (Exception) { return(null); } }
public ClaimsPrincipal ValidateUser(string token) { try { //Claims don't deserialize :( //var jwttoken = JsonWebToken.DecodeToObject<JwtToken>(token, configProvider.GetAppSetting("securekey")); var decodedtoken = JsonWebToken.DecodeToObject(token, configProvider.GetAppSetting("securekey")) as Dictionary<string, object>; var jwttoken = new JwtToken() { Audience = (string)decodedtoken["Audience"], Issuer = (string)decodedtoken["Issuer"], Expiry = DateTime.Parse(decodedtoken["Expiry"].ToString()), }; if (decodedtoken.ContainsKey("Claims")) { var claims = new List<Claim>(); for (int i = 0; i < ((ArrayList)decodedtoken["Claims"]).Count; i++) { var type = ((Dictionary<string, object>)((ArrayList)decodedtoken["Claims"])[i])["Type"].ToString(); var value = ((Dictionary<string, object>)((ArrayList)decodedtoken["Claims"])[i])["Value"].ToString(); claims.Add(new Claim(type, value)); } jwttoken.Claims = claims; } if (jwttoken.Expiry < DateTime.UtcNow) { return null; } //TODO Tidy on 3.8 Mono release var claimsPrincipal = new ClaimsPrincipal(); var claimsIdentity = new ClaimsIdentity("Token"); claimsIdentity.AddClaims(jwttoken.Claims); claimsPrincipal.AddIdentity(claimsIdentity); return claimsPrincipal; } catch (Exception) { return null; } }