public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (context.ActionArguments["query"] is RefreshToken.Query refreshTokenQuery) { TokenValidationParameters tokenValidationParameters = JWTTokenHelper.InitTokenValidationParameters(_configuration, false); var tokenHandler = new JwtSecurityTokenHandler(); ClaimsPrincipal principal = tokenHandler.ValidateToken(refreshTokenQuery.Token, tokenValidationParameters, out var securityToken); if (securityToken is JwtSecurityToken jwtSecurityToken && jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha512, StringComparison.InvariantCultureIgnoreCase)) { string encryptedUserName = principal.Claims.FirstOrDefault(c => c.Type == Constants.CLAIM_UNAME)?.Value; refreshTokenQuery.UserName = _cryptoHelper.Decrypt <string>(_configSettings.DataProtectionKey, encryptedUserName); await next(); return; } throw new SecurityTokenException("Invalid Token"); } _logger.LogError("Missing query parameter!"); throw new CustomException(HttpStatusCode.NotFound, new { MissingParameter = "Missing query parameter!" }); }
private static void InitAuthSettings(IServiceCollection services, IConfiguration configuration) { //Authentication services.AddAuthentication(opt => { opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(opt => { opt.TokenValidationParameters = JWTTokenHelper.InitTokenValidationParameters(configuration, true); opt.Events = JWTTokenHelper.InitJwtBearerEvents(); }); //Host Authorization services.AddAuthorization(opt => { opt.AddPolicy(Constants.ACTIVITY_HOST_POLICY_NAME, policy => { policy.Requirements.Add(new IsHostRequirement()); }); }); services.AddTransient <IAuthorizationHandler, IsHostRequirementHandler>(); }