public static Boolean IsUserHasPermission(string accessToken, string formName, string permissionName) { var stream = accessToken; var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var jsonToken = handler.ReadToken(stream); var tokenS = handler.ReadToken(stream) as JwtSecurityToken; List <string> jsonStrPermissions = tokenS.Claims.Where(claim => claim.Type == "role").Select(a => a.Value).ToList(); int permissionValue = 0; foreach (string permission in jsonStrPermissions) { JwtTokenObject result = JsonConvert.DeserializeObject <JwtTokenObject>(permission); if (result.FormName == formName) { permissionValue += PermissionValueDict[result.Permission]; } } ; if (permissionValue >= PermissionValueDict[permissionName]) { return(true); } else { return(false); } }
public static TokenObjectModel GetGoogleAccesToken(string code) { string url = ConfigurationManager.AppSettings["google_auth_url"]; WebClient wc = new WebClient(); wc.QueryString.Add("code", code); wc.QueryString.Add("client_id", ConfigurationManager.AppSettings["client_id"]); wc.QueryString.Add("client_secret", ConfigurationManager.AppSettings["client_secret"]); wc.QueryString.Add("redirect_uri", ConfigurationManager.AppSettings["redirect_uri"]); wc.QueryString.Add("grant_type", ConfigurationManager.AppSettings["grant_type"]); if (code == null) { return(null); } else { var data = wc.UploadValues(url, "POST", wc.QueryString); var responseString = UnicodeEncoding.UTF8.GetString(data); GoogleTokenObjectModel token = JsonConvert.DeserializeObject <GoogleTokenObjectModel>(responseString); var stream = token.id_token; var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var jsonToken = handler.ReadToken(stream); var tokenS = handler.ReadToken(stream) as JwtSecurityToken; string sub = tokenS.Claims.First(claim => claim.Type == "sub").Value; string email = tokenS.Claims.First(claim => claim.Type == "email").Value; string name = tokenS.Claims.First(claim => claim.Type == "name").Value; UserObjectModel userObj = new UserObjectModel(name, email, sub); TokenObjectModel tokenObj = new TokenObjectModel(); bool isUserExists = UserHelper.IsUserRegistered(sub); bool registerSuccess = false; if (!isUserExists) { registerSuccess = UserHelper.RegisterUser(userObj) ? true : false; } if (isUserExists | registerSuccess) { userObj = UserHelper.getUserBySubKey(userObj.Sub); CreateUserSession(userObj); tokenObj = TokenHelper.createToken(userObj); tokenObj = TokenHelper.getTokenByAuthorizationCode(tokenObj.AuthorizationCode); UserTokensObjectModel userTokenObj = new UserTokensObjectModel(userObj.UserId, tokenObj.TokenId); bool success = UserTokensHelper.MapUserToken(userTokenObj); } return(tokenObj); } }
public static bool TryValidateToken ( string plainTextSecurityKey , string token , out JwtSecurityToken validatedPlainToken , out ClaimsPrincipal claimsPrincipal ) { var r = false; validatedPlainToken = null; claimsPrincipal = null; try { var tokenHandler = new System .IdentityModel .Tokens .Jwt .JwtSecurityTokenHandler(); var jst = ((JwtSecurityToken)tokenHandler.ReadToken(token)); var signingKey = new Microsoft .IdentityModel .Tokens .SymmetricSecurityKey ( Encoding .UTF8 .GetBytes ( plainTextSecurityKey ) ); var tokenValidationParameters = new TokenValidationParameters() { ValidIssuer = jst.Issuer, ValidateIssuer = true, ValidAudiences = jst.Audiences, ValidateAudience = true, IssuerSigningKey = signingKey, ValidateIssuerSigningKey = true, ValidateLifetime = false }; claimsPrincipal = tokenHandler .ValidateToken ( token , tokenValidationParameters , out var validatedPlainToken0 ); validatedPlainToken = validatedPlainToken0 as JwtSecurityToken; r = true; } catch (Exception e) { Console.WriteLine(e); } return(r); }