public async Task <ActionResult <TokenResponse> > ClaimAuthCode(AuthCodeClaimDTO authCodeClaimDTO) { authCodeClaimDTO.SecurityKey = CryptographyUtils.Base64Decode(authCodeClaimDTO.SecurityKey); var dbAuthCode = await applicationDbContext.UserAuthenticationCodes.FirstOrDefaultAsync(code => code.Token == authCodeClaimDTO.Token); if (dbAuthCode == null) { return(BadRequest()); } string md5Key = CryptographyUtils.ComputeSHA256Hash(authCodeClaimDTO.SecurityKey); if (dbAuthCode.SecurityKey.ToLower() != md5Key.ToLower()) { return(BadRequest()); } var user = await applicationDbContext.Users.Where(x => x.Id == dbAuthCode.UserId).FirstOrDefaultAsync(); string purpose = authCodeClaimDTO.Purpose == ApplicationConstants.ExternalLoginTokenPurposeName ? ApplicationConstants.ExternalLoginTokenPurposeName : authCodeClaimDTO.Purpose == ApplicationConstants.PersistentLoginTokenPurposeName ? ApplicationConstants.PersistentLoginTokenPurposeName : string.Empty; if (string.IsNullOrEmpty(purpose)) { return(BadRequest("Proposito incorrecto")); } bool result = await userManager.VerifyUserTokenAsync(user, ApplicationConstants.AuthCodeTokenProviderName, purpose, authCodeClaimDTO.Token); if (!result) { return(BadRequest()); } return(await BuildLoginToken(user.Email, authCodeClaimDTO.Purpose == ApplicationConstants.PersistentLoginTokenPurposeName)); }
public async Task <ActionResult> PersistLogin([FromQuery] LoginWithPersistDTO loginWithPersistDTO) { var user = await GetUserFromContext(); if (user == null) { return(RedirectToAction(nameof(RedirectToLogin))); } loginWithPersistDTO.SecurityKeyHash = CryptographyUtils.Base64Decode(HttpUtility.UrlDecode(loginWithPersistDTO.SecurityKeyHash)); if (!(await PersistentRedirectUrlExist(loginWithPersistDTO.returnUrl))) { return(BadRequest("returnUrl no es un valor valido")); } var token = await userManager.GenerateUserTokenAsync(user, ApplicationConstants.AuthCodeTokenProviderName, ApplicationConstants.PersistentLoginTokenPurposeName); var authenticationCode = new UserAuthenticationCode { Expiration = DateTime.UtcNow.AddMinutes(5), SecurityKey = loginWithPersistDTO.SecurityKeyHash, Token = token, UserId = user.Id }; applicationDbContext.Add(authenticationCode); await applicationDbContext.SaveChangesAsync(); string url = $"{loginWithPersistDTO.returnUrl}?authcode={HttpUtility.UrlEncode(token)}"; if (!string.IsNullOrEmpty(loginWithPersistDTO.InternalUrl)) { url += $"&internalUrl={HttpUtility.UrlEncode(loginWithPersistDTO.InternalUrl)}"; } return(Redirect(url)); }
public async Task <ActionResult> ExternalLogin([FromQuery] ExternalLoginDTO externalLoginDTO) { externalLoginDTO.SecurityKeyHash = CryptographyUtils.Base64Decode(HttpUtility.UrlDecode(externalLoginDTO.SecurityKeyHash)); if (!(await ExternalRedirectUrlExist(externalLoginDTO.returnUrl))) { return(BadRequest("returnUrl no es un valor valido")); } var redirectUrl = Url.Action(nameof(ExternalLoginCallback), "Account", new { externalLoginDTO.returnUrl }); HttpContext.Response.Cookies.Append(ApplicationConstants.KeyHashCookieName, externalLoginDTO.SecurityKeyHash, new Microsoft.AspNetCore.Http.CookieOptions() { HttpOnly = true, MaxAge = TimeSpan.FromMinutes(10), Secure = true, SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax }); var properties = signInManager.ConfigureExternalAuthenticationProperties(externalLoginDTO.Provider, redirectUrl, externalLoginDTO.SecurityKeyHash); return(Challenge(properties, externalLoginDTO.Provider)); }