/// Generated the token in format JWT /// </summary> /// <param name="data">Data for generated token</param> /// <returns>Token generated</returns> /// <author> Natalia Ladino - [email protected] </author> public string Protect(AuthenticationTicket data) { string audienceId = data.Properties.Dictionary.ContainsKey(AudiencePropertyKey) ? data.Properties.Dictionary[AudiencePropertyKey] : null; if (string.IsNullOrWhiteSpace(audienceId)) { throw new InvalidOperationException(Resources.Message_es.InvalidAudience); } blAUdience = new BlAudience(); Audience audience = blAUdience.GetAudienceByClientId(audienceId); if (!string.IsNullOrEmpty(audience.Secret)) { string symmetricKeyAsBase64 = audience.Secret; var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64); var signingKey = new HmacSigningCredentials(keyByteArray); var issued = data.Properties.IssuedUtc; var expires = data.Properties.ExpiresUtc; var token = new JwtSecurityToken(issuerGenerated, audienceId, data.Identity.Claims, issued.Value.LocalDateTime, expires.Value.LocalDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token); return(jwt); } else { throw new InvalidOperationException(Resources.Message_es.ExceptionSecret); } }
/// <summary> /// Validate the request /// </summary> /// <param name="context">Context of the request</param> /// <returns>Request validated</returns> public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { try { blAUdience = new BlAudience(); string clientId = string.Empty; string clientSecret = string.Empty; if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.TryGetFormCredentials(out clientId, out clientSecret); } if (context.ClientId == null) { context.SetError("ClienteId_Invalido", Resources.Message_es.InvalidClient); return(Task.FromResult <object>(null)); } Audience audience = blAUdience.GetAudienceByClientId(clientId); if (audience == null) { context.SetError("ClienteId_Invalido", string.Format(Resources.Message_es.InvalidClient, context.ClientId)); return(Task.FromResult <object>(null)); } context.Validated(); return(Task.FromResult <object>(null)); } catch (Exception ex) { ExceptionLogging.LogException(ex); return(Task.FromResult <object>(null)); } }