public void Setup() { var serviceCollection = new ServiceCollection(); serviceCollection.AddCoreDependencies(); serviceCollection.AddDALDependencies(); serviceCollection.AddApiServiceCollectionDependencies(); serviceCollection.AddScoped <HttpMessageHandler>(provider => CreateMockedHttpClientHandler()); var jwtAuthorizationConfig = new JwtAuthorization { JwkUrl = "https://some-example-site.com", JwtValidationRules = new JwtValidationRules() { ClientId = "smittestopp", SupportedAlgorithm = "RS256", Issuer = "https://dev-smittestopp-verification.azurewebsites.net" } }; serviceCollection.AddSingleton(jwtAuthorizationConfig); serviceCollection.AddDbContext <DigNDB_SmittestopContext>(opts => opts.UseInMemoryDatabase(Guid.NewGuid().ToString())); ServiceProvider serviceProvider = serviceCollection.BuildServiceProvider(); _jwtValidationService = serviceProvider.GetService <IJwtValidationService>(); }
public async Task <(string, string, int)> GetTokenAsync(string alias, string password) { var player = await this.playerRepository.GetAsync(alias) ?? throw new NotFoundException($"Player with alias {alias} not found."); if (!player.Active) { throw new BaseException($"Player with alias {alias} is inactive. Contact to developers."); } if (!string.Equals(player.PasswordHash, PasswordHasher.GetPasswordHash(password), StringComparison.InvariantCulture)) { throw new BaseException($"Wrond alias or password."); } var token = JwtAuthorization.GenerateToken(player, this.configuration); var refresh = JwtAuthorization.GenerateRefreshToken(this.configuration); await this.refreshTokenRepository.RevokeUsersTokensAsync(player.Id); await this.refreshTokenRepository.CreateAsync(new RefreshToken { Id = refresh.refreshTokenKey, Active = true, Token = refresh.refreshTokenValue, UserId = player.Id }); return(token, refresh.refreshTokenKey, (int)this.configuration.Expiration.TotalSeconds); }
public JwkRsaProviderService( JwtAuthorization jwtAuthorizationConfiguration, HttpMessageHandler?httpMessageHandler = null) { httpMessageHandler ??= new HttpClientHandler(); _httpClient = new HttpClient(httpMessageHandler); _httpClient.DefaultRequestHeaders.Add("accept", "application/json"); _jwkUrl = new Uri(jwtAuthorizationConfiguration.JwkUrl); }
public JwtValidationService( IRsaProviderService rsaProviderService, IJwtTokenReplyAttackService jwtTokenReplyAttackService, JwtAuthorization jwtAuthorizationConfiguration) { _rsaProviderService = rsaProviderService; _jwtTokenReplyAttackService = jwtTokenReplyAttackService; _validClientIdValue = jwtAuthorizationConfiguration.JwtValidationRules.ClientId; _supportedAlgorithm = jwtAuthorizationConfiguration.JwtValidationRules.SupportedAlgorithm; _validIssuer = jwtAuthorizationConfiguration.JwtValidationRules.Issuer; }
public async Task <(string, string, int)> GetTokenAsync(string refreshToken) { var refreshentity = await this.refreshTokenRepository.GetAsync(refreshToken) ?? throw new NotFoundException(); if (!refreshentity.Active) { throw new TokenInactiveException($"Token is inactive. You should relogin"); } var tokenentity = new JwtSecurityTokenHandler().ReadJwtToken(refreshentity.Token); if (tokenentity.ValidTo < DateTime.UtcNow) { throw new TokenExpiredException($"Token is expired. You should relogin"); } var alias = tokenentity.Claims.FirstOrDefault(t => t.Type == FootballClaims.PlayerAlias)?.Value; if (string.IsNullOrEmpty(alias)) { throw new NotFoundException("Not found alias."); } var player = await this.playerRepository.GetAsync(alias); if (player == null) { throw new NotFoundException("Not found player."); } var token = JwtAuthorization.GenerateToken(player, this.configuration); var refresh = JwtAuthorization.GenerateRefreshToken(this.configuration); await this.refreshTokenRepository.RevokeUsersTokensAsync(player.Id); await this.refreshTokenRepository.CreateAsync(new RefreshToken { Id = refresh.refreshTokenKey, Active = true, Token = refresh.refreshTokenValue, UserId = player.Id }); return(token, refresh.refreshTokenKey, (int)this.configuration.Expiration.TotalSeconds); }