private async Task <ActionResult> LoginInternalAsync(int?account) { if (!account.HasValue) { return(Unauthorized("Invalid login or password")); } var role = await _roles.GetRoleAsync(account.Value); var identity = GetClaimsIdentity(account.Value, role); var now = DateTime.UtcNow; var jwtToken = new JwtSecurityToken( issuer: _jwt.Issuer, audience: _jwt.Audience, notBefore: now, claims: identity.Claims, expires: now.Add(_jwt.LifeTime), signingCredentials: new SigningCredentials(_jwt.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwtToken); var response = new { access_token = encodedJwt, username = identity.Name }; return(Ok(response)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers().AddNewtonsoftJson(optitons => optitons.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = JwtOptions.ISSUER, ValidateAudience = true, ValidAudience = JwtOptions.AUDIENCE, ValidateLifetime = true, IssuerSigningKey = JwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true }; }); ServiceCreator serviceCreator = new ServiceCreator(Configuration.GetConnectionString("DefaultConnection")); services.AddScoped <ICommentService, CommentService>(conf => serviceCreator.CreateCommentService()); services.AddScoped <IPostService, PostService>(conf => serviceCreator.CreatePostService()); services.AddScoped <IUserProfileService, UserProfileService>(conf => serviceCreator.CreateUserProfileService()); services.AddScoped <IApplicationUserService, ApplicationUserService>(conf => serviceCreator.CreateApplicationUserService()); }
public static ClaimsPrincipal GetClaimsWithToken(string token) { if (token == null) { return(null); } var param = new TokenValidationParameters() { ValidateAudience = false, ValidateIssuer = false, ValidateLifetime = false, ValidateIssuerSigningKey = true, IssuerSigningKey = JwtOptions.GetSymmetricSecurityKey() }; SecurityToken security; ClaimsPrincipal principal = new JwtSecurityTokenHandler().ValidateToken(token, param, out security); JwtSecurityToken newJwtToken = security as JwtSecurityToken; if (newJwtToken == null || !newJwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new SecurityTokenException("Invalid token"); } return(principal); }
public static JwtSecurityToken GenerateToken(IEnumerable <Claim> claims) { var now = DateTime.Now; JwtSecurityToken jwt = new JwtSecurityToken( issuer: JwtOptions.ISSUER, audience: JwtOptions.AUDIENCE, notBefore: now, claims: claims, expires: now.Add(TimeSpan.FromMinutes(JwtOptions.LIFETIME)), signingCredentials: new SigningCredentials(JwtOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); return(jwt); }
public JwtSecurityToken GenerateToken(User user) { var key = JwtOptions.GetSymmetricSecurityKey(); var now = DateTime.Now; var jwt = new JwtSecurityToken( JwtOptions.Issuer, JwtOptions.Audience, GetIdentity(user).Claims, now, now.AddMinutes(JwtOptions.Lifetime), new SigningCredentials(key, SecurityAlgorithms.HmacSha256)); return(jwt); }
private static TokenValidationParameters ConfigureTokenValidationParameters() { var jwtOptions = new JwtOptions(); return new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = jwtOptions.Issuer, ValidateAudience = true, ValidAudience = jwtOptions.Audience, ValidateLifetime = true, IssuerSigningKey = jwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true, }; }
public string GetAccessToken(User user, IList <string> roles) { var identity = GetIdentity(user, roles); var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: JwtOptions.ISSUER, audience: JwtOptions.AUDIENCE, notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(JwtOptions.LIFETIME)), signingCredentials: new SigningCredentials(JwtOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256) ); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
public static JwtSecurityToken CreateToken(User user) { var claims = new List <Claim>() { new Claim(ClaimTypes.Name, user.UserName) }; return(new JwtSecurityToken( issuer: JwtOptions.ISSUER, audience: JwtOptions.AUDIENCE, claims: claims, notBefore: DateTime.Now, expires: DateTime.Now.Add(TimeSpan.FromMinutes(JwtOptions.LIFETIME)), signingCredentials: new SigningCredentials(JwtOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256))); }
private string BuildToken(ClaimsIdentity identity) { var now = DateTime.UtcNow; // creating JWT-token var jwt = new JwtSecurityToken( issuer: JwtOptions.ISSUER, audience: JwtOptions.AUDIENCE, notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(JwtOptions.LIFETIME_MINUTES)), signingCredentials: new SigningCredentials(JwtOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public string GenerateJwt(IEnumerable <Claim> claims = null) { var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: _jwtOptionsMonitor.Issuer, //audience: _jwtOptionsMonitor.Audience, notBefore: now, claims: claims, expires: now.Add(TimeSpan.FromMinutes(_jwtOptionsMonitor.Lifetime)), signingCredentials: new SigningCredentials(_jwtOptionsMonitor.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
private string BuildToken(AccountModel user) { var identity = GetClaimsIdentity(user.Id, user.Role); var now = DateTime.UtcNow; var jwtToken = new JwtSecurityToken( issuer: _jwt.Issuer, audience: _jwt.Audience, notBefore: now, claims: identity.Claims, expires: now.Add(_jwt.LifeTime), signingCredentials: new SigningCredentials(_jwt.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(encodedJwt); }
private async Task <string> GetJwtTokenAsync(User user) { var claims = new List <Claim> { new(ClaimsIdentity.DefaultNameClaimType, user.Login) }; var now = DateTime.UtcNow; var jwtToken = new JwtSecurityToken(JwtOptions.Issuer, JwtOptions.Audience, notBefore: now, claims: claims, expires: now.Add(TimeSpan.FromDays(JwtOptions.LifeTime)), signingCredentials: new SigningCredentials(JwtOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(encodedJwt); }
public void ConfigureServices(IServiceCollection services) { services.AddControllers(); services.AddSingleton <SteamManagerConnector>(); services.AddSingleton <NintendoManagerConnector>(); services.AddSingleton <PSStoreManagerConnector>(); services.AddSingleton <UserService>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = JwtOptions.ISSUER, ValidateAudience = true, ValidAudience = JwtOptions.AUDIENCE, ValidateLifetime = true, IssuerSigningKey = JwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true, }; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddAutoMapper(typeof(Startup)); services.AddDbContext <Context>(opt => { opt.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")); }); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(opt => { opt.TokenValidationParameters = new TokenValidationParameters() { ValidateIssuer = true, ValidIssuer = JwtOptions.ISSUER, ValidateAudience = true, ValidAudience = JwtOptions.AUDIENCE, ValidateLifetime = true, IssuerSigningKey = JwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true, }; opt.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { if (context.Exception.GetType() == typeof(SecurityTokenExpiredException)) { context.Response.Headers.Add("Token-Expired", "true"); } return(Task.CompletedTask); }, OnMessageReceived = context => { var accessToken = context.Request.Query["access_token"]; var path = context.HttpContext.Request.Path; if (!string.IsNullOrEmpty(accessToken)) { context.Token = accessToken; } return(Task.CompletedTask); } }; }); services.AddSignalR(); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); // In production, the React files will be served from this directory services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/build"; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var connectionString = CurrentEnvironment.IsDevelopment() ? Configuration.GetConnectionString("DefaultConnection") : HerokuConfiguration.GetHerokuConnectionString(); services.AddControllers() .AddJsonOptions(options => options.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter())); var jwtOptions = new JwtOptions(); var configSection = Configuration.GetSection("JwtOptions"); configSection.Bind(jwtOptions); services.Configure <JwtOptions>(configSection); // Custom BadRequest response on ModelState validation services.Configure <ApiBehaviorOptions>(o => { o.CustomInvalidModelStateResponse(); }); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = jwtOptions.Issuer, ValidateAudience = false, //ValidAudience = authOptions.Audience, ValidateLifetime = true, IssuerSigningKey = jwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true, }; }); services.AddDbContext <ApplicationDbContext>(options => { options.UseNpgsql(connectionString); }); services.AddIdentityCore <IdentityUser>(options => { options.Password.RequiredLength = 6; options.Password.RequireLowercase = false; options.Password.RequireUppercase = false; options.Password.RequireDigit = false; options.Password.RequireNonAlphanumeric = false; }) .AddRoles <IdentityRole>() .AddRoleManager <RoleManager <IdentityRole> >() .AddDefaultTokenProviders() .AddEntityFrameworkStores <ApplicationDbContext>(); services.AddScoped <IJwtGenerator, JwtGenerator>(); services.AddMediatR(Assembly.GetExecutingAssembly()); services.AddCors(); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new OpenApiInfo { Title = "Identity CQRS API", Description = "A simple Asp.Net Core web API which uses CQRS MediatR pattern to handle requests " + "and Identity to communicate with database. Used jwt authentication." }); var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"; var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile); c.IncludeXmlComments(xmlPath); }); }
/// <summary> /// Registers authentication services. /// </summary> /// <typeparam name="TSessionData">Session data type.</typeparam> /// <param name="services">Service collection.</param> /// <returns>Service collection.</returns> public static IServiceCollection AddServicesInMemory(this IServiceCollection services) { if (services == null) { throw new ArgumentNullException(nameof(services)); } services.AddScoped <IRootService, RootService>(); services.AddScoped <IAuthService, AuthService>(); //Add storage in memory. services.AddScoped <ISessionStorage, SessionStorageInMemory>(); services.AddScoped <IUserService, UserService>(); services.AddScoped <IDiceService, DiceService>(); //Add admin services. services.AddScoped <IAdminAddService, AdminAddService>(); services.AddScoped <IAdminUpdateService, AdminUpdateService>(); services.AddScoped <IAdminDeleteService, AdminDeleteService>(); //Add mapper var mappingConfig = new MapperConfiguration(mc => { mc.AddProfile(new MappingProfile()); }); services.AddSingleton(mappingConfig.CreateMapper()); services.AddCors(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.RequireHttpsMetadata = JwtOptions.RequireHttps; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = JwtOptions.Issuer, ValidateAudience = true, ValidAudience = JwtOptions.Audience, ValidateLifetime = false, IssuerSigningKey = JwtOptions.GetSymmetricSecurityKey(), ValidateIssuerSigningKey = true, }; }); services.AddSwaggerGen(options => { options.SwaggerDoc("v1", new OpenApiInfo { Title = "VirtualSports", Version = "v1" }); var filePath = Path.Combine(AppContext.BaseDirectory, "VirtualSports.Web.xml"); if (File.Exists(filePath)) { options.IncludeXmlComments(filePath); } options.AddSecurityRequirement( new OpenApiSecurityRequirement { { new OpenApiSecurityScheme { Reference = new OpenApiReference { Id = "Bearer", Type = ReferenceType.SecurityScheme }, }, new string[0] } }); options.AddSecurityDefinition( "Bearer", new OpenApiSecurityScheme { Type = SecuritySchemeType.ApiKey, In = ParameterLocation.Header, Scheme = "Bearer", Name = "Authorization", Description = "JWT token", BearerFormat = "JWT" }); }); services .AddAuthentication("JwtAuthentication") .AddScheme <JwtBearerOptions, AuthenticationHandler>( "JwtAuthentication", null); return(services); }