private async Task<string> SignInAsync(User user, bool twoFactor)
{
var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
DateTime? tokenExpiration = null;
var userPrincipal = await CreateUserPrincipalAsync(user);
if(twoFactor)
{
userPrincipal.Identities.First().AddClaim(new Claim(ClaimTypes.AuthenticationMethod, JwtIdentityOptions.TwoFactorAuthenticationMethod));
if(JwtIdentityOptions.TwoFactorTokenLifetime.HasValue)
{
tokenExpiration = DateTime.UtcNow.Add(JwtIdentityOptions.TwoFactorTokenLifetime.Value);
}
}
else
{
userPrincipal.Identities.First().AddClaim(new Claim(ClaimTypes.AuthenticationMethod, JwtIdentityOptions.AuthenticationMethod));
if(JwtIdentityOptions.TokenLifetime.HasValue)
{
tokenExpiration = DateTime.UtcNow.Add(JwtIdentityOptions.TokenLifetime.Value);
}
}
var descriptor = new SecurityTokenDescriptor
{
Issuer = JwtIdentityOptions.Issuer,
SigningCredentials = JwtIdentityOptions.SigningCredentials,
Audience = JwtIdentityOptions.Audience,
Subject = userPrincipal.Identities.First(),
Expires = tokenExpiration
};
var securityToken = handler.CreateToken(descriptor);
return handler.WriteToken(securityToken);
}
private static string DecryptToken(string Jwt)
{
var Handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var DecryptToken = Handler.ReadJwtToken(Jwt);
return(DecryptToken.Claims.ToList()[0].Value);
}
internal static bool ValidateToken(string token, out System.IdentityModel.Tokens.Jwt.JwtSecurityToken JwtToken)
{
JwtToken = null;
try
{
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
JwtToken = tokenHandler.ReadToken(token) as System.IdentityModel.Tokens.Jwt.JwtSecurityToken;
if (JwtToken == null)
{
return(false);
}
var validationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
RequireExpirationTime = true,
ValidateIssuer = false,
ValidateAudience = false,
IssuerSigningKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(symmetricKey)
};
Microsoft.IdentityModel.Tokens.SecurityToken securityToken;
tokenHandler.ValidateToken(token, validationParameters, out securityToken);
return(true);
}
catch (Microsoft.IdentityModel.Tokens.SecurityTokenValidationException e)
{
Console.WriteLine($"Token Expired!: {e}");
return(false);
}
}
public static string GenerateTokenJwt(string username)
{
// appsetting for Token JWT
var secretKey = "jklnhfadsuijnu32893hr879hbd37u89hn78u32h78h7u89qwdj90189";
var audienceToken = "http://gamequiz.app";
var issuerToken = "http://api.gamequiz.app";
var expireTime = 1200;
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) });
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime)),
signingCredentials: signingCredentials);
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken);
return(jwtTokenString);
}
public async Task <IActionResult> Login(UserForLoginDTO userForLoginDTO)
{
var userFromRepo = await _repo.Login(userForLoginDTO.Username, userForLoginDTO.Password);
if (userFromRepo == null)
{
return(Unauthorized("unauthorized"));
}
var claims = new []
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username.ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(100),
SigningCredentials = creds
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new {
token = tokenHandler.WriteToken(token)
}));
}
public LoginController(ILoginService loginService, IJwtService jwtService)
{
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
_loginService = loginService;
_jwtService = jwtService;
}
public string CreateJwt(UserViewModel vmdl)
{
var claims = new List <Claim>();
// create required claims
claims.Add(new Claim(ClaimTypes.NameIdentifier, vmdl.Name));
claims.Add(new Claim(ClaimTypes.Name, vmdl.UID));
claims.Add(new Claim(ClaimTypes.Role, string.Join(",", vmdl.Roles)));
var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ExternalBearer);
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(GetSecretKey()));
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256Signature);
var securityTokenDescriptor = new SecurityTokenDescriptor()
{
Audience = "https://hacking-inf.technikum-wien.at",
Issuer = "https://hacking-inf.technikum-wien.at",
Subject = identity,
SigningCredentials = signingCredentials,
IssuedAt = DateTime.Now,
Expires = DateTime.Now.AddDays(14)
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
return(tokenHandler.WriteToken(plainToken));
}
public static string GenerateTokenJwt(string username)
{
// appsetting for Token JWT
var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"];
var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"];
var expireTime = ConfigurationManager.AppSettings["JWT_EXPIRE_MINUTES"];
//VERIFY 3ra Parte de JWT
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);//
// create a claimsIdentity Lo que voy a meter en el data PAYLOAD DEL TOKEN
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) });
// create token to the user Englobar todo lo creado
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken, //url con ip HEADER
issuer: issuerToken, //HEADER
subject: claimsIdentity, //data
notBefore: DateTime.UtcNow, //contador de la sesion
expires: DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime)),
signingCredentials: signingCredentials); //cuando creamos llave simetrica con llave secreta y publica
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken); //to string de jwt
return(jwtTokenString);
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = Utils.Configuration.TokenAudienceId;
string symmetricKeyAsBase64 = Utils.Configuration.TokenAudienceSecret;
var keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
//var signingKey = new System.IdentityModel.Tokens.SigningCredentials(new System.IdentityModel.Tokens.InMemorySymmetricSecurityKey(keyByteArray),
// SignatureAlgorithm,
// DigestAlgorithm);
var signingKey = new Microsoft.IdentityModel.Tokens.SigningCredentials(new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(keyByteArray),
SignatureAlgorithm,
DigestAlgorithm);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims,
issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
return(jwt);
}
/// <summary>
/// Decode and convert a JSON Web Token string to a JSON object string
/// </summary>
/// <param name="JWTTokenString">The JWT token to be decoded</param>
/// <returns>string containing the JSON object</returns>
public static string JWTtoJSON(string JWTTokenString)
{
var jwtHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
//Check if readable token (string is in a JWT format)
if (jwtHandler.CanReadToken(JWTTokenString))
{
var token = jwtHandler.ReadJwtToken(JWTTokenString);
//Extract the payload of the JWT
string payload = "{";
foreach (var item in token.Payload)
{
if (item.Value.GetType().Name == "JArray")
{
payload += '"' + item.Key + "\":" + item.Value + ",";
}
else
{
payload += '"' + item.Key + "\":\"" + item.Value + "\",";
}
}
payload += "}";
return(Newtonsoft.Json.Linq.JToken.Parse(payload).ToString(Newtonsoft.Json.Formatting.Indented));
}
return(null);
}
private bool ValidateMassRoverToken(string token)
{
var tokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
{
ValidAudiences = new string[]
{
"massrover.client",
},
ValidIssuers = new string[]
{
"massrover.authservice",
},
ValidateLifetime = true,
IssuerSigningKey = GetTokenSignKey()
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
tokenHandler.ValidateToken(token, tokenValidationParameters, out var validatedToken);
return(true);
}
private string IssueJwtToken(System.IdentityModel.Tokens.Jwt.JwtSecurityToken aadToken)
{
var msKey = GetTokenSignKey();
var msSigningCredentials = new Microsoft.IdentityModel.Tokens
.SigningCredentials(msKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
var claimsIdentity = new System.Security.Claims.ClaimsIdentity(new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, "*****@*****.**"),
new Claim(ClaimTypes.Role, "admin"),
}, "MassRover.Authentication");
var msSecurityTokenDescriptor = new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor()
{
Audience = "massrover.client",
Issuer = "massrover.authservice",
Subject = claimsIdentity,
Expires = DateTime.UtcNow.AddHours(8),
SigningCredentials = msSigningCredentials
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(msSecurityTokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
return(signedAndEncodedToken);
}
public static TokenResponse GenerateTokenJwt(TokenRequest request)
{
//TODO: appsetting for Demo JWT - protect correctly this settings
var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"];
var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"];
var expireTime = ConfigurationManager.AppSettings["JWT_EXPIRE_MINUTES"];
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.PrimarySid, request.Id.ToString()),
new Claim(ClaimTypes.Name, request.Username),
//new Claim(ClaimTypes.Role, request.Role)
});
TokenResponse response = new TokenResponse();
response.ExpiresIn = DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime));
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.UtcNow,
expires: response.ExpiresIn,
signingCredentials: signingCredentials);
response.Token = tokenHandler.WriteToken(jwtSecurityToken);
return(response);
}
private string GenerateJwtToken(string userId, string username)
{
// Function handles create the JWT token based on the provided
// user ID and username
// Generate the user claims by User Id & Name
Claim[] jwtClaims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Name, username)
};
// Generate the Key, using the App token
SymmetricSecurityKey jwtKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
// Generate the creds
SigningCredentials credentials = new SigningCredentials(jwtKey, SecurityAlgorithms.HmacSha512Signature);
// Create a JWT Desc object
SecurityTokenDescriptor jwtDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(jwtClaims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = credentials
};
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler jwtHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
// Finally create the JWT token & return it
SecurityToken jwtToken = jwtHandler.CreateToken(jwtDescriptor);
return(jwtHandler.WriteToken(jwtToken));
}
public string UserLoginToken(Member member, string tokenSecretKey)
{
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(tokenSecretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, member.UserId.ToString()),
new Claim(ClaimTypes.Name, member.NickName),
new Claim(ClaimTypes.Role, member.UserRole ?? "users")
};
var tokenDescripter = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = System.DateTime.Now.AddDays(30),
SigningCredentials = creds
};
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescripter);
var tokenResult = tokenHandler.WriteToken(token);
return(tokenResult);
}
private string ISecureDataFormat_Protect(AuthenticationTicket data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
string audienceId = AppConfiguration.GetByKey(GlobalLegaSys.ClientId);
string symmetricKeyAsBase64 = AppConfiguration.GetByKey(GlobalLegaSys.ClientSecret);
dynamic keyByteArray = TextEncodings.Base64Url.Decode(symmetricKeyAsBase64);
dynamic signingKey = new HmacSigningCredentials(keyByteArray);
dynamic issued = data.Properties.IssuedUtc;
dynamic expires = data.Properties.ExpiresUtc;
dynamic token = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.UtcDateTime, expires.UtcDateTime, signingKey);
dynamic handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
dynamic jwt = handler.WriteToken(token);
return(jwt);
}
public static void CreateZoom()
{
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var apiSecret = "U3DLqNBrcYPG3zUrqYyjRjFsaZSHroIXLtHO";
byte[] symmetricKey = Encoding.ASCII.GetBytes(apiSecret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Issuer = "U3DLqNBrcYPG3zUrqYyjRjFsaZSHroIXLtHO",
Expires = now.AddSeconds(30),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(symmetricKey), SecurityAlgorithms.HmacSha256),
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6IlpHcEpGZzdYUVU2R0VlcHJTbGVrYnciLCJleHAiOjE2MDE1Mzc2ODYsImlhdCI6MTYwMTQ1MTI5Mn0.mF0KbGOuoGm7uuwE93zcICbhu1kCem8U-ljsj70fhpA";
//tokenHandler.WriteToken(token);
var client = new RestClient("https://api.zoom.us/v2/users/me/meetings");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", String.Format("Bearer {0}", tokenString));
request.AddParameter("application/json", "{\r\n \"topic\": \"test\",\r\n \"type\": \"1\",\r\n \"password\": \"12345\",\r\n \"agenda\": \"testing\",\r\n \"settings\": {\r\n \"host_video\": \"true\",\r\n \"participant_video\": \"true\",\r\n \"cn_meeting\": \"false\",\r\n \"in_meeting\": \"false\",\r\n \"mute_upon_entry\": \"false\",\r\n \"watermark\": \"false\",\r\n \"use_pmi\": \"false\",\r\n \"approval_type\": \"2\",\r\n \"audio\": \"both\",\r\n \"auto_recording\": \"none\"\r\n }\r\n}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
}
public IPrincipal ValidateJwt(string authToken)
{
if (string.IsNullOrWhiteSpace(authToken))
{
return(null);
}
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(GetSecretKey()));
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256Signature);
var validationParameters = new TokenValidationParameters();
validationParameters.ValidIssuer = "https://hacking-inf.technikum-wien.at";
validationParameters.ValidAudience = "https://hacking-inf.technikum-wien.at";
validationParameters.IssuerSigningKey = signingKey;
try
{
SecurityToken validatedToken;
return(tokenHandler.ValidateToken(authToken, validationParameters, out validatedToken));
}
catch (SecurityTokenException)
{
return(null);
}
catch (Exception ex)
{
_log.Warn("Unable to validate Jwt", ex);
return(null);
}
}
public static string GenerateTokenJwt(string username)
{
// appsetting for Token JWT
var secretKey = Utilerias.JWT_Secret_Key();
var audienceToken = Utilerias.JWT_Audience_Token();
var issuerToken = Utilerias.JWT_Issuer_Token();
var expireTime = Utilerias.JWT_Expire_Minutes();
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) });
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime)),
signingCredentials: signingCredentials);
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken);
return(jwtTokenString);
}
public string IssueToken(Microsoft.AspNetCore.Authentication.AuthenticationTicket data)
{
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler tokenHandler =
new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
System.DateTime now = System.DateTime.UtcNow;
Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor desc =
new Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor
{
//Subject = new System.Security.Claims.ClaimsIdentity(claimList),
Subject = (System.Security.Claims.ClaimsIdentity)data.Principal.Identity,
Issuer = this.m_validationParameters.ValidIssuer, //SecurityConstants.TokenIssuer,
Audience = this.m_validationParameters.ValidAudience, // SecurityConstants.TokenAudience,
IssuedAt = now,
Expires = now.AddMinutes(this.m_tokenLifetimeMinutes),
NotBefore = now.AddTicks(-1),
SigningCredentials = this.m_signingCredentials
};
// System.IdentityModel.Tokens.Jwt.JwtSecurityToken tok =
// tokenHandler.CreateJwtSecurityToken(desc);
// // tok.Header.Add("jti", "foo");
// // tok.Payload.Add("jti", "foobar");
// System.Console.WriteLine(tok.Id);
// string tokk = tok.ToString();
// System.Console.WriteLine(tokk);
return(tokenHandler.CreateEncodedJwt(desc));
} // End Function IssueToken
public static string GenerateTokenJwt(string username, string hora)
{
// appsetting for Token JWT
var secretKey = ConfigurationManager.AppSettings["ClaveSecreta"];
var audienceToken = ConfigurationManager.AppSettings["Audience"];
var issuerToken = ConfigurationManager.AppSettings["Issuer"];
if (!Int32.TryParse(ConfigurationManager.AppSettings["Expires"], out int expireTime))
{
expireTime = 90;
}
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha512Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username, hora) });
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(Convert.ToInt32(expireTime)),
signingCredentials: signingCredentials);
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken);
return(jwtTokenString);
}
public Usuario Authenticate([FromServices] IUserService userService, [FromServices] KedsContext db, string username, string password)
{
var user = db.Usuarios.SingleOrDefault(x => x.Login == username && x.Senha == password);
// return null if user not found
if (user == null)
{
return(null);
}
// authentication successful so generate jwt token
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
// remove password before returning
user.Senha = null;
return(user);
}
public ClaimsPrincipal getprincipal(string token)
{
Response rp = new Response();
aUtilities autil = new aUtilities();
HttpResponseMessage st = new HttpResponseMessage();
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
SecurityToken securityToken;
try
{
//token = Decrypt(token);
var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"];
var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"];
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
TokenValidationParameters validationParameters = new TokenValidationParameters()
{
ValidAudience = audienceToken,
ValidIssuer = issuerToken,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
LifetimeValidator = this.LifetimeValidator,
IssuerSigningKey = securityKey
};
return(tokenHandler.ValidateToken(token, validationParameters, out securityToken));
}
catch (SecurityTokenValidationException ex)
{
return(null);
}
}
async void LoginWS(object sender, System.EventArgs e)
{
try
{
if (dispositivo.ValidarConexionInternet())
{
var manager = new UsuarioManager();
App.usuarioActual = await manager.Validar(txtUsername.Text, txtPassword.Text);
if (App.usuarioActual != null)
{
var jwthandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
App.usuarioActual.Token = jwthandler.ReadToken(App.usuarioActual.TOKEN);
Application.Current.MainPage = new MainPage();
}
else
{
await DisplayAlert("Error al ingresar", " No hay conexion con internet", "Ok");
}
}
else
{
await DisplayAlert("Error de conexion", " No hay conexion con internet", "Ok");
}
}
catch (Exception)
{
await DisplayAlert("Error", "No se puede ingresar", "Ok");
throw;
}
}
async protected void btnLogin_Click(object sender, EventArgs e)
{
if (IsValid)
{
var manager = new AppUsuarioManager();
string token = await manager.Validar(UserName.Text, Password.Text);
if (!string.IsNullOrEmpty(token))
{
VariablesGlobales.AuthorizationKey = token;
var jwthandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
VariablesGlobales.Token = jwthandler.ReadToken(token);
VariablesGlobales.clienteActual = await clientesManager.GetCliente(0, UserName.Text);
VariablesGlobales.EstadoSesionActual = EstadoSesion.Activa;
FormsAuthentication.RedirectFromLoginPage(UserName.Text, Persist.Checked);
}
else
{
FailureText.Text = "Credenciales inválidas.";
ErrorMessage.Visible = true;
}
}
}
/// <summary>
/// Genera un token de autenticación
/// </summary>
/// <param name="username">Nombre de usuario</param>
/// <returns>El token generado</returns>
public static string GenerateToken(string username)
{
string jwtToken;
try
{
var timestamp = DateTime.UtcNow;
var secretKey = Configuration.GetSection("AUDIENCE_KEY").Value;
var audienceToken = Configuration.GetSection("AUDIENCE").Value;
var issuerToken = Configuration.GetSection("ISSUER").Value;
var expiration = Configuration.GetSection("TOKEN_EXPIRATION_TIME").Value;
var securityKey = new SymmetricSecurityKey(
System.Text.Encoding.UTF8.GetBytes(secretKey));
var signingCredential = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) });
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: timestamp,
expires: timestamp.AddMinutes(Convert.ToInt32(expiration)),
signingCredentials: signingCredential);
jwtToken = tokenHandler.WriteToken(jwtSecurityToken);
}
catch
{
return null;
}
return jwtToken;
}
public static string GenerateTokenJwt(Conductor conductor, string secretKey, string audienceToken, string issuerToken, string expireTime, Mapeo _context)
{
//TODO: appsetting for Demo JWT - protect correctly this settings
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, conductor.Usuario),
new Claim(ClaimTypes.Role, conductor.Rol.ToString())
});
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); //Se crea objeto que tiene el estandar JWT
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.Now, //fecha de creación del token
expires: DateTime.Now.AddMinutes(Convert.ToInt32(expireTime)), //fecha de expiración de token
signingCredentials: signingCredentials);
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken);
ConductorTokenLogin token = new ConductorTokenLogin();
token.FechaGenerado = DateTime.Now;
token.FechaVigencia = DateTime.Now.AddMinutes(Convert.ToInt32(expireTime));
token.IdConductor = conductor.IdConductor;
token.Token = jwtTokenString;
new LConductor(_context).guardarToken(token);
return(jwtTokenString);
}
public System.Security.Claims.ClaimsPrincipal ValidateIdToken(string idToken, string issuer, string audience)
{
System.Security.Claims.ClaimsPrincipal claimPrincipal = null;
IConfigurationManager <OpenIdConnectConfiguration> configurationManager = new ConfigurationManager <OpenIdConnectConfiguration>($"{issuer}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
OpenIdConnectConfiguration openIdConfig = AsyncHelper.RunSync(async() => await configurationManager.GetConfigurationAsync(CancellationToken.None));
TokenValidationParameters validationParameters =
new TokenValidationParameters
{
ValidAudience = audience,
ValidIssuer = issuer,
IssuerSigningKeys = openIdConfig.SigningKeys,
ValidateIssuerSigningKey = true,
ValidateAudience = true,
ValidateIssuer = true,
ValidateLifetime = true
};
Microsoft.IdentityModel.Tokens.SecurityToken validatedToken;
System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler handler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
try
{
claimPrincipal = handler.ValidateToken(idToken, validationParameters, out validatedToken);
}
catch (Exception ex)
{
var error = ex.Message;
}
return(claimPrincipal);
}
private string CreateToken(ApplicationUser user)
{
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName),
new Claim(JwtRegisteredClaimNames.NameId, user.Id.ToString())
};
if (user.LastName != null)
{
claims.Add(new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName));
}
var jwtSecret = _configuration["Jwt:Key"];
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSecret));
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
var utcNow = DateTime.UtcNow;
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = utcNow.AddMonths(3),
SigningCredentials = signingCredentials,
Issuer = _configuration["Jwt:Issuer"],
Audience = _configuration["Jwt:Audience"]
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var jwt = tokenHandler.WriteToken(token);
return(jwt);
}
public static string GenerateTokenJwt(string username)
{
// appsetting for Token JWT
var secretKey = ConfigurationManager.AppSettings["JWT_SECRET_KEY"];
var audienceToken = ConfigurationManager.AppSettings["JWT_AUDIENCE_TOKEN"];
var issuerToken = ConfigurationManager.AppSettings["JWT_ISSUER_TOKEN"];
var expireTime = ConfigurationManager.AppSettings["JWT_EXPIRE_MINUTES"];
var securityKey = new SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(secretKey));
var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create a claimsIdentity
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) });
// create token to the user
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtSecurityToken = tokenHandler.CreateJwtSecurityToken(
audience: audienceToken,
issuer: issuerToken,
subject: claimsIdentity,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(Convert.ToInt32(expireTime)),
signingCredentials: signingCredentials);
var jwtTokenString = tokenHandler.WriteToken(jwtSecurityToken);
return(jwtTokenString);
}
public async Task <TokenResponse> RefreshToken(string token)
{
var client = TheTvDbHttpClient.GetClient();
var response = await client.SendAsync(HttpClientHelper.GetHttpRequestMessage($"/refresh_token", token));
var result = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
_logger.LogError($"[{response.StatusCode}] {result}");
return(new TokenResponse()
{
Error = $"Error {response.StatusCode}"
});
}
var tokenResponse = JsonConvert.DeserializeObject <TokenResponse>(result);
var securityTokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var jwtToken = securityTokenHandler.ReadJwtToken(tokenResponse.Token);
tokenResponse.Expire = jwtToken.Payload.Exp;
return(tokenResponse);
}
