public ActionResult PostbackFromMfa(string accessToken)
        {
            var tokenValidationService = new TokenValidationService();

            _logger.Debug($"Received MFA token: {accessToken}");

            if (tokenValidationService.VerifyToken(accessToken, out var token))
            {
                _logger.Information($"User {token.Identity} authenticated");

                //save token to cookie
                var cookie = new HttpCookie(Constants.COOKIE_NAME)
                {
                    Value = accessToken,
                    //Secure = true,
                    Expires = token.ValidTo
                };

                Response.Cookies.Add(cookie);

                FormsAuthentication.SetAuthCookie(token.Identity, false);

                if (token.MustChangePassword)
                {
                    return(RedirectToAction("ChangePassword", "Home"));
                }

                return(RedirectToAction("Index", "Home"));
            }

            //invalid token, see logs
            return(RedirectToAction("Login"));
        }
        public ActionResult Change(ChangePasswordModel model)
        {
            var tokenCookie = Request.Cookies[Constants.COOKIE_NAME];

            if (tokenCookie != null)
            {
                var tokenValidationService = new TokenValidationService();
                if (tokenValidationService.VerifyToken(tokenCookie.Value, out var token))
                {
                    if (ModelState.IsValid)
                    {
                        var activeDirectoryService = new ActiveDirectoryService();
                        if (activeDirectoryService.ChangePassword(User.Identity.Name, model.Password, model.NewPassword, out string errorReason))
                        {
                            return(RedirectToAction("Index", "Home"));
                        }
                        else
                        {
                            ModelState.AddModelError(string.Empty, errorReason);
                        }
                    }
                    else
                    {
                        ModelState.AddModelError(string.Empty, "Неверное имя пользователя или пароль");
                    }
                    return(View(model));
                }
            }

            return(SignOut());
        }
        //public TokenAuthenicationHandler(HttpConfiguration configuration)
        //{
        //    InnerHandler = new HttpControllerDispatcher(configuration);
        //}

        protected override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
        {
            bool isRequestValid = false;
            var  cookies        = request.Headers.GetCookies("api.token-id").FirstOrDefault();

            if (cookies != null)
            {
                string token = cookies["api.token-id"].Value;
                if (!string.IsNullOrEmpty(token))
                {
                    IToken tokenService = new TokenValidationService();
                    isRequestValid = tokenService.Validate(token);
                    if (isRequestValid)
                    {
                        Task.Run(() => tokenService.RenewToken(token));
                    }
                }
            }
            if (!isRequestValid)
            {
                HttpResponseMessage responseResult = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
                responseResult.Headers.Add("WWW-Authenticate", "Token Required or Invalid");
                return(Task.FromResult(responseResult));
            }
            return(base.SendAsync(request, cancellationToken));
        }
예제 #4
0
        public IActionResult Post(AccessTokenDTO auth)
        {
            string tmp = string.Empty;

            try
            {
                TokenValidationService tm = new TokenValidationService(
                    _refreshService,
                    _configuration,
                    _tSLogger,
                    _tokenService,
                    _tokenServiceDbContext,
                    _encryptionService);
                tmp = tm.VerifyToken(auth);
            }
            catch (InvalidTokenException exToken)
            {
                return(Unauthorized(new UnauthorizedError(exToken.Message)));
            }
            catch (Exception ex)
            {
                return(Unauthorized(new UnauthorizedError(ex.Message)));
            }
            return(Ok(tmp));
        }
 public BasketCheckoutConsumer(IMapper mapper, ILogger <BasketCheckoutConsumer> logger, IOrdersRepository service, IPublishEndpoint publishEndpoint, TokenValidationService tokenValidationService, IConfiguration config)
 {
     _mapper                 = mapper ?? throw new ArgumentNullException(nameof(mapper));
     _logger                 = logger ?? throw new ArgumentNullException(nameof(logger));
     _service                = service ?? throw new ArgumentNullException(nameof(service));
     _publishEndpoint        = publishEndpoint ?? throw new ArgumentNullException(nameof(publishEndpoint));
     _tokenValidationService = tokenValidationService;
     _config                 = config;
 }
        public ActionResult Change()
        {
            var tokenCookie = Request.Cookies[Constants.COOKIE_NAME];

            if (tokenCookie != null)
            {
                var tokenValidationService = new TokenValidationService();
                if (tokenValidationService.VerifyToken(tokenCookie.Value, out var token))
                {
                    return(View());
                }
            }

            return(SignOut());
        }
        public ActionResult PostbackFromMfa(string accessToken)
        {
            var tokenValidationService = new TokenValidationService();

            if (tokenValidationService.VerifyToken(accessToken, out var userName, out bool mustChangePassword))
            {
                _logger.Information($"User {userName} authenticated");

                FormsAuthentication.SetAuthCookie(userName, false);

                if (mustChangePassword)
                {
                    return(RedirectToAction("ChangePassword", "Home"));
                }

                return(RedirectToAction("Index", "Home"));
            }

            //invalid token, see logs
            return(RedirectToAction("Login"));
        }
        public void TestAuthenticateAccessTokenFromRefreshToken()
        {
            ITSLogger      log       = new TSLogger();
            AccessTokenDTO accessDTO = new AccessTokenDTO();
            AuthorizationGrantRequestDTO authorizationGrantRequestDTO = new AuthorizationGrantRequestDTO
            {
                Client_Id     = Guid.Parse("29bfd4b1-81c0-4db3-a615-4422d08f9792"),
                Code          = null,
                Grant_Type    = AuthorizationGrantType.refresh_token,
                UserName      = null,
                Scope         = null,
                Password      = null,
                Redirect_Uri  = null,
                Refresh_Token = HttpUtility.UrlEncode("pgsoAvSXD3xYPV+/pSAe3khYZWOFidHPxpltwNDP4Xw="),
                State         = null
            };
            IAuthenticationService tm = new AuthenticationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService());

            accessDTO.Authorization = accessDTO.Authorization = tm.Authenticate(authorizationGrantRequestDTO).access_token;
            TokenValidationService tokenValidationService = new TokenValidationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService());

            Assert.AreEqual(TokenConstants.ValidToken, tokenValidationService.VerifyToken(accessDTO));
        }
        public TokenValidationServiceTests()
        {
            _jwtValidator = new Mock <ISecurityTokenValidator>();

            _testObject = new TokenValidationService(_jwtValidator.Object);
        }
예제 #10
0
 public HomeController(TokenValidationService validator)
 {
     this.validator = validator;
 }