public ActionResult PostbackFromMfa(string accessToken) { var tokenValidationService = new TokenValidationService(); _logger.Debug($"Received MFA token: {accessToken}"); if (tokenValidationService.VerifyToken(accessToken, out var token)) { _logger.Information($"User {token.Identity} authenticated"); //save token to cookie var cookie = new HttpCookie(Constants.COOKIE_NAME) { Value = accessToken, //Secure = true, Expires = token.ValidTo }; Response.Cookies.Add(cookie); FormsAuthentication.SetAuthCookie(token.Identity, false); if (token.MustChangePassword) { return(RedirectToAction("ChangePassword", "Home")); } return(RedirectToAction("Index", "Home")); } //invalid token, see logs return(RedirectToAction("Login")); }
public ActionResult Change(ChangePasswordModel model) { var tokenCookie = Request.Cookies[Constants.COOKIE_NAME]; if (tokenCookie != null) { var tokenValidationService = new TokenValidationService(); if (tokenValidationService.VerifyToken(tokenCookie.Value, out var token)) { if (ModelState.IsValid) { var activeDirectoryService = new ActiveDirectoryService(); if (activeDirectoryService.ChangePassword(User.Identity.Name, model.Password, model.NewPassword, out string errorReason)) { return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError(string.Empty, errorReason); } } else { ModelState.AddModelError(string.Empty, "Неверное имя пользователя или пароль"); } return(View(model)); } } return(SignOut()); }
//public TokenAuthenicationHandler(HttpConfiguration configuration) //{ // InnerHandler = new HttpControllerDispatcher(configuration); //} protected override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { bool isRequestValid = false; var cookies = request.Headers.GetCookies("api.token-id").FirstOrDefault(); if (cookies != null) { string token = cookies["api.token-id"].Value; if (!string.IsNullOrEmpty(token)) { IToken tokenService = new TokenValidationService(); isRequestValid = tokenService.Validate(token); if (isRequestValid) { Task.Run(() => tokenService.RenewToken(token)); } } } if (!isRequestValid) { HttpResponseMessage responseResult = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); responseResult.Headers.Add("WWW-Authenticate", "Token Required or Invalid"); return(Task.FromResult(responseResult)); } return(base.SendAsync(request, cancellationToken)); }
public IActionResult Post(AccessTokenDTO auth) { string tmp = string.Empty; try { TokenValidationService tm = new TokenValidationService( _refreshService, _configuration, _tSLogger, _tokenService, _tokenServiceDbContext, _encryptionService); tmp = tm.VerifyToken(auth); } catch (InvalidTokenException exToken) { return(Unauthorized(new UnauthorizedError(exToken.Message))); } catch (Exception ex) { return(Unauthorized(new UnauthorizedError(ex.Message))); } return(Ok(tmp)); }
public BasketCheckoutConsumer(IMapper mapper, ILogger <BasketCheckoutConsumer> logger, IOrdersRepository service, IPublishEndpoint publishEndpoint, TokenValidationService tokenValidationService, IConfiguration config) { _mapper = mapper ?? throw new ArgumentNullException(nameof(mapper)); _logger = logger ?? throw new ArgumentNullException(nameof(logger)); _service = service ?? throw new ArgumentNullException(nameof(service)); _publishEndpoint = publishEndpoint ?? throw new ArgumentNullException(nameof(publishEndpoint)); _tokenValidationService = tokenValidationService; _config = config; }
public ActionResult Change() { var tokenCookie = Request.Cookies[Constants.COOKIE_NAME]; if (tokenCookie != null) { var tokenValidationService = new TokenValidationService(); if (tokenValidationService.VerifyToken(tokenCookie.Value, out var token)) { return(View()); } } return(SignOut()); }
public ActionResult PostbackFromMfa(string accessToken) { var tokenValidationService = new TokenValidationService(); if (tokenValidationService.VerifyToken(accessToken, out var userName, out bool mustChangePassword)) { _logger.Information($"User {userName} authenticated"); FormsAuthentication.SetAuthCookie(userName, false); if (mustChangePassword) { return(RedirectToAction("ChangePassword", "Home")); } return(RedirectToAction("Index", "Home")); } //invalid token, see logs return(RedirectToAction("Login")); }
public void TestAuthenticateAccessTokenFromRefreshToken() { ITSLogger log = new TSLogger(); AccessTokenDTO accessDTO = new AccessTokenDTO(); AuthorizationGrantRequestDTO authorizationGrantRequestDTO = new AuthorizationGrantRequestDTO { Client_Id = Guid.Parse("29bfd4b1-81c0-4db3-a615-4422d08f9792"), Code = null, Grant_Type = AuthorizationGrantType.refresh_token, UserName = null, Scope = null, Password = null, Redirect_Uri = null, Refresh_Token = HttpUtility.UrlEncode("pgsoAvSXD3xYPV+/pSAe3khYZWOFidHPxpltwNDP4Xw="), State = null }; IAuthenticationService tm = new AuthenticationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService()); accessDTO.Authorization = accessDTO.Authorization = tm.Authenticate(authorizationGrantRequestDTO).access_token; TokenValidationService tokenValidationService = new TokenValidationService(new RefreshToken(), configuration, log, new JWTToken(log, new EncryptionService(), configuration), context, new EncryptionService()); Assert.AreEqual(TokenConstants.ValidToken, tokenValidationService.VerifyToken(accessDTO)); }
public TokenValidationServiceTests() { _jwtValidator = new Mock <ISecurityTokenValidator>(); _testObject = new TokenValidationService(_jwtValidator.Object); }
public HomeController(TokenValidationService validator) { this.validator = validator; }