public bool Authenticate(string userName, string password)
{
WWWForm form = new WWWForm();
form.AddField("grant_type", "password");
form.AddField("UserName", userName);
form.AddField("Password", password);
var www = new WWW(authUrl, form);
while (!www.isDone)
{
}
if (www.error == null)
{
token = ParseResponse(www.text);
return(true);
}
else
{
token = null;
}
return(false);
}
public IActionResult ConnectServer([FromBody] WebApiToken serverWebApiToken)
{
if (!ModelState.IsValid)
{
return(BadRequest(BadRequest(LogLanguage.Instance.GetMessageFromKey(LanguageKey.AUTH_ERROR))));
}
if (serverWebApiToken.ServerToken != _apiConfiguration.Password)
{
return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LanguageKey.AUTH_INCORRECT)));
}
var claims = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, "Server"),
new Claim(ClaimTypes.Role, nameof(AuthorityType.Root))
});
var keyByteArray = Encoding.Default.GetBytes(EncryptionHelper.Sha512(_apiConfiguration.Password));
var signinKey = new SymmetricSecurityKey(keyByteArray);
var handler = new JwtSecurityTokenHandler();
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Subject = claims,
Issuer = "Issuer",
Audience = "Audience",
SigningCredentials = new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256)
});
return(Ok(handler.WriteToken(securityToken)));
}
// GET: Jquery
public async Task <ViewResult> Index()
{
var userName = ConfigurationManager.AppSettings["WebApiUserName"];
var password = ConfigurationManager.AppSettings["WebApiPassword"];
var url = ConfigurationManager.AppSettings["WebApiURL"];
using (HttpClient client = new HttpClient())
{
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair <string, string>("username", userName),
new KeyValuePair <string, string>("password", password),
new KeyValuePair <string, string>("grant_type", "password")
});
var response = await client.PostAsync("/token", content);
if (response.IsSuccessStatusCode)
{
var jsonToken = await response.Content.ReadAsStringAsync();
WebApiToken token = WebApiToken.Parse(jsonToken);
return(View(token));
}
}
return(View(new WebApiToken()));
}
public HttpResponseMessage Refresh(WebApiToken tokenApiModel)
{
if (tokenApiModel is null)
{
return(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
var accessToken = tokenApiModel.expiredToken;
string refreshToken = tokenApiModel.refreshToken;
var tokenService = new TokenService();
var principal = tokenService.GetPrincipalFromExpiredToken(accessToken);
//var userName = principal.Identity.Name; //this is mapped to the Name claim by default
var claims = ((System.Security.Claims.ClaimsIdentity)principal.Identity).Claims.ToList();
var userName = claims[1].Value;
var userIsAdmin = Convert.ToBoolean(claims[6].Value);
var userEmail = claims[2].Value;
var user = userController.GetAuthorizationEmployee(userEmail);
//if (user == null || user.RefreshToken != refreshToken)
//{
// return BadRequest("Invalid client request");
//}
var token = tokenService.GenerateJWT(new Users {
EmployeeName = userName, Email = userEmail, IsAdmin = userIsAdmin
});
//userContext.SaveChanges();
var response = new HttpResponseMessage();
response.StatusCode = HttpStatusCode.OK;
response.Headers.Add(JWTToken.Authorization, token.accessToken.ToString().AESStringEncryption(Constants.UserNumber));
response.Headers.Add("RefreshToken", token.refreshToken);
return(response);
}
//Response is a JSON object
//"access_token":"boQtj0SCGz2GFGz[...]",
//"token_type":"bearer",
//"expires_in":1209599,
//"userName":"******",
//".issued":"Mon, 14 Oct 2013 06:53:32 GMT",
//".expires":"Mon, 28 Oct 2013 06:53:32 GMT"
private WebApiToken ParseResponse(string text)
{
var result = SimpleJSON.JSON.Parse(text);
return(token = new WebApiToken()
{
AccessCode = result["access_token"].Value,
ExpirationTime = DateTime.Parse(result[".expires"].Value)
});
}
public WebApiClientMT(string url, string user, string psw, string api, service servece_owner)
{
try
{
this.servece_owner = servece_owner;
this.url = url;
this.user = user;
this.psw = psw;
this.api = api;
wapi = new WebApiToken(url, user, psw);
}
catch (Exception e)
{
e.ExceptionMethodLog(String.Format("WebApiClientMetallurgTrans(url={0},user={1},psw={2},api={3})", url, user, psw, api), this.servece_owner, eventID);
}
}
public WebApiClientMT(service servece_owner)
{
try
{
this.servece_owner = servece_owner;
this.url = ConfigurationManager.AppSettings["WebApiMTURL"].ToString();
this.user = ConfigurationManager.AppSettings["WebApiMTUser"].ToString();
this.psw = ConfigurationManager.AppSettings["WebApiMTPSW"].ToString();
this.api = ConfigurationManager.AppSettings["WebApiMTApi"].ToString();
this.api_arrival = ConfigurationManager.AppSettings["WebApiMTArrivalApi"].ToString();
wapi = new WebApiToken(url, user, psw);
}
catch (Exception e)
{
e.ExceptionMethodLog(String.Format("WebApiClientMetallurgTrans()"), this.servece_owner, eventID);
}
}
public WebApiToken GenerateJWT(Users user)
{
var jwtToken = new JWTToken();
jwtToken.AddClaim(ClaimTypes.NameIdentifier, "CPOC");
jwtToken.AddClaim(ClaimTypes.Name, user.EmployeeName);
jwtToken.AddClaim(ClaimTypes.Email, user.Email);
jwtToken.Issuer = Constants.Issuer;
jwtToken.Audience = Constants.Audience;
jwtToken.TimeOut = "10";
jwtToken.UserRole = user.Role;
jwtToken.IsAdmin = user.IsAdmin;
jwtToken.symmetricSignatureKeyString = AESServices.UserHmacKey(Constants.UserNumber, 3);
var webApiToken = new WebApiToken();
webApiToken.accessToken = jwtToken;
webApiToken.refreshToken = GenerateRefreshToken();
return(webApiToken);
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
//try
//{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
//TODO: I removed hashed tokens to reduce database size
//var refreshTokenId = Guid.NewGuid().ToString("n");
var service = WebApiTokenEN.GetService("");
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
WebApiToken token = WebApiTokenEN.GetEntityObjectT();
token.WebApiTokenID = Guid.NewGuid();
token.WebApiClientID = WebApiClientEN.GetService().GetByClientCode(clientid).WebApiClientID;
token.UserID = Convert.ToInt64(context.Ticket.Identity.Name);
token.IssuedUtc = DateTime.UtcNow;
token.ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime));
token.ProtectedTicket = context.SerializeTicket();
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
service.AddToken(token);
context.SetToken(token.WebApiTokenID.ToString("n"));
//}
//catch (Exception ex)
//{
// var result = UIUtils.GetExceptionActionResult(ex);
// context.Response.
//}
}
