public ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
{
var hmacKey = AESServices.UserHmacKey(Constants.UserNumber, 3);
var jwtToken = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey);
ClaimsIdentity id = new ClaimsIdentity(jwtToken.Claims, JWTToken.JWT_ID);
id.BootstrapContext = jwtToken;
ClaimsPrincipal principal = new ClaimsPrincipal(id);
return(principal);
}
public WebApiToken GenerateJWT(Users user)
{
var jwtToken = new JWTToken();
jwtToken.AddClaim(ClaimTypes.NameIdentifier, "CPOC");
jwtToken.AddClaim(ClaimTypes.Name, user.EmployeeName);
jwtToken.AddClaim(ClaimTypes.Email, user.Email);
jwtToken.Issuer = Constants.Issuer;
jwtToken.Audience = Constants.Audience;
jwtToken.TimeOut = "10";
jwtToken.UserRole = user.Role;
jwtToken.IsAdmin = user.IsAdmin;
jwtToken.symmetricSignatureKeyString = AESServices.UserHmacKey(Constants.UserNumber, 3);
var webApiToken = new WebApiToken();
webApiToken.accessToken = jwtToken;
webApiToken.refreshToken = GenerateRefreshToken();
return(webApiToken);
}
public static string AESStringDecryption(this string data, int UserNo)
{
return(AESServices.AESDataDecryption(data, 1, UserNo));
}
//private readonly AuthenticationHandler _options;
//public AuthenticationHandler(RequestDelegate next, IOptions<AuthenticationHandler> options)
//{
// this._next = next;
// this._options = options.Value;
//}
public async Task Invoke(HttpContext context)
{
//}
//public async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request)
//{
JWTToken oJwt = null;
var response = new HttpResponseMessage();
try
{
// skip the options requests
bool listContains = false;
foreach (KeyValuePair <string, List <string> > item in _public_No_JWT_List)
{
if (context.Request.Path.Value.ToLower().TrimEnd('/').Equals(item.Key.ToLower()))
{
listContains = item.Value.Contains(context.Request.Method);
break;
}
}
// Determine whether the client is accessing a Public controller, if not check for token
if ((!listContains))
{
var headers = context.Request.Headers;
string token = string.Empty;
if (headers.ContainsKey(JWTToken.Authorization))
{
token = headers[JWTToken.Authorization].First();
}
try
{
var hmacKey = AESServices.UserHmacKey(Constants.UserNumber, 3);
//var hmacKey = AESServices.UserHmacKey(TokenService.userNumber, 3);
//var t = token.AESStringDecryption(Constants.UserNumber);
oJwt = JWTToken.ParseJwtToken(token.AESStringDecryption(Constants.UserNumber), ref hmacKey);
//oJwt = JWTToken.ParseJwtToken(token.AESStringDecryption(TokenService.userNumber), ref hmacKey);
// Set Principal and store JWT
ClaimsIdentity id = new ClaimsIdentity(oJwt.Claims, JWTToken.JWT_ID);
id.BootstrapContext = oJwt;
ClaimsPrincipal principal = new ClaimsPrincipal(id);
Thread.CurrentPrincipal = new ClaimsPrincipal(id);
var x = id.Claims.Where(x => x.Type == "isad").First();
var role = id.Claims.Where(x => x.Type == "role").First();
if (x.Value.Contains("False"))
{
var routeValue = context.Request.Path.Value.Split("/").Last();
string value = Permissions.GetPermission(routeValue);
var checkAccess = Bitwise.IsAttributeInCombination(long.Parse(value), long.Parse(role.Value));
if (!checkAccess)
{
throw new Exception("You don't have rights for this method.");
}
}
else
{
var routeValue = context.Request.Path.Value.Split("/").Last();
string value = Permissions.GetPermission(routeValue);
var checkAccess = Bitwise.IsAttributeInCombination(long.Parse(value), long.Parse(role.Value));
if (!checkAccess)
{
throw new Exception("You don't have rights for this method.");
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
await _next(context);
}
catch (Exception ex)
{
HttpResponseMessage exceptionResponse = new HttpResponseMessage(HttpStatusCode.BadRequest);
context.Response.StatusCode = Convert.ToInt32(HttpStatusCode.BadRequest);
context.Response.ContentType = "application/json; charset=utf-8";
var result = ex.ToString() + "An error occurred processing your authentication.";
await context.Response.WriteAsync(result);
}
}
