protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { try { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Unauthorized")); } string authorizationHeader = Request.Headers["Authorization"]; if (string.IsNullOrEmpty(authorizationHeader)) { return(AuthenticateResult.NoResult()); } var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; var user = await Task.Run(() => _user_service.Authenticate(username, password)); if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new[] { new Claim(ClaimTypes.Name, user.User), new Claim(ClaimTypes.Role, "TWELVE"), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); } catch (Exception ex) { return(AuthenticateResult.Fail(ex.Message)); } }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { //[email protected] //password=8be7dbd7237e2e0bf90ff81b8ff44333 //=> converted to base64 on https://www.base64encode.org/ => //am9obi5zbWl0aEBnbWFpbC5jb206OGJlN2RiZDcyMzdlMmUwYmY5MGZmODFiOGZmNDQzMzM= var bytes = Encoding.UTF8.GetBytes("emailAdress:password"); var base64 = Convert.ToBase64String(bytes); if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Authorization header was not found")); } try { var authenticationHeaderValue = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var outputBytes = Convert.FromBase64String(authenticationHeaderValue.Parameter); var credentials = Encoding.UTF8.GetString(outputBytes).Split(':'); var email = credentials[0]; var password = credentials[1]; var user = await _context.Users.FirstOrDefaultAsync(u => u.EmailAddress == email && u.Password == password); if (user == null) { return(AuthenticateResult.Fail("Invalid username or passord")); } else { var claims = new[] { new Claim(ClaimTypes.Name, user.EmailAddress) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); } } catch (System.Exception) { return(AuthenticateResult.Fail("Error has ocurred")); } }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } User user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var email = credentials[0]; var password = credentials[1]; user = await _userService.Authenticate(email, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Email), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } Bilten.Model.Korisnici user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; user = _userService.Authenticiraj(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Pogrešan username ili password")); } var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme), new Claim(ClaimTypes.Name, user.ImePrezime), }; var role = user.VrstaKorisnika.Naziv; claims.Add(new Claim(ClaimTypes.Role, role)); var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
public async Task <IActionResult> DecryptClaims([FromBody] Dictionary <string, string> content) { if (!Request.Headers.ContainsKey("Authorization")) { return(BadRequest("Authorization header is required.")); } var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var secret = authHeader.Parameter.Replace("Bearer ", ""); if (secret.Length < 16) { return(BadRequest("Secret value provided is of insufficient length.")); } var secretBytes = Encoding.UTF8.GetBytes(secret.Substring(0, 16)); var outputClaims = new Dictionary <string, string>(); using (var aesAlg = Aes.Create()) { var decryptor = aesAlg.CreateDecryptor(secretBytes, secretBytes); foreach (var kv in content) { var cipherText = Convert.FromBase64String(content[kv.Key]); using (var cipherStream = new MemoryStream(cipherText)) { using (var cryptoStream = new CryptoStream(cipherStream, decryptor, CryptoStreamMode.Read)) { using (var textReader = new StreamReader(cryptoStream)) { outputClaims[kv.Key] = await textReader.ReadToEndAsync(); } } } } } return(new JsonResult(outputClaims)); }
public async Task <IActionResult> UpdateData() { string password = string.Empty; string userName = string.Empty; try { if (Request.Headers.ContainsKey("Authorization")) { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); userName = credentials[0]; password = credentials[1]; } } catch { return(Unauthorized("Invalid Auth Header!")); } string requestString; using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8)) { requestString = await reader.ReadToEndAsync(); } var request = JsonConvert.DeserializeObject <SensorUpdateRequest>(requestString); var deviceId = _devicesService.AuthorizeSensor(request.EspId, userName, password); if (!deviceId.HasValue || deviceId == Guid.Empty) { return(Unauthorized("Invalid UserName/Password or Device not found!")); } _jsonUpdatesService.SaveUpdate(deviceId.Value, requestString); _aqiEcoService.SendToAqi(deviceId.Value, requestString); var result = _measurementsService.AddSensorMeasurement(deviceId.Value, request.DataValues); return(Ok(result)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { Response.StatusCode = 401; Response.Headers.Add("WWW-Authenticate", "Basic"); return(AuthenticateResult.Fail("Missing Authorization Header")); } try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; var isValid = await Task.FromResult(username == "validuser" && password == "password"); // bypass async method warning if (isValid) { var claims = new[] { new Claim(ClaimTypes.Name, username), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); } else { Response.StatusCode = 401; Response.Headers.Add("WWW-Authenticate", "Basic"); return(AuthenticateResult.Fail("Please enter the correct credentials")); } } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } }
public static async void AddPatient() { Console.WriteLine("[DODAJ PACJENTA]"); Console.WriteLine("First Name:"); string FirstNameRl = Console.ReadLine(); Console.WriteLine("Surname:"); string SurnameRl = Console.ReadLine(); Console.WriteLine("Age:"); string AgeRl = Console.ReadLine(); Console.WriteLine("Email:"); string email = Console.ReadLine(); HttpClient client = new HttpClient(); var app = PublicClientApplicationBuilder.Create("fce95216-40e5-4a34-b041-f287e46532be") .WithAuthority("https://login.microsoftonline.com/146ab906-a33d-47df-ae47-fb16c039ef96/v2.0/") .WithDefaultRedirectUri() .Build(); var result = await app.AcquireTokenInteractive(new[] { "api://fce95216-40e5-4a34-b041-f287e46532be/.default" }).ExecuteAsync(); string token = result.AccessToken; client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token); Patient p = new Patient() { FirstName = FirstNameRl, Surname = SurnameRl, PositiveTestDate = DateTime.Now, Age = Int16.Parse(AgeRl), Email = email }; string patientJson = System.Text.Json.JsonSerializer.Serialize(p); await client.PostAsync("https://localhost:5001/api/patients", new StringContent(patientJson, Encoding.UTF8, "application/json")); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } Model.User user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; user = _userService.Authenticate(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.Username), new Claim(ClaimTypes.Name, user.FirstName), }; var role = _context.Users.Where(k => k.Id == user.Id).Select(k => k.Role.Name).SingleOrDefault(); claims.Add(new Claim(ClaimTypes.Role, role)); var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
public async Task Invoke(HttpContext context) { if (!context.Request.Headers.ContainsKey("Authorization")) { context.Response.StatusCode = 401; return; } var authenticated = false; try { var authenticationHeader = AuthenticationHeaderValue.Parse(context.Request.Headers["Authorization"]); if (!authenticationHeader.Scheme.Equals("Basic")) { throw new Exception("Invalid Basic auth authroization schema."); } var credentialChunk = Convert.FromBase64String(authenticationHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialChunk).Split(":"); var username = credentials[0]; var password = credentials[1]; authenticated = username.Equals(password); } catch { context.Response.StatusCode = 401; //Unauthorized return; } if (authenticated) { await _next.Invoke(context); } else { context.Response.StatusCode = 401; //Unauthorized return; } }
protected override Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(Task.FromResult(AuthenticateResult.Fail("Missing Authorization header"))); } try { var authenticationHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authenticationHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(":"); var username = credentials[0]; var password = credentials[1]; if (username != "Pluralsight" || password != "Pluralsight") { return(Task.FromResult(AuthenticateResult.Fail("Invalid username or password"))); } var claims = new Claim[] { new Claim(ClaimTypes.NameIdentifier, username) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(Task.FromResult(AuthenticateResult.Success(ticket))); } catch { return(Task.FromResult(AuthenticateResult.Fail("Invalida Authorization header"))); } }
/// <summary> /// Get user Azure AD access token. /// </summary> /// <returns>Token to access MS graph.</returns> public async Task <string> GetAccessTokenAsync() { List <string> scopeList = this.azureAdOptions.Value.GraphScope.Split(new char[] { ' ' }, System.StringSplitOptions.RemoveEmptyEntries).ToList(); try { // Gets user account from the accounts available in token cache. // https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.clientapplicationbase.getaccountasync?view=azure-dotnet // Concatenation of UserObjectId and TenantId separated by a dot is used as unique identifier for getting user account. // https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.accountid.identifier?view=azure-dotnet#Microsoft_Identity_Client_AccountId_Identifier var account = await this.confidentialClientApp.GetAccountAsync($"{this.UserObjectId}.{this.azureAdOptions.Value.TenantId}"); // Attempts to acquire an access token for the account from the user token cache. // https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.client.clientapplicationbase.acquiretokensilent?view=azure-dotnet AuthenticationResult result = await this.confidentialClientApp .AcquireTokenSilent(scopeList, account) .ExecuteAsync(); return(result.AccessToken); } catch (MsalUiRequiredException msalex) { // Getting new token using AddTokenToCacheFromJwtAsync as AcquireTokenSilent failed to load token from cache. TokenAcquisitionHelper tokenAcquisitionHelper = new TokenAcquisitionHelper(this.confidentialClientApp); try { this.logger.LogInformation($"MSAL exception occurred while trying to acquire new token. MSAL exception details are found {msalex}."); var jwtToken = AuthenticationHeaderValue.Parse(this.Request.Headers["Authorization"].ToString()).Parameter; return(await tokenAcquisitionHelper.AddTokenToCacheFromJwtAsync(this.azureAdOptions.Value.GraphScope, jwtToken)); } catch (Exception ex) { this.logger.LogError(ex, $"An error occurred in GetAccessTokenAsync: {ex.Message}."); throw; } } catch (Exception ex) { this.logger.LogError(ex, $"An error occurred in fetching token : {ex.Message}."); throw; } }
protected async override Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey(authorizationKey)) { return(AuthenticateResult.Fail("Missing authorization header")); } var authorizationHeader = AuthenticationHeaderValue.Parse(Request.Headers[authorizationKey]); if (authorizationHeader.Scheme != "Basic") { return(AuthenticateResult.Fail("Invalid schema")); } byte[] credentialBytes = Convert.FromBase64String(authorizationHeader.Parameter); string[] credentials = Encoding.UTF8.GetString(credentialBytes).Split(":"); string login = credentials[0]; string password = credentials[1]; if (!authenticationService.TryAuthorize(login, password, out Customer customer)) { return(AuthenticateResult.Fail("Invalid login or password")); } ClaimsIdentity identity = new ClaimsIdentity(Scheme.Name); ClaimsPrincipal principal = new ClaimsPrincipal(identity); identity.AddClaim(new Claim(ClaimTypes.Email, customer.Email)); identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, customer.Birthday.ToString())); //identity.AddClaim(new Claim("kat", "B")); //identity.AddClaim(new Claim("kat", "C")); //identity.AddClaim(new Claim(ClaimTypes.Role, "Developer")); //identity.AddClaim(new Claim(ClaimTypes.Role, "Trainer")); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { // skip authentication if endpoint has [AllowAnonymous] attribute var endpoint = Context.GetEndpoint(); if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null) { return(AuthenticateResult.NoResult()); } if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } // User user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; if (await _basicAuthenticationService.AuthenticateUser(username, password)) { return(AuthenticateResult.Fail("Invalid Authorization Header")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, username), new Claim(ClaimTypes.Name, username), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; var tenant = GetTenant(); if (string.IsNullOrEmpty(tenant)) { return(AuthenticateResult.Fail("Unknown tenant")); } if (string.IsNullOrEmpty(username) || username != password) { return(AuthenticateResult.Fail("Wrong username or password")); } } catch (Exception e) { return(AuthenticateResult.Fail("Unable to authenticate")); } var claims = new[] { new Claim("Tenant", "tenant id") }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } Wellness.Model.Osoba user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; user = _userService.Authenticiraj(username, password);//trebamo napravit neki servis hur dur } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme), new Claim(ClaimTypes.Name, user.Ime),//idk valjda bi trebo bit password.. }; claims.Add(new Claim(ClaimTypes.Role, user.Uloga.Naziv)); var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } bool isValidJwt = false; string jwtToken = ""; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var authHeaderString = authHeader.ToString(); jwtToken = authHeaderString.Replace("Bearer ", "").Trim(); isValidJwt = _JwtService.IsValidJwt(jwtToken); } catch (Exception e) { Console.WriteLine(e); _Logger.LogCritical(e.ToString()); return(AuthenticateResult.Fail("Invalid Jwt")); } if (!isValidJwt) { return(AuthenticateResult.Fail("Invalid Jwt")); } // TODO: Add other payload items aswell to current claims var jwtPayload = _JwtService.DecodeJwt(jwtToken); var claims = new[] { new Claim(ClaimTypes.Name, jwtPayload["name"].ToString()) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } User CurrentUser = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; CurrentUser = _userService.Authenticate(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (CurrentUser == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } _userService.SetCurrentUser(CurrentUser); var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, CurrentUser.Username), new Claim(ClaimTypes.Name, CurrentUser.Name), }; claims.Add(new Claim(ClaimTypes.Role, CurrentUser.UserType.Type)); //role var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } bool success = false; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; success = await Task.Factory.StartNew(() => { return(username == "admin" && password == "admin"); }); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (!success) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, 1.ToString()), new Claim(ClaimTypes.Name, "Administrator"), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } User user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; user = await this.context.Users.FirstOrDefaultAsync(x => x.Email.ToUpper().Equals(username.ToUpper())); if (!SecurePasswordHasher.Verify(password, user.UserPassword.Password.Text.ToString())) { return(AuthenticateResult.Fail("Invalid Username or Password")); } } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new[] { new Claim(ClaimTypes.Email, user.Id.ToString()), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
public static async Task Main(string[] args) { var username = args[0]; var password = args[1]; var hostname = args[2]; var handler = new HttpClientRedirectHandler(); using (var client = new HttpClient(handler) { BaseAddress = new Uri($"https://{hostname}/api/v1") }) { // Login - constructing a payload that looks like { "username": "******"password": "******" } var loginMessage = $"{{ 'username': '******', 'password': '******' }}"; var loginContent = new StringContent(loginMessage, Encoding.UTF8, "application/json"); var loginResponseMessage = await client.PostAsync("login", loginContent); // Read the results var loginResult = await loginResponseMessage.Content.ReadAsStringAsync(); // Get the access token // We could use string manipulation methods, but using JSON.NET is much easier var accessToken = JToken.Parse(loginResult)["accessToken"].Value <string>(); // Add an authorization header to the list of default headers for our client client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse($"Bearer {accessToken}"); // Let's attempt to retrieve the first page of alarms var alarmsResponse = await client.GetAsync("alarms"); // Parse the response using Newtonsoft and print the first one. var alarmsObject = JObject.Parse(await alarmsResponse.Content.ReadAsStringAsync()); var alarms = alarmsObject["items"]; Console.WriteLine($"First alarm: {alarms?[0]}"); } }
private void AddHeader(HttpRequestMessage requestMessage, RestHeader header) { switch (header.Key) { case "Authorization": requestMessage.Headers.Authorization = AuthenticationHeaderValue.Parse(header.Value); break; case "Date": requestMessage.Headers.Date = DateTimeOffset.Parse(header.Value); break; case "Content-Type": break; default: requestMessage.Headers.Add(header.Key, header.Value); break; } }
public async Task <ActionResult <int> > seguimiento(string id_modulo, string id_persona, int id_anio, int id_mes) { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var handler = new JwtSecurityTokenHandler(); var jwtToken = handler.ReadToken(authHeader.Parameter) as JwtSecurityToken; var codPersona = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "nameid").Value; var usuario = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "unique_name").Value; var rol = jwtToken.Claims.FirstOrDefault(claim => claim.Type == "role").Value; return(await Mediator.Send(new GetSeguimientoObseracion() { modulo = id_modulo, persona = id_persona, anio = id_anio, mes = id_mes, usuario = usuario, rol = rol })); }
async Task <string> FetchBlankPage() { var c = new HttpClient(); var rq = new HttpRequestMessage(HttpMethod.Get, $"{kspProxyConfig.Host}/blank"); rq.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html")); rq.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xhtml+xml")); if (!string.IsNullOrEmpty(kspProxyConfig.Authorization)) { rq.Headers.Authorization = AuthenticationHeaderValue.Parse(kspProxyConfig.Authorization); } if (HttpContext.Request.Headers.TryGetValue("Cookie", out var x)) { rq.Headers.Add("Cookie", x.AsEnumerable()); } var rs = await c.SendAsync(rq); return(await rs.Content.ReadAsStringAsync()); }
private async Task <KeyValuePair <string, HttpResponseMessage> > UploadFile(string filename) { using HttpClient client = new HttpClient { BaseAddress = new Uri($"https://cloud-api.yandex.net/v1/disk/resources/upload?path={_dstDir}/{filename}&overwrite={_overwrite}"), DefaultRequestHeaders = { Authorization = AuthenticationHeaderValue.Parse(_token), Accept = { MediaTypeWithQualityHeaderValue.Parse("application/json") }, } }; var getResponse = await client.GetAsync(client.BaseAddress); var getResponseBody = await getResponse.Content.ReadFromJsonAsync <YaDiskResponse>(); var streamContent = new StreamContent(File.OpenRead($"{_srcDir}\\{filename}")); var putResponse = await client.PutAsync(getResponseBody?.Href, streamContent); return(new KeyValuePair <string, HttpResponseMessage>(filename, putResponse)); }
public async Task <HttpResponseMessage> PostAsync(string url, object data) { var token = await _sessionDataService.GetCurrentUserDataAsync(); _httpClient.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token.Token); HttpResponseMessage responseMessage = await _httpClient.PostAsJsonAsync(url, data); if (responseMessage.StatusCode != HttpStatusCode.Unauthorized) { return(responseMessage); } await _sessionDataService.SetCurrentUserDataAsync(null); await _sessionDataService.SetRollbackUrl(_navigationManager.Uri); _navigationManager.NavigateTo("/"); return(null); }
public void Parse_Invalid() { try { AuthenticationHeaderValue.Parse(null); Assert.Fail("#1"); } catch (FormatException) { } try { AuthenticationHeaderValue.Parse(" "); Assert.Fail("#2"); } catch (FormatException) { } try { AuthenticationHeaderValue.Parse("a;b"); Assert.Fail("#3"); } catch (FormatException) { } }
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e) { HttpRequest request = HttpContext.Current.Request; string authHeader = request.Headers[nilnul.pass.http.request.header.Keys.Authorization]; if (authHeader != null) { AuthenticationHeaderValue authHeaderVal = AuthenticationHeaderValue.Parse(authHeader); if (authHeaderVal.Scheme.Equals( "Bearer", StringComparison.OrdinalIgnoreCase) && authHeaderVal.Parameter != null ) { AuthenticateToken(authHeaderVal.Parameter); } } }
public async Task LogOutAsync(string token) { using (var client = new HttpClient()) { if (!string.IsNullOrEmpty(token)) { //Add the authorization header client.DefaultRequestHeaders.Authorization = AuthenticationHeaderValue.Parse("Bearer " + token); } var result = await client.GetAsync(Flurl.Url.Combine(BaseUri, "/api/Account/Logout")); if (result.IsSuccessStatusCode) { return; } throw new ApiException(result.StatusCode, string.Empty); } }
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e) { System.Diagnostics.Debug.WriteLine("Module1: Authenticate"); var request = HttpContext.Current.Request; var authHeader = request.Headers["Authorization"]; if (authHeader != null) { System.Diagnostics.Debug.WriteLine("Module1: Authenticate Request Actual"); var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader); // RFC 2617 sec 1.2, "scheme" name is case-insensitive if (authHeaderVal.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase) && authHeaderVal.Parameter != null) { AuthenticateUser(authHeaderVal.Parameter); } } }