private Task <ClaimsIdentity> GetIdentity(CheckAppContext context, string username, string password, string oauth_id) { var userRepo = new UserRepository(context); var isAuth = userRepo.AuthenticateUser(username, password); var isFbAuth = userRepo.AuthenticateFBUser(oauth_id); if (isAuth || isFbAuth) { return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(username, "Token"), new Claim[] { }))); } // Credentials are invalid, or account doesn't exist return(Task.FromResult <ClaimsIdentity>(null)); }
private async Task GenerateToken(HttpContext context, CheckAppContext dbcontext) { var oauth_id = context.Request.Form["oauth_id"]; var username = context.Request.Form["username"]; var password = context.Request.Form["password"]; var identity = await _options.IdentityResolver(dbcontext, username, password, oauth_id); if (identity == null) { context.Response.StatusCode = 400; await context.Response.WriteAsync("Usuário ou senha inválidos."); return; } var now = DateTime.UtcNow; // Specifically add the jti (nonce), iat (issued timestamp), and sub (subject/user) claims. // You can add other claims here, if you want: var claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub, (string.IsNullOrEmpty(username) ? oauth_id : username)), new Claim(JwtRegisteredClaimNames.Jti, await _options.NonceGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(now).ToString(), ClaimValueTypes.Integer64) }; // Create the JWT and write it to a string var jwt = new JwtSecurityToken( issuer: _options.Issuer, audience: _options.Audience, claims: claims, notBefore: now, expires: now.Add(_options.Expiration), signingCredentials: _options.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new { access_token = encodedJwt, expires_in = (int)_options.Expiration.TotalSeconds }; // Serialize and return the response context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings)); }
public Task Invoke(HttpContext context, CheckAppContext dbcontext) { // If the request path doesn't match, skip if (!context.Request.Path.Equals(_options.Path, StringComparison.Ordinal)) { return(_next(context)); } // Request must be POST with Content-Type: application/x-www-form-urlencoded if (!context.Request.Method.Equals("POST") || !context.Request.HasFormContentType) { context.Response.StatusCode = 400; return(context.Response.WriteAsync("Bad request.")); } _logger.LogInformation("Handling request: " + context.Request.Path); return(GenerateToken(context, dbcontext)); }
public LoginController(CheckAppContext context) { _context = context; }
public AgendaController(CheckAppContext context) { _context = context; }
public AppointmentTypeController(CheckAppContext context) { _context = context; }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, CheckAppContext context) { loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); var secretKey = env.IsDevelopment() ? "mysupersecretkey!@1234" : Environment.GetEnvironmentVariable("WEBSITE_AUTH_SIGNING_KEY"); _key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secretKey)); var tokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = _key, ValidAudience = env.IsDevelopment() ? "localhost" : TokenAudience, ValidateAudience = true, ValidIssuer = env.IsDevelopment() ? "localhost" : TokenIssuer, ValidateIssuer = true, ValidateIssuerSigningKey = true, ValidateLifetime = false, ClockSkew = TimeSpan.Zero }; // The secret key every token will be signed with. // Keep this safe on the server! var signingCredentials = new SigningCredentials(_key, SecurityAlgorithms.HmacSha256); app.UseSimpleTokenProvider(new TokenProviderOptions { Path = "/token", Audience = env.IsDevelopment() ? "localhost" : TokenAudience, Issuer = env.IsDevelopment() ? "localhost" : TokenIssuer, SigningCredentials = signingCredentials, IdentityResolver = GetIdentity }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, AuthenticationScheme = "Cookie", CookieName = "access_token", TicketDataFormat = new CustomJwtDataFormat(SecurityAlgorithms.HmacSha256, tokenValidationParameters) }); app.UseDefaultFiles(); app.UseStaticFiles(); ConfigureRoutes(app); app.UseDeveloperExceptionPage(); DbInitializer.Initialize(context); }