public async Task WhenAuthCalledThenTokenIsValidated()
        {
            var token  = "token";
            var claims = new List <Claim>
            {
                new Claim("customerId", "customerId"),
                new Claim("email", "email"),
                new Claim("given_name", "given_name"),
                new Claim("family_name", "family_name"),
                new Claim("exp", DateTimeOffset.Now.AddHours(2).ToUnixTimeSeconds().ToString()),
            };

            A.CallTo(() => authClient.ValidateToken(token)).Returns(new JwtSecurityToken("test", "test", claims));

            using var controller = new AuthController(authClient, log, defaultsettings, defaultVersionedFiles, defaultConfiguration, baseUrlService)
                  {
                      ControllerContext = new ControllerContext
                      {
                          HttpContext = defaultContext,
                      },
                  };

            controller.Url = new UrlHelper(
                new ActionContext(defaultContext, new RouteData(),
                                  new ActionDescriptor())
                );

            await controller.Auth(token).ConfigureAwait(false);

            A.CallTo(() => authClient.ValidateToken(token)).MustHaveHappened();
        }
Exemplo n.º 2
0
        public async Task <IActionResult> Auth(string id_token)
        {
            JwtSecurityToken validatedToken;

            try
            {
                validatedToken = await authClient.ValidateToken(id_token);
            }
            catch (Exception ex)
            {
                logger.LogError(ex, "Failed to validate auth token.");
                return(Redirect($"{settings.DefaultRedirectUrl}/error"));
            }

            var claims = new List <Claim>
            {
                new Claim("CustomerId", validatedToken.Claims.FirstOrDefault(claim => claim.Type == "customerId")?.Value),
                new Claim(ClaimTypes.Email, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "email")?.Value),
                new Claim(ClaimTypes.GivenName, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value),
                new Claim(ClaimTypes.Surname, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value),
                new Claim("DssToken", id_token),
            };

            var expiryTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);

            expiryTime = expiryTime.AddSeconds(double.Parse(validatedToken.Claims.First(claim => claim.Type == "exp").Value, new DateTimeFormatInfo()));
            var authProperties = new AuthenticationProperties()
            {
                AllowRefresh = false,
                ExpiresUtc   = expiryTime,
                IsPersistent = true,
            };

            await HttpContext.SignInAsync(
                new ClaimsPrincipal(
                    new ClaimsIdentity(
                        new List <Claim>
            {
                new Claim("bearer", CreateChildAppToken(claims, expiryTime)),
                new Claim(ClaimTypes.Name, $"{validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value} {validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value}"),
            },
                        CookieAuthenticationDefaults.AuthenticationScheme)), authProperties);

            return(Redirect(GetAndResetRedirectUrl()));
        }