public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
return(Task.Run(() =>
{
HttpRequestMessage request = context.Request;
AuthenticationHeaderValue authorization = request.Headers.Authorization;
//JsonResult<ErrorResponse> bad = new JsonResult<ErrorResponse>(new ErrorResponse(ErrorNumber.NOT_AUTHORIZED_FOR_OPERATION, "Generic not authorized"), new JsonSerializerSettings(), Encoding.ASCII, context.Request);
if (authorization == null || authorization.Scheme != "Bearer")
{
return;
}
if (String.IsNullOrEmpty(authorization.Parameter))
{
context.ErrorResult = retError(ErrorNumber.INVALID_AUTHORIZATION_TOKEN_NO_BEARER, "No Bearer", request);
return;
}
JWTToken token = new JWTToken(authorization.Parameter);
IPrincipal principal = new JWTUser(token);
if (token.valid && !principal.Identity.IsAuthenticated)
{
context.ErrorResult = retError(ErrorNumber.UNKNOWN_ERROR, "Not sure what this is", request);
}
else
{
context.Principal = principal;
}
return;
}));
}
public async Task <List <Location> > GetLocationAsync(JWTToken jWT, Team team)
{
Url_data url_ = new Url_data();
HttpResponseMessage response = null;
List <Location> location = new List <Location>();
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
using (var client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
})
{
try { response = await client.GetAsync(url_.Location.ToString() + team.Id); } // REST GET
catch (Exception ex)
{
Crashes.TrackError(ex);
Debug.WriteLine(ex.Message.ToString());
}
if (response.IsSuccessStatusCode) /// Status Code
{
string responseContent = await response.Content.ReadAsStringAsync(); // Read GET
location = JsonConvert.DeserializeObject <List <Location> >(responseContent); // Deserialize JSON
}
else
{
return(null);
}
return(location);
}
}
public async IAsyncEnumerable <TeamMembers> GetTeamMembers(JWTToken jWT, int IdTeam)
{
Url_data url_ = new Url_data();
HttpResponseMessage response = null;
List <TeamMembers> ListTeams = null;
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
using (var client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
})
{
try { response = await client.GetAsync(url_.TeamMembers.ToString() + IdTeam); } // REST GET
catch (Exception ex)
{
Crashes.TrackError(ex);
Debug.WriteLine(ex.Message.ToString());
}
if (response.IsSuccessStatusCode) /// when user exists
{
string responseContent = await response.Content.ReadAsStringAsync(); // Read GET
ListTeams = JsonConvert.DeserializeObject <List <TeamMembers> >(responseContent); // Deserialize JSON
}
else
{
yield return(null);
}
for (int i = 0; i < ListTeams.Count; i++)
{
yield return(ListTeams[i]);
}
}
}
public async Task <TeamMembers> GetMyTeams(JWTToken jWT, int idGame)
{
Url_data url_ = new Url_data();
HttpResponseMessage response = null;
TeamMembers ListTeams = null;
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
using (var client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
})
{
try { response = await client.GetAsync(url_.TeamMembers_I.ToString() + "/" + idGame); } // REST GET
catch (Exception ex)
{
Crashes.TrackError(ex);
Debug.WriteLine(ex.Message.ToString());
}
if (response.IsSuccessStatusCode) /// Status Code
{
string responseContent = await response.Content.ReadAsStringAsync(); // Read GET
ListTeams = JsonConvert.DeserializeObject <TeamMembers>(responseContent); // Deserialize JSON
}
else
{
return(null);
}
return(ListTeams);
}
}
public JWTToken GenerateToken(CustomerModel customer)
{
var requiredClaims = new[]
{
new Claim(JwtRegisteredClaimNames.UniqueName, customer.Email),
new Claim(JwtRegisteredClaimNames.Sub, customer.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Name, customer.Name)
};
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SuperSecretPassword"));
var credentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
JwtSecurityToken access_token = new JwtSecurityToken(_config.GetSection("Issuer").Value,
_config.GetSection("Audience").Value,
requiredClaims,
expires: DateTime.Now.AddDays(1),
signingCredentials: credentials);
JWTToken identity_token = new JWTToken()
{
access_token = new JwtSecurityTokenHandler().WriteToken(access_token),
expires_in = 86400,
token_type = "bearer"
};
return(identity_token);
}
public HttpResponseMessage Validate(JWTToken token)
{
JWTToken result = new JWTToken()
{
IsValid = false
};
KeyCdr.Users.UserManager userMgr = new Users.UserManager();
var dbUser = userMgr.GetByLoginName(token.UserName);
if (dbUser == null)
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, result));
}
string tokenUsername = new JWTManager().ValidateToken(token.JWTValue);
result.UserName = tokenUsername;
if (token.UserName.Equals(tokenUsername))
{
result.IsValid = true;
return(Request.CreateResponse(HttpStatusCode.OK, result));
}
return(Request.CreateResponse(HttpStatusCode.BadRequest, result));
}
/// <summary>
/// Rest Get Method
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="getRequest"></param>
/// <returns></returns>
public static async Task <T> GetExecuteAsync <T>(JWTToken jWT, GetRequest getRequest) where T : class
{
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
using (client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
})
{
HttpResponseMessage response;
string responseContent;
try
{
response = await client.GetAsync(getRequest.strURL); // Get
responseContent = await response.Content.ReadAsStringAsync();
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message.ToString());
Crashes.TrackError(ex);
return(await Task.FromResult(JsonConvert.DeserializeObject <T>(null)));
}
if (response.IsSuccessStatusCode)
{
Debug.WriteLine(@"successfully saved.");
return(await Task.FromResult <T>(JsonConvert.DeserializeObject <T>(responseContent)));
}
return(await Task.FromResult <T>(JsonConvert.DeserializeObject <T>(responseContent)));
}
}
public async Task <JWTToken> Refresh(JWTToken tokens)
{
var tokenInDb = await _context.UserToken.FirstOrDefaultAsync(token => token.RefreshToken == tokens.RefreshToken);
if (tokenInDb == null || tokenInDb.ExpiryDate < DateTime.Now)
{
return(null);
}
var user = Models.UserToken.FromToken(tokens.JwtToken);
var userToken = new Models.UserToken()
{
UserId = user.UserId
};
var token = userToken.ToToken(_config);
token.RefreshToken = TokenHelper.GenerateRefreshToken();
var now = DateTime.Now;
tokenInDb.LastUpdated = now;
tokenInDb.ExpiryDate = now.AddDays(14);
tokenInDb.RefreshToken = token.RefreshToken;
_context.Update(tokenInDb);
await _context.SaveChangesAsync();
return(token);
}
public AuthenticationDTO AuthenticateGetToken(TokenDTO tokenDTO)
{
string _refreshTokenold = HttpUtility.UrlDecode(tokenDTO.Refresh_Token);
string _refreshToken = refreshtoken.GenerateToken(tokenDTO);
RefreshTokenDTO refauth = new RefreshTokenDTO {
Authorization = _refreshTokenold
};
AuthenticationDTO auth = new AuthenticationDTO();
try
{
// ValidationResult results = refreshvalidation.Validate(refauth);
Authorize authorize = oauth.Authorize.Where(x => x.Code == refauth.Authorization).FirstOrDefault();
User user = oauth.User.SingleOrDefault(x => x.UserId == authorize.UserId);
UserDTO userDTO = mapper.Map <UserDTO>(user);
auth.token_type = config["TokenType"];
auth.access_token = JWTToken.GenerateToken(tokenDTO);
auth.refresh_token = HttpUtility.UrlEncode(_refreshToken);
authorize.Code = _refreshToken;
oauth.SaveChanges();
}
catch (Exception ex)
{
Log.Log.Error(ex, TokenConstants.InvalidUser);
throw new InvalidUserException(TokenConstants.InvalidUser);
}
return(auth);
}
public string GenerateJWT(UserDTO user)
{
var expiry = 180;
var claim = new[]
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.Role, user.Role)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var jwtToken = new JwtSecurityToken(
_tokenManagement.Issuer,
_tokenManagement.Audience,
claim,
expires: DateTime.UtcNow.AddSeconds(expiry),
signingCredentials: credentials
);
var TokenString = new JwtSecurityTokenHandler().WriteToken(jwtToken);
// create timestamp in db
var jwt = new JWTToken()
{
UserEmail = user.Email,
jwtToken = TokenString,
TimeStamp = DateTime.UtcNow,
Expire = DateTime.UtcNow.AddSeconds(expiry)
};
_jwt.InsertOne(jwt);
return(TokenString);
}
public async Task <IActionResult> LogIn(string submitbutton, string username, string password)
{
HttpClient client = _httpContextFactory.CreateClient("TGSClient");
AppUser userModel = new AppUser();
userModel.UserName = username;
userModel.Password = password;
HttpResponseMessage response = await client.PostAsJsonAsync <AppUser>("api/Authorization/LogIn", userModel);
if (response.IsSuccessStatusCode)
{
JWTToken jwt = await response.Content.ReadFromJsonAsync <JWTToken>();
System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtSecurityToken = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(jwt.Token);
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity(jwtSecurityToken.Claims));
_httpContextCookieController.Set("token", jwt.Token, jwt.Expire);
return(Redirect("~/"));
}
else
{
return(View());
}
}
// POST rest/login
public LoginResponse Post([FromBody] Login login)
{
if (login == null || !ModelState.IsValid || login.ContainsExtra)
{
return(new LoginResponse()
{
errorcode = ErrorNumber.INVALID_USERNAME_OR_PASSWORD, error = "Invalid username/password"
});
}
kenzanEntities ke = new kenzanEntities();
Employee employee = ke.Employees
.Include("EmployeeRoles")
.Where <Employee>(e => e.username == login.username && e.bStatus == Status.ACTIVE)
.FirstOrDefault <Employee>();
if (employee != null && employee.password != null && crypto.BCrypt.Verify(login.password, employee.password))
{
JWTToken token = new JWTToken(employee);
return(new LoginResponse()
{
jwt = token.token
});
}
else
{
return new LoginResponse()
{
errorcode = ErrorNumber.INVALID_USERNAME_OR_PASSWORD, error = "Login failed", jwt = null
}
};
}
}
public async Task <bool> JoinToTeam(JWTToken jWT, Team item)
{
HttpResponseMessage response;
string json = JsonConvert.SerializeObject(item);
StringContent content = new StringContent(json, Encoding.UTF8, "application/json");
Url_data url_ = new Url_data();
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
using (var client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
})
{
try
{
response = await client.PostAsync(url_.TeamMembers.ToString(), content);
} // POST //
catch (Exception ex)
{
Crashes.TrackError(ex);
Debug.WriteLine(ex.Message.ToString());
return(false);
}
if (response.IsSuccessStatusCode)
{
return(true);
}
return(false);
}
}
public string Get()
{
//Just for test purpose and not sharing to this url to end user
JWTToken objToken = new JWTToken();
return(objToken.encodeToken(ConString.GetSecretKey));
}
public HttpResponseMessage HistoryAnalytics(JWTToken token)
{
var userMgr = new KeyCdr.History.UserSessionHistory();
IList <Data.Session> history = userMgr.GetHistoryDetailsAllTime(
new Data.KCUser()
{
UserId = Guid.Parse(token.UserId)
});
var analyses = history.SelectMany(ks => ks.KeySequence
.SelectMany(ksa => ksa.KeySequenceAnalysis))
.ToList();
var result = new UserHistoryAnalyticsModel();
result.SpeedMeasurements = analyses
.Where(a => a.AnalysisTypeId.Equals((int)AnalyticType.Speed))
.OrderBy(a => a.Created)
.Take(NUM_RECORDS_LOOKBACK)
.Select(s => new SpeedModel().Create(s.AnalysisSpeed))
.ToList();
result.AccuracyMeasurements = analyses
.Where(a => a.AnalysisTypeId.Equals((int)AnalyticType.Accuracy))
.OrderBy(a => a.Created)
.Take(NUM_RECORDS_LOOKBACK)
.Select(s => new AccuracyModel().Create(s.AnalysisAccuracy))
.ToList();
return(Request.CreateResponse(HttpStatusCode.OK, result));
}
/// <summary>
/// This method sends HTTP GET request to get all rights from the database for application
/// from which is user sending the request.
/// </summary>
/// <param name="token">JWT authentication token</param>
/// <returns>Response from the server.</returns>
public async Task <HttpResponseMessage> GetAll(JWTToken token)
{
// Add JWT token value to the authorization header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
var address = new Uri(client.BaseAddress.OriginalString + "/get/");
return(await client.GetAsync(address));
}
/// <summary>
/// This method sends HTTP POST request to log user out.
/// </summary>
/// <param name="token">JWT authentication token</param>
/// <returns>Response from the server.</returns>
public async Task <HttpResponseMessage> Logout(JWTToken token)
{
// Add JWT token value to the authorization header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
var address = new Uri(client.BaseAddress.OriginalString + "/logout");
return(await client.PostAsync(address, new StringContent("")));
}
/// <summary>
/// This method sends HTTP POST request with user id in URL paramters to the server to reset password of that user.
/// </summary>
/// <param name="userId">Id of the user to reset password</param>
/// <param name="token">JWT authentication token</param>
/// <returns>Response from the server.</returns>
public async Task <HttpResponseMessage> ResetPasswordById(long userId, JWTToken token)
{
// Add JWT token value to the authorization header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
var address = new Uri(client.BaseAddress.OriginalString + "/resetPassword/" + userId);
return(await client.PostAsync(address, null));
}
public CategoryController(IConfiguration configuration)
{
baseAddressOfCategoryApi = new Uri(configuration.GetSection("ApiAddress:CategoryAPI").Value);
JWTToken jwttokenProvider = new JWTToken();
string name = Environment.UserName;
token = jwttokenProvider.generateJwtToken(name);
}
public IEnumerable <Product> GetAllProducts()
{
JWTToken J = new JWTToken();
var a = J.jiami();
J.jiemi(a);
return(products);
}
/// <summary>
/// This method sends HTTP DELETE request with rights id in URL paramters to delete rights with rightsId from the database.
/// </summary>
/// <param name="rightsId">Id of the rights to delete</param>
/// <param name="token">JWT authentication token</param>
/// <returns>Response from the server.</returns>
public async Task <HttpResponseMessage> DeleteById(long rightsId, JWTToken token)
{
// Add JWT token value to the authorization header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
var address = new Uri(client.BaseAddress.OriginalString + "/delete/" + rightsId);
return(await client.DeleteAsync(address));
}
public async Task <IActionResult> Logout([FromBody] JWTToken token)
{
await _authorizationService.Logout(token.RefreshToken);
return(Ok(new Response <string>()
{
Data = "user is logged out",
Success = true
}));
}
/// <summary>
/// A default constructor
/// </summary>
/// <param name="service">A user manager</param>
/// <param name="context">A Database context</param>
/// <param name="emailSender">A Email Sender</param>
/// <param name="tokenWriter">A Jason Web Token Writer</param>
/// <param name="options">A Application Settings</param>
public UserController(IMediator mediator, UserManager <ApplicationUser> service, ApplicationDbContextFactory contextFactory, IEmailSender emailSender,
JWTToken tokenWriter, IOptions <ApplicationOptions> options, IMapper mapper)
{
_userManager = service;
_dbContextFactory = contextFactory;
_emailSender = emailSender;
_tokenWriter = tokenWriter;
_mapper = mapper;
_options = options.Value;
_mediator = mediator;
}
public BasePage(IConfiguration configuration)
{
this.configuration = configuration;
EncryptionService = new EncryptionService();
refToken = new RefreshToken();
itsLogger = new TSLogger();
var optionsBuilder = new DbContextOptionsBuilder <OAuthContext>();
optionsBuilder.UseSqlServer(configuration.GetConnectionString("OAuthDatabase"));
OAuthDbContext = new OAuthContext(optionsBuilder.Options);
jwtToken = new JWTToken(itsLogger, EncryptionService, this.configuration);
}
public HttpClient Prepare(JWTToken jWT)
{
Url_data url_ = new Url_data();
HttpResponseMessage response = null;
var authValue = new AuthenticationHeaderValue("Bearer", jWT.Token);
client = new HttpClient()
{
DefaultRequestHeaders = { Authorization = authValue }
};
return(client);
}
/// <summary>
/// This method sends HTTP POST request with new RightsModel to the server to create a new RightsModel recored in
/// the database. The new model must have application id filled.
/// </summary>
/// <param name="rightsModel">New RightsModel</param>
/// <param name="token">JWT authentication token</param>
/// <returns>Response from the server.</returns>
public async Task <HttpResponseMessage> Create(RightsModel rightsModel, JWTToken token)
{
// Serialize RightsModel
string jsonData = JsonConvert.SerializeObject(rightsModel);
var jsonDataContent = new StringContent(jsonData, Encoding.UTF8, "application/json");
// Add JWT token value to the authorization header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
var address = new Uri(client.BaseAddress.OriginalString + "/create/");
return(await client.PostAsync(address, jsonDataContent));
}
public bool CheckLoginToken(string email, out string exist)
{
JWTToken jwt = _jwt.Find(x => x.UserEmail.Equals(email)).FirstOrDefault();
if (jwt == null)
{
exist = string.Empty;
return(false);
}
exist = jwt.jwtToken;
return(true); // token already exist
}
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers()
.AddNewtonsoftJson(options =>
{
options.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
});
services.AddDbContext <GatheringDbContext>(options =>
{
string connectionString = Configuration.GetConnectionString("DefaultConnection");
options.UseSqlServer(connectionString);
});
services.AddIdentity <User, IdentityRole <long> >(options =>
{
options.User.RequireUniqueEmail = true;
options.Password.RequiredLength = 6;
})
.AddEntityFrameworkStores <GatheringDbContext>();
services.AddTransient <IGroup, DbGroupRepo>();
services.AddTransient <IUser, DbUserRepo>();
services.AddTransient <IEvent, DbEventRepo>();
services.AddTransient <IGroupUser, DbGroupUserRepo>();
services.AddScoped <JWTToken>();
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = JWTToken.GetValidationParameters(Configuration);
});
services.AddSwaggerGen(options =>
{
options.SwaggerDoc("v1", new OpenApiInfo {
Title = "Gathering Backend", Version = "v1"
});
options.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Name = "Authorization",
In = ParameterLocation.Header,
Type = SecuritySchemeType.ApiKey,
Scheme = "Bearer",
});
options.OperationFilter <AuthenticationRequirementOperationFilter>();
});
}
public HttpResponseMessage GetNewSession(JWTToken token)
{
var user = new KCUser()
{
UserId = Guid.Parse(token.UserId)
};
var session = new KeyCdr.UserSession(user).StartNewSession();
var newSession = new SessionModel()
{
SessionId = session.SessionId,
UserId = session.UserId,
};
return(Request.CreateResponse(HttpStatusCode.OK, newSession));
}
public async Task <IActionResult> Login(UserToLogin user)
{
var userFromRepo = await _repo.Login(user.Name.ToLower(), user.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var secret = _config.GetSection("My_Custom_Settings:Token").Value;
var token = new JWTToken(userFromRepo, secret);
return(Ok(new { token = token.Build() }));
}
