public GenericResponse <TrabajadorDto> Login(LoginModel usuario) { GenericResponse <TrabajadorDto> response = new GenericResponse <TrabajadorDto>(); try { TrabajadorDto trabajador = servicio.Login(new TrabajadorDto { Usuario = usuario.Usuario, Contrasenia = usuario.Contrasenia }); if (trabajador != null) { trabajador.Token = JwtUtil.CrearToken(trabajador.Id, trabajador.Usuario, trabajador.Roles); TrabajadorDto data = trabajador; response.Data = data; response.Codigo = 200; // OK response.Error = false; response.Mensaje = "OK"; } else { throw new CustomResponseException("Credenciales incorrectas", 403); } } catch (CustomResponseException ex) { throw ex; } catch (Exception ex) { throw new CustomResponseException(ex.Message, 500); } return(response); }
public async Task <IActionResult> GetAnalysisReport([FromRoute] Guid id, [FromHeader] string authorization) { var model = JwtUtil.GetUserIdFromToken(authorization); try { var analysis = await _analysisService.GetByIdAsync(id, model.UserId); if (analysis.Status != OperationStatus.Complete) { return(BadRequest()); } var report = _reportService.GenerateReport(analysis.ToAnalysisFile(model.UserId)); return(File(report, "application/pdf")); } catch (InvalidOperationException e) { return(new NotFoundResult()); } catch (StreamNotFoundException exception) { return(new NotFoundResult()); } }
public async Task <ApiResponse> AuthenticateAsync(AuthenticateRequest request) { var user = await _userRepository.GetByEmailAsync(request.Email); if (user == null) { AddError("Usuário não encontrado"); return(Response); } if (PasswordUtil.PasswordIsCorrect(user.Password.Split(".")[1], user.Password.Split(".")[2], request.Password)) { var token = JwtUtil.GenarateToken(user); var tokenResponse = new Infra.Data.ValueObjects.TokenResponse { User = user, Token = token.Token, Expiration = token.Expiration }; Response.Data = _mapper.Map <TokenResponse>(tokenResponse); return(Response); } AddError("Credências inválidas"); return(Response); }
public async Task <JwtResult> LogGebruikerIn(LogGebruikerInCommand logGebruikerInCommand) { var creds = logGebruikerInCommand.Credentials; var user = await _userManager.Users.SingleOrDefaultAsync(usr => usr.UserName == creds.UserName); if (user == null) { _logger.LogInformation("Failed login for {user}", creds.UserName); throw new LoginFailedException("Wrong username or password."); } var result = await _signinManager.CheckPasswordSignInAsync(user, creds.Password, false); if (result.Succeeded) { var roles = await _userManager.GetRolesAsync(user); return(new JwtResult() { Token = JwtUtil.Generate(user, roles) }); } else { _logger.LogInformation("Failed login for {user}", creds.UserName); throw new LoginFailedException("Wrong username or password."); } }
public async Task <IActionResult> AnalyzeFile([FromRoute] Guid id, [FromHeader] string authorization) { var model = JwtUtil.GetUserIdFromToken(authorization); var taskId = await _analysisService.AnalyzeFile(id, model.UserId); return(new AcceptedResult($"api/analysis/{taskId}", new AnalysisResponse(taskId))); }
public async Task <IActionResult> CreateSource(IFormFile file, [FromHeader] string authorization) { var model = JwtUtil.GetUserIdFromToken(authorization); var taskId = await _sourceService.CreateSource(file, model.UserId); return(new AcceptedResult($"api/source/{taskId}", new CreateSourceResponse(taskId))); }
public override void OnException(ExceptionContext filterContext) { base.OnException(filterContext); LogMessage logMessage = new LogMessage(HttpContext.Current); string token = HttpContext.Current.Request.Headers["Token"]; if (!string.IsNullOrEmpty(token)) { TokenInfo tokenInfo = JwtUtil.GetTokenInfo(token); if (tokenInfo != null) { logMessage.UserName = tokenInfo.Number; } } logMessage.ExceptionInfo = string.Format("{0}\r\n{1}\r\n{2}\r\n", filterContext.Exception.Message, filterContext.Exception.StackTrace, filterContext.Exception.Source); LogUtility.ErrorLogger.Error(new LogFormat().ExceptionFormat(logMessage)); filterContext.ExceptionHandled = true; //指示异常已经处理,不需要返回异常信息到客户端 filterContext.Result = new JsonResult() { Data = new BackMessage() { Code = 500, Msg = "false", Data = null } }; }
public IActionResult DeleteReview([FromRoute] String eventId, [FromHeader(Name = "Authorization")] String userToken) { MongoUtil.DeleteReview(new ObjectId(JwtUtil.GetUserIdFromToken(userToken)), new ObjectId(eventId)); return(Ok()); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddCors(); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = "WebTicket", Version = "v1" }); }); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ClockSkew = TimeSpan.Zero, ValidIssuer = "WebTicket Server", ValidAudience = "WebTicket Client", IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JwtKey"))) }; }); JwtUtil.setSecurityKey(Environment.GetEnvironmentVariable("JwtKey")); MongoUtil.InitializeConnection(Environment.GetEnvironmentVariable("MongoDBConnectionString"), Environment.GetEnvironmentVariable("MongoDBDatabaseName")); }
/// <summary> /// Determines whether the current <see cref="System.Security.Principal.IPrincipal"/> is authorized to access the requested resources. /// </summary> /// <param name="httpContext">The HTTP context.</param> /// <returns>Returns true if the current user is authorized to access the request resources.</returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { var isAuthorized = false; var accessToken = httpContext.Request.Cookies["access_token"]?.Value; if (!string.IsNullOrEmpty(accessToken) && !string.IsNullOrWhiteSpace(accessToken)) { try { isAuthorized = !JwtUtil.IsExpired(accessToken); foreach (var policy in policies) { // demand the permission new PolicyPermission(PermissionState.Unrestricted, policy, httpContext.User).Demand(); } } catch (Exception e) { isAuthorized = false; Trace.TraceError($"Unable to decode token: {e}"); } } return(base.AuthorizeCore(httpContext) && isAuthorized); }
public async Task <IActionResult> AuthorizeAsync([FromBody] AuthorizationModel authorizationModel) { var user = await _dbContext.Users .Include(i => i.UserRoles) .ThenInclude(i => i.Role) .FirstOrDefaultAsync(i => i.UserName == authorizationModel.UserName && i.Password == authorizationModel.Password); if (user == null) { _logger.LogError($"User [{authorizationModel.UserName}] was not found in the DB. UserName or Password is not correct"); return(BadRequest($"Wrong credentials for user [{authorizationModel.UserName}]")); } var token = JwtUtil.NewJwtToken(authorizationModel.UserName, _authOptions.JwtSecret, _authOptions.JwtExpirationSeconds); var response = new AuthorizationResponseModel { Token = token, FirstName = user.FirstName, LastName = user.LastName, UserName = user.UserName, IsAdmin = user.UserRoles.Any(i => i.Role?.Name == "Admin") }; return(Ok(response)); }
private static bool ValidateToken(string token, out string username) { username = null; var simplePrinciple = JwtUtil.GetPrincipal(token); var identity = simplePrinciple?.Identity as ClaimsIdentity; if (identity == null) { return(false); } if (!identity.IsAuthenticated) { return(false); } var usernameClaim = identity.FindFirst(ClaimTypes.Name); username = usernameClaim?.Value; if (string.IsNullOrEmpty(username)) { return(false); } // More validate to check whether username exists in system return(true); }
public IActionResult RegisterUserToEvent([FromRoute] string eventId, [FromHeader(Name = "Authorization")] string token) { ObjectId userId = new ObjectId(JwtUtil.GetUserIdFromToken(token)); Boolean ok = MongoUtil.RegisterUserToEvent(new ObjectId(eventId), userId); return(Ok(ok)); }
public IActionResult RegistrationStatus([FromRoute] string eventId, [FromHeader(Name = "Authorization")] string userToken) { ObjectId userId = new ObjectId(JwtUtil.GetUserIdFromToken(userToken)); String status = MongoUtil.GetRegistrationStatus(new ObjectId(eventId), userId); return(Ok(status)); }
public async Task <IActionResult> SendFileToAnalysis(IFormFile file, [FromHeader] string authorization) { var model = JwtUtil.GetUserIdFromToken(authorization); var fileId = await _analysisService.SendFileToAnalysis(file, model.UserId); return(new OkObjectResult(new SendFileToAnalysisResponse(fileId))); }
public AuthsController(IUserService service, IEncryptor _encryptor, JwtUtil _jwtUtil, ILogger <AuthsController> logger) { this.service = service; encryptor = _encryptor; jwtUtil = _jwtUtil; this.logger = logger; }
public IActionResult ChangePassword([FromBody] UserApiModel newPass, [FromHeader(Name = "Authorization")] string token) { ObjectId userId = new ObjectId(JwtUtil.GetUserIdFromToken(token)); MongoUtil.ChangePassword(userId, newPass.Password); return(Ok()); }
public bool ValidateToken() { var header = HttpContext.Request.Headers;//doc header cua request header.TryGetValue("Authorization", out Microsoft.Extensions.Primitives.StringValues value); bool isValid = JwtUtil.ValidateJSONWebToken(value, _config); return(isValid); }
public IActionResult Created([FromRoute] int pageSize, [FromRoute] int pageId, [FromHeader(Name = "Authorization")] string token) { ObjectId userId = new ObjectId(JwtUtil.GetUserIdFromToken(token)); return(Ok(MongoUtil.GetCreatedEvents(userId, pageSize, pageId) .ConvertAll(new Converter <EventModel, EventApiModel>(e => { return e.getEventApiModel(); })))); }
public IHttpActionResult Get([FromBody] GetTokenRequest request) { if (CheckUser(request.Username, request.Password)) { var token = JwtUtil.GenerateToken(request.Username); return(Json(new { token })); } return(Unauthorized()); }
public JsonResult ModifyPwd(string oldPassword, string newPassword, PasswordType passwordType) { var tokenInfo = JwtUtil.GetTokenInfo(); return(new JsonResult() { Data = settingService.ModifyPassword(tokenInfo.Number, oldPassword, newPassword, passwordType) }); }
public IActionResult Create([FromHeader(Name = "Authorization")] string token, [FromBody] EventApiModel eventApiModel) { String userId = JwtUtil.GetUserIdFromToken(token); EventModel eventModel = eventApiModel.getEventModel(userId, DateTime.Now); eventModel.Image = "StaticFiles/Images/standard.jpg"; MongoUtil.AddEvent(eventModel); return(Ok("Event created")); }
/// <summary> /// Parses the OpenID Connect ID token received from the 10Duke Entitlement Service and returns /// a new <see cref="IDToken"/> object encapsulating for accessing the ID Token fields. /// </summary> /// <param name="encodedToken">Raw, encoded ID Token, as received from the server.</param> /// <param name="verifyWithKey">RSA public key to use for verifying OpenID Connect ID token signature, if an ID token is present in the response. /// If <c>null</c>, no verification is done.</param> /// <returns><see cref="IDToken"/> object containing the parsed ID Token data.</returns> /// <exception cref="SecurityTokenInvalidSignatureException">Thrown if token signature verification fails.</exception> public static IDToken Parse(string encodedToken, RSA verifyWithKey) { var decoded = JwtUtil.ReadPayload(encodedToken, verifyWithKey); dynamic json = JsonConvert.DeserializeObject(decoded); return(new IDToken() { ResponsePayload = json }); }
public IActionResult EditReview([FromRoute] String eventId, [FromHeader(Name = "Authorization")] String userToken, [FromBody] ReviewApiModel reviewApiModel) { MongoUtil.EditReview(new ObjectId(JwtUtil.GetUserIdFromToken(userToken)), new ObjectId(eventId), reviewApiModel.Rating, reviewApiModel.Opinion, DateTime.Now); return(Ok()); }
public ActionResult <string> Get(string deviceId) { var token = JwtUtil.GenerateToken(deviceId); var response = new GetTokenResponse() { Result = (int)ResultCode.Success, Token = token, GameServerAddress = _config.GameServerAddress }; return(JsonConvert.SerializeObject(response)); }
public ActionResult <string> Post([FromBody] ValidateTokenRequest request) { var tokenResult = JwtUtil.IsValidToken(request.Token, request.DeviceId); var response = new ValidateTokenResponse() { Result = (tokenResult == JwtUtil.ValidateTokenResult.Success) ? (int)ResultCode.Success : (int)ResultCode.InvalidToken }; return(JsonConvert.SerializeObject(response)); }
private List <Claim> getClaims() { var header = HttpContext.Request.Headers;//doc header cua request header.TryGetValue("Authorization", out Microsoft.Extensions.Primitives.StringValues value); ClaimsPrincipal claims = JwtUtil.getClaims(value, _config); ClaimsIdentity identity = (ClaimsIdentity)claims.Identity; return(identity.Claims.ToList()); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { if (!Enabled) { base.OnActionExecuting(filterContext); return; } string token = filterContext.HttpContext.Request["token"]; JwtResult jwt = JwtUtil.Decode(token); if (jwt.Success) { //获取当前登录用户 IUser iUser = lessContext.GetService <IUser>(); lessContext.CurrentUser = iUser.GetCurrentUser(lessContext); if (lessContext.CurrentUser == null) { jwt.Success = false; jwt.Msg = $"获取登录帐号 {lessContext.Jwt.Result[BasicConst.JWT_USER].loginName} 信息失败,请重新登录!"; filterContext.HttpContext.Response.AddHeaderTimeOut(); filterContext.Result = new BaseJsonResult() { Data = jwt }; return; } //获取当前站点 var sysWebSiteDal = lessContext.GetService <SysWebSiteDal>(); lessContext.WebSite = sysWebSiteDal.GetModel(filterContext.HttpContext.Request["SiteID"]); //获取权限 IPermissions iPermissions = lessContext.GetService <IPermissions>(); lessContext.Limit = iPermissions.GetPermissions(lessContext, filterContext.RequestContext.HttpContext.Request); base.OnActionExecuting(filterContext); return; } else { filterContext.HttpContext.Response.AddHeaderTimeOut(); if (string.IsNullOrEmpty(WhenNotPassedRedirectUrl)) { filterContext.Result = new BaseJsonResult() { Data = jwt }; } else { filterContext.Result = new RedirectResult(WhenNotPassedRedirectUrl); } } }
public TokenDto BuildToken(UserInfo user) { var jwtSetting = JwtUtil.GetJwtSetting(configuration); string token = GetToken(user.Id.ToString(), user.UserName, jwtSetting, jwtSetting.ExpireSeconds); string refreshToken = GetToken(user.Id.ToString(), user.UserName, jwtSetting, jwtSetting.RefreshExpireSeconds); return(new TokenDto() { UserName = user.UserName, UserId = user.Id.ToString(), Token = token, RefreshToken = refreshToken }); }
/// <summary> /// Parses a JWT authorization decision response and initializes a new instance of the /// <see cref="AuthorizationDecision"/> class. /// </summary> /// <param name="jwtResponse">Authorization decision response from the server, as a JWT string.</param> /// <param name="verifyWithKey">RSA public key to use for verifying the token signature. If <c>null</c>, no verification is done.</param> /// <returns><see cref="AuthorizationDecision"/> object representing the authorization decision response.</returns> /// <exception cref="SecurityTokenInvalidSignatureException">Thrown if token signature verification fails.</exception> public static AuthorizationDecision FromJwt(string jwtResponse, RSA verifyWithKey) { var decoded = JwtUtil.ReadPayload(jwtResponse, verifyWithKey); dynamic json = JsonConvert.DeserializeObject(decoded); return(new AuthorizationDecision() { RawResponse = jwtResponse, ResponseObject = json }); }