Exemplos de código com TokenTypeExtensions em C# (CSharp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: TokensController.cs Projeto: erkansezgin/ErtisAuth

        public async Task <IActionResult> WhoAmI()
        {
            string token = this.GetTokenFromHeader(out string tokenTypeStr);

            if (string.IsNullOrEmpty(token))
            {
                return(this.AuthorizationHeaderMissing());
            }

            if (!TokenTypeExtensions.TryParseTokenType(tokenTypeStr, out var tokenType))
            {
                throw ErtisAuthException.UnsupportedTokenType();
            }

            var user = await this.tokenService.WhoAmIAsync(token, tokenType);

            if (user != null)
            {
                return(this.Ok(user));
            }
            else
            {
                return(this.InvalidToken());
            }
        }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: TokensController.cs Projeto: erkansezgin/ErtisAuth

        public async Task <IActionResult> VerifyToken()
        {
            string token = this.GetTokenFromHeader(out string tokenTypeStr);

            if (string.IsNullOrEmpty(token))
            {
                return(this.AuthorizationHeaderMissing());
            }

            if (!TokenTypeExtensions.TryParseTokenType(tokenTypeStr, out var tokenType))
            {
                throw ErtisAuthException.UnsupportedTokenType();
            }

            var validationResult = await this.tokenService.VerifyTokenAsync(token, tokenType);

            if (validationResult.IsValidated)
            {
                return(this.Ok(validationResult));
            }
            else
            {
                return(this.Unauthorized(validationResult));
            }
        }

Exemplo n.º 3

0

Exibir arquivo

        public static Utilizer GetUtilizer(this ControllerBase controller)
        {
            var claimUser        = controller.User;
            var utilizerIdentity = claimUser.Identities.FirstOrDefault(x => x.NameClaimType == "Utilizer");

            if (utilizerIdentity != null)
            {
                var idClaim        = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerIdClaimName);
                var usernameClaim  = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerUsernameClaimName);
                var typeClaim      = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTypeClaimName);
                var roleClaim      = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerRoleClaimName);
                var tokenClaim     = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTokenClaimName);
                var tokenTypeClaim = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTokenTypeClaimName);

                TokenTypeExtensions.TryParseTokenType(tokenTypeClaim?.Value, out var tokenType);

                return(new Utilizer
                {
                    Id = idClaim?.Value,
                    Username = usernameClaim?.Value,
                    Type = Utilizer.ParseType(typeClaim?.Value),
                    Role = roleClaim?.Value,
                    Token = tokenClaim?.Value,
                    TokenType = tokenType
                });
            }

            return(new Utilizer());
        }

Exemplo n.º 4

0

Exibir arquivo

        public async Task <IActionResult> WhoAmI()
        {
            string token = this.GetTokenFromHeader(out string tokenTypeStr);

            if (string.IsNullOrEmpty(token))
            {
                return(this.AuthorizationHeaderMissing());
            }

            if (!TokenTypeExtensions.TryParseTokenType(tokenTypeStr, out var tokenType))
            {
                throw ErtisAuthException.UnsupportedTokenType();
            }

            switch (tokenType)
            {
            case SupportedTokenTypes.None:
                throw ErtisAuthException.UnsupportedTokenType();

            case SupportedTokenTypes.Basic:
                var application = await this.tokenService.WhoAmIAsync(new BasicToken(token));

                if (application != null)
                {
                    return(this.Ok(application));
                }
                else
                {
                    return(this.InvalidToken());
                }

            case SupportedTokenTypes.Bearer:
                var user = await this.tokenService.WhoAmIAsync(BearerToken.CreateTemp(token));

                if (user != null)
                {
                    return(this.Ok(user));
                }
                else
                {
                    return(this.InvalidToken());
                }

            default:
                throw ErtisAuthException.UnsupportedTokenType();
            }
        }

Exemplo n.º 5

0

Exibir arquivo

Arquivo: ClaimExtensions.cs Projeto: ertugrulozcan/ErtisAuth

        public static Utilizer ConvertToUtilizer(this ClaimsIdentity utilizerIdentity)
        {
            var idClaim           = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerIdClaimName);
            var typeClaim         = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTypeClaimName);
            var usernameClaim     = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerUsernameClaimName);
            var roleClaim         = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerRoleClaimName);
            var membershipIdClaim = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.MembershipIdClaimName);
            var tokenClaim        = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTokenClaimName);
            var tokenTypeClaim    = utilizerIdentity.Claims.FirstOrDefault(x => x.Type == Utilizer.UtilizerTokenTypeClaimName);

            TokenTypeExtensions.TryParseTokenType(tokenTypeClaim?.Value, out var tokenType);

            return(new Utilizer
            {
                Id = idClaim?.Value,
                Type = Utilizer.ParseType(typeClaim?.Value),
                Username = usernameClaim?.Value,
                Role = roleClaim?.Value,
                MembershipId = membershipIdClaim?.Value,
                Token = tokenClaim?.Value,
                TokenType = tokenType
            });
        }

Exemplo n.º 6

0

Exibir arquivo

        private async Task <Utilizer> CheckAuthorizationAsync()
        {
            var token = this.Request.GetTokenFromHeader(out var tokenType);

            if (string.IsNullOrEmpty(token))
            {
                throw ErtisAuthException.AuthorizationHeaderMissing();
            }

            if (string.IsNullOrEmpty(tokenType))
            {
                throw ErtisAuthException.UnsupportedTokenType();
            }

            TokenTypeExtensions.TryParseTokenType(tokenType, out var _tokenType);
            switch (_tokenType)
            {
            case SupportedTokenTypes.None:
                throw ErtisAuthException.UnsupportedTokenType();

            case SupportedTokenTypes.Basic:
                var basicToken             = new BasicToken(token);
                var applicationId          = token.Split(':')[0];
                var getApplicationResponse = await this.applicationService.GetApplicationAsync(applicationId, basicToken);

                if (getApplicationResponse.IsSuccess)
                {
                    var rbacDefinition       = this.Context.GetRbacDefinition(getApplicationResponse.Data.Id);
                    var rbac                 = $"{rbacDefinition.Resource}.{rbacDefinition.Action}";
                    var isPermittedForAction = await this.roleService.CheckPermissionAsync(rbac, basicToken);

                    if (!isPermittedForAction)
                    {
                        throw ErtisAuthException.AccessDenied($"Token owner role is not permitted for this resource/action ({rbac})");
                    }

                    return(new Utilizer
                    {
                        Id = getApplicationResponse.Data.Id,
                        Username = getApplicationResponse.Data.Name,
                        Type = tokenType == "Basic" ? Utilizer.UtilizerType.Application : Utilizer.UtilizerType.User,
                        Role = getApplicationResponse.Data.Role,
                        Token = token,
                        TokenType = _tokenType
                    });
                }
                else
                {
                    var errorMessage = getApplicationResponse.Message;
                    if (ResponseHelper.TryParseError(getApplicationResponse.Message, out var error))
                    {
                        errorMessage = error.Message;
                    }

                    throw ErtisAuthException.Unauthorized(errorMessage);
                }

            case SupportedTokenTypes.Bearer:
                var bearerToken = BearerToken.CreateTemp(token);
                var meResponse  = await this.authenticationService.WhoAmIAsync(bearerToken);

                if (meResponse.IsSuccess)
                {
                    var rbacDefinition       = this.Context.GetRbacDefinition(meResponse.Data.Id);
                    var rbac                 = $"{rbacDefinition.Resource}.{rbacDefinition.Action}";
                    var isPermittedForAction = await this.roleService.CheckPermissionAsync(rbac, bearerToken);

                    if (!isPermittedForAction)
                    {
                        throw ErtisAuthException.AccessDenied($"Token owner role is not permitted for this resource/action ({rbac})");
                    }

                    return(new Utilizer
                    {
                        Id = meResponse.Data.Id,
                        Username = meResponse.Data.Username,
                        Type = tokenType == "Basic" ? Utilizer.UtilizerType.Application : Utilizer.UtilizerType.User,
                        Role = meResponse.Data.Role,
                        Token = token,
                        TokenType = _tokenType
                    });
                }
                else
                {
                    var errorMessage = meResponse.Message;
                    if (ResponseHelper.TryParseError(meResponse.Message, out var error))
                    {
                        errorMessage = error.Message;
                    }

                    throw ErtisAuthException.Unauthorized(errorMessage);
                }

            default:
                throw ErtisAuthException.UnsupportedTokenType();
            }
        }

Exemplo n.º 7

0

Exibir arquivo

        private async Task <Utilizer> CheckAuthorizationAsync()
        {
            var token = this.Context.Request.GetTokenFromHeader(out var tokenType);

            if (string.IsNullOrEmpty(token))
            {
                throw ErtisAuthException.AuthorizationHeaderMissing();
            }

            if (string.IsNullOrEmpty(tokenType))
            {
                throw ErtisAuthException.UnsupportedTokenType();
            }

            TokenTypeExtensions.TryParseTokenType(tokenType, out var _tokenType);
            switch (_tokenType)
            {
            case SupportedTokenTypes.None:
                throw ErtisAuthException.UnsupportedTokenType();

            case SupportedTokenTypes.Basic:
                var validationResult = await this.tokenService.VerifyBasicTokenAsync(token, false);

                if (!validationResult.IsValidated)
                {
                    throw ErtisAuthException.InvalidToken();
                }

                var      application         = validationResult.Application;
                Utilizer applicationUtilizer = application;
                if (!string.IsNullOrEmpty(application.Role))
                {
                    var role = await this.roleService.GetByNameAsync(application.Role, application.MembershipId);

                    if (role != null)
                    {
                        var rbac = this.Context.GetRbacDefinition(application.Id);
                        if (!this.accessControlService.HasPermission(role, rbac, applicationUtilizer))
                        {
                            throw ErtisAuthException.AccessDenied("Your authorization role is unauthorized for this action");
                        }
                    }
                }

                applicationUtilizer.Token     = token;
                applicationUtilizer.TokenType = _tokenType;
                return(applicationUtilizer);

            case SupportedTokenTypes.Bearer:
                var verifyTokenResult = await this.tokenService.VerifyBearerTokenAsync(token, false);

                if (!verifyTokenResult.IsValidated)
                {
                    throw ErtisAuthException.InvalidToken();
                }

                var      user         = verifyTokenResult.User;
                Utilizer userUtilizer = user;
                if (!string.IsNullOrEmpty(user.Role))
                {
                    var role = await this.roleService.GetByNameAsync(user.Role, user.MembershipId);

                    if (role != null)
                    {
                        var rbac = this.Context.GetRbacDefinition(user.Id);
                        if (!this.accessControlService.HasPermission(role, rbac, userUtilizer))
                        {
                            throw ErtisAuthException.AccessDenied("Your authorization role is unauthorized for this action");
                        }
                    }
                }

                userUtilizer.Token     = token;
                userUtilizer.TokenType = _tokenType;
                return(userUtilizer);

            default:
                throw ErtisAuthException.UnsupportedTokenType();
            }
        }

Exemplos de TokenTypeExtensions em C# (CSharp)