public async Task <ActionResult <TokenResponse> > CreateToken([FromBody] CreateTokenCommand command, [FromHeader(Name = "X-Correlation-ID")] string correlationId, CancellationToken cancellationToken)
{
if (!command.IsValid())
{
var errors = command.ValidationResult().Errors.Select(err => new
{
err.PropertyName,
err.ErrorMessage
}).ToDictionary(d => d.PropertyName, d => d.ErrorMessage).ToList();
var error = new Error
{
Code = ErrorMessages.InputInvalid.code,
Message = ErrorMessages.InputInvalid.message,
Errors = errors
};
return(BadRequest(error));
}
var result = await _mediator.Send(command, cancellationToken);
if (result.IsSuccess)
{
return(Ok(result.Value));
}
return(StatusCode((int)HttpStatusCode.InternalServerError));
}
public TokenModel CreateToken(CreateTokenCommand command)
{
EnsureIsValid(command);
try
{
var token = command.ToEntity <CreateTokenCommand, ApplicationToken>();
var client = _deps.ApplicationClients.Find(command.ClientId);
if (client == null)
{
throw NotFound.ExceptionFor <ApplicationClient>(command.ClientId);
}
var user = _deps.Users.Find(command.UserId);
if (user == null)
{
throw NotFound.ExceptionFor <User>(command.UserId);
}
token.Client = client;
token.User = user;
_deps.ApplicationTokens.Create(token);
Commit();
return(command.ToClass <CreateTokenCommand, TokenModel>());
}
catch (Exception ex)
{
throw new ServiceException("Can't create application token.", ex);
}
}
public async Task ExecuteAsync()
{
var userClaim = new UserClaim();
var expected = Guid.NewGuid().ToString();
var mock = new Mock <IJwtFactory>();
mock.Setup(x => x.Create(userClaim)).Returns(expected);
var command = new CreateTokenCommand(mock.Object);
var actual = await command.ExecuteAsync(userClaim);
actual.Is(expected);
}
public async Task CreatesANewValidatedToken()
{
var newToken = new CreateTokenCommand()
{
Address = "Test Address",
Email = "*****@*****.**",
Fullname = "Full Name",
Telephone = "0554 454545"
};
var response = await _client.PostAsync($"api/token", new StringContent(JsonConvert.SerializeObject(newToken), Encoding.UTF8, "application/json"));
response.EnsureSuccessStatusCode();
var stringResponse = await response.Content.ReadAsStringAsync();
var result = JsonConvert.DeserializeObject <CreateTokenResult>(stringResponse);
Assert.NotNull(result);
Assert.NotNull(result.Token);
// validate token using kwts
var jwksResponse = await _client.GetAsync("/jwks");
jwksResponse.EnsureSuccessStatusCode();
var stringjwksResponse = await jwksResponse.Content.ReadAsStringAsync();
var jwksResult = JsonConvert.DeserializeObject <JsonWebKeySet>(stringjwksResponse);
Assert.NotNull(jwksResult);
// decode token
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(result.Token) as JwtSecurityToken;
var kid = jsonToken.Header.Kid;
var keys = jwksResult.GetSigningKeys();
var key = keys.FirstOrDefault(x => x.KeyId == kid);
var validations = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = key,
ValidateIssuer = false,
ValidateAudience = false
};
var claimsPrincipal = handler.ValidateToken(result.Token, validations, out var tokenSecure);
Assert.Equal(7, claimsPrincipal.Claims.Count());
}
public async Task GivenLongRunningCreateRequest_WhenTokenSourceCallsForCancellation_RequestIsTerminated()
{
// Arrange, generate a token source that times out instantly
var tokenSource = new CancellationTokenSource(TimeSpan.FromMilliseconds(0));
var newToken = new CreateTokenCommand()
{
Address = "Test Address",
Email = "*****@*****.**",
Fullname = "Full Name",
Telephone = "0554 454545"
};
// Act
var request = _client.PostAsync("/Tokens", new StringContent(JsonConvert.SerializeObject(newToken), Encoding.UTF8, "application/json"), tokenSource.Token);
// Assert
await Assert.ThrowsAsync <OperationCanceledException>(async() => await request);
}
public async Task CreatesANewToken()
{
var newToken = new CreateTokenCommand()
{
Address = "Test Address",
Email = "*****@*****.**",
Fullname = "Full Name",
Telephone = "0554 454545"
};
var response = await _client.PostAsync($"api/token", new StringContent(JsonConvert.SerializeObject(newToken), Encoding.UTF8, "application/json"));
response.EnsureSuccessStatusCode();
var stringResponse = await response.Content.ReadAsStringAsync();
var result = JsonConvert.DeserializeObject <CreateTokenResult>(stringResponse);
Assert.NotNull(result);
Assert.NotNull(result.Token);
// validate token using kwts
}
public async Task <Result <TokenResponse> > Handle(CreateTokenCommand request, CancellationToken cancellationToken)
{
var seedBytes = OtpNetService.CreateSeed().seedBytes;
if (!string.IsNullOrEmpty(request.Seed))
{
seedBytes = Encoding.UTF8.GetBytes(request.Seed + request.TokenType);
}
var token = _service.GenerateToken(seedBytes, _defaultTimeTopt.Range, _defaultTimeTopt.Size);
var ttl = request.TimeToLive ?? token.timeToLive;
var result = new TokenResponse
{
Hash = Base32Encoding.ToString(seedBytes),
TimeToLive = ttl,
Token = token.token
};
await _repository.InsertTokenAsync(result.Hash, result.Token, request.TokenType, result.TimeToLive, cancellationToken);
return(Result.Ok(result));
}
public override void Create(AuthenticationTokenCreateContext context)
{
//Create new application token in the database
var client = context.OwinContext.Get<ApplicationClientModel>("vabank:client");
if (client == null)
{
throw new InvalidOperationException("Client is not in owin context. Can't create refresh token");
}
var user = context.OwinContext.Get<UserIdentityModel>("vabank:user");
if (user == null)
{
throw new InvalidOperationException("User is not in owin context. Can't create refresh token");
}
var container = context.OwinContext.GetAutofacLifetimeScope();
var membershipService = container.Resolve<IAuthorizationService>();
var operationService = container.Resolve<IOperationService>();
var tokenId = Guid.NewGuid().ToString("N");
var token = new CreateTokenCommand
{
Id = VaBank.Common.Security.Hash.Compute(tokenId),
ClientId = client.Id,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddSeconds(client.RefreshTokenLifetime),
UserId = user.UserId
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
token.ProtectedTicket = context.SerializeTicket();
membershipService.CreateToken(token);
if (operationService.HasCurrent)
{
operationService.Stop(operationService.Current);
}
context.SetToken(tokenId);
base.Create(context);
}
