public static TokenHolder RefreshToken(string token)
{
EmployeeToken employeeInfo = Decode(token, REFRESHSECRETKEY);
TokenHolder tokenHolder = CreateToken(employeeInfo);
return(tokenHolder);
}
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
object tempRoles = null;
List <string> lstRoles = new List <string>();
var identity = ParseAuthorizationHeader(actionContext);
if (identity == null)
{
return(false);
}
if (!OnAuthorizeUser(identity.Name, actionContext))
{
return(false);
}
List <Claim> lstClaims = new List <Claim>();
if (actionContext.Request.Properties.TryGetValue("Token", out tempRoles))
{
EmployeeToken employeeTokenInfo = tempRoles as EmployeeToken;
lstClaims.Add(new Claim(ClaimTypes.Name, employeeTokenInfo.UserName));
lstClaims.Add(new Claim(ClaimTypes.UserData, identity.Name));
lstClaims.Add(new Claim(ClaimTypes.Role, employeeTokenInfo.Type.ToString()));
}
ClaimsIdentity claimsIdentity = new ClaimsIdentity(lstClaims, "MicroBot");
ClaimsPrincipal principal = new ClaimsPrincipal(claimsIdentity);
Thread.CurrentPrincipal = HttpContext.Current.User = principal;
return(base.IsAuthorized(actionContext));
}
private bool OnAuthorizeUser(string key, HttpActionContext actionContext)
{
if (UserLoginServices.ValidateToken(key))
{
EmployeeToken employeeTokenInfo = UserLoginServices.DecodeToken(key);
actionContext.Request.Properties.Add(new KeyValuePair <string, object>("Token", employeeTokenInfo));
return(true);
}
else
{
return(false);
}
}
private static EmployeeToken Decode(string token, string securityKey)
{
EmployeeToken employeeInfo = null;
IJsonSerializer serializer = new JsonNetSerializer();
IDateTimeProvider provider = new UtcDateTimeProvider();
IJwtValidator validator = new JwtValidator(serializer, provider);
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder);
string jsonPayload = decoder.Decode(token, SECRETKEY, verify: true);
Dictionary <string, object> payload = JsonConvert.DeserializeObject <Dictionary <string, object> >(jsonPayload);
if (payload.ContainsKey("userInfo"))
{
string userInfoData = payload["userInfo"].ToString();
employeeInfo = Newtonsoft.Json.JsonConvert.DeserializeObject <EmployeeToken>(userInfoData);
}
return(employeeInfo);
}
private static TokenHolder CreateToken(EmployeeToken employeeInfo)
{
if (employeeInfo.VerifyObjectNull(throwEdit: false))
{
throw new EditException()
{
Edits = (new List <Edit>()
{
new Edit()
{
FieldName = "Invalid Data", Message = "Data should not be null."
}
})
};
}
TokenHolder tokenHolder = new TokenHolder();
var currentTime = (long)(DateTime.Now - new DateTime(1970, 1, 1, 0, 0, 0, 0).ToLocalTime()).TotalSeconds;
var payload = new Dictionary <string, object>();
payload.Add("userInfo", employeeInfo);
payload.Add("exp", currentTime + EXPIRYTIME);
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
tokenHolder.AccessToken = encoder.Encode(payload, SECRETKEY);
var refreshPayload = new Dictionary <string, object>();
refreshPayload.Add("userInfo", employeeInfo);
refreshPayload.Add("CurrentDate", DateTime.Now.ToString());
tokenHolder.RefreshToken = encoder.Encode(payload, REFRESHSECRETKEY);
return(tokenHolder);
}
public EmployeeToken DecodeToken(string token)
{
if (string.IsNullOrEmpty(token))
{
throw new EditException()
{
Edits = (new List <Edit>()
{
new Edit()
{
FieldName = "Token", Message = "Invalid Token."
}
})
};
}
else
{
EmployeeToken employeeTokenInfo = TokenManager.DecodeToken(token);
if (employeeTokenInfo.VerifyObjectNull(throwEdit: false))
{
throw new EditException()
{
Edits = (new List <Edit>()
{
new Edit()
{
FieldName = "Token", Message = "Invalid Token."
}
})
};
}
else
{
return(employeeTokenInfo);
}
}
}
private void OnNewEmployeeToken(EmployeeToken token)
{
SelectedEmployee = token.SelectedEmployee;
}
public static EmployeeToken DecodeToken(string token)
{
EmployeeToken employeeInfo = Decode(token, SECRETKEY);
return(employeeInfo);
}
private const string REFRESHSECRETKEY = "MICREFRESH"; //Refresh Key Confidential
public static TokenHolder GenerateToken(EmployeeToken employeeInfo)
{
TokenHolder tokenHolder = CreateToken(employeeInfo);
return(tokenHolder);
}
