public static void SignIdentityToken(IdentityToken token) { string text = token.PayloadString(); string signature = TokenSignFactory.SignToken(text); token.Signature = signature; }
private async Task <LoginUserDto> GenerateLoginUserDto(ApplicationUser user) { // generate jwt token var userClaims = await _iUserRepository.GetClaimsByUserIdAsync(user.Id); var userRoles = (await _userManager.GetRolesAsync(user)).Select(role => new Claim("roles", role)); JwtSecurityToken token = TokenHelper.GenerateToken( user.UserName, _tokenConfig.Key, _tokenConfig.Issuer, _tokenConfig.Audience, _tokenConfig.Expires, userClaims.ToList(), userRoles.ToList() ); // save the token info into database IdentityToken identityToken = new IdentityToken() { Id = Guid.Parse(token.Id), ApplicationUser = user, Issuer = _tokenConfig.Issuer, Audience = _tokenConfig.Audience, Expires = token.ValidTo }; await _identityTokenRepository.CreateAsync(identityToken); await _identityTokenRepository.SaveAsync(); return(new LoginUserDto() { User = Mapper.Map <UserDto>(user), Token = new JwtSecurityTokenHandler().WriteToken(token), Expiration = token.ValidTo });; }
public async Task <Guid> SendMessageAsync(string key, string ipAddress, string userAgent, CancellationToken ct) { var now = DateTime.UtcNow; var code = Generator.GenerateAlphaNumericString(256); var identityTypes = IdentityTypeExtensions.TypesWithPassword; var identity = await _identitiesService.GetByKeyAndTypesAsync(key, identityTypes, ct); var emailIdentity = await _identitiesService.GetByProfileIdAndTypeAsync(identity.ProfileId, IdentityType.EmailAndPassword, ct); var token = new IdentityToken { IdentityId = emailIdentity.Id, Type = IdentityTokenType.PasswordReset, Value = code, CreateDateTime = now, ExpirationDateTime = now.AddDays(1), IpAddress = ipAddress, UserAgent = userAgent }; var id = await _identityTokensService.CreateAsync(token, ct); await SendCodeAsync(emailIdentity.Key, id, code); return(id); }
public async Task <Guid> SendMessageAsync( string country, string phone, string ipAddress, string userAgent, CancellationToken ct) { var now = DateTime.UtcNow; var code = new Random().Next(0, 9999).ToString("0000"); var identityTypes = new[] { IdentityType.PhoneAndPassword }; var identity = await _identitiesService.GetByKeyAndTypesAsync(phone, identityTypes, ct); var token = new IdentityToken { IdentityId = identity.Id, Type = IdentityTokenType.PhoneValidation, Value = code, CreateDateTime = now, ExpirationDateTime = now.AddMinutes(10), IpAddress = ipAddress, UserAgent = userAgent }; var id = await _identityTokensService.CreateAsync(token, ct); var phoneWithPrefix = country.GetInternationalPhonePrefix() + phone; await SendCodeAsync(phoneWithPrefix, code); return(id); }
public IdentityTokenResponse PostJSONToken(IdentityTokenRequest token) { IdentityTokenResponse response = new IdentityTokenResponse(); try { IdentityToken identityToken = null; using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(token)) { if (decodedToken.IsValid) { identityToken = new IdentityToken(token, decodedToken.Audience, decodedToken.AuthMetadataUri); } } response.token = identityToken; } catch (Exception ex) { response.errorMessage = ex.Message; } return(response); }
public void LoginTestMethod1() { Configuration.Configure(); AccountBussiness accountBussines = new AccountBussiness(); SignInMessage msg = new SignInMessage(); msg.UserName = "******"; RSAEncryptionCreator encryption = new RSAEncryptionCreator(); msg.Password = encryption.PublicEncryption("123"); msg.ClientId = "1"; var result = accountBussines.Authenticate(msg); Assert.AreNotEqual(result.HasError, true); Assert.AreNotEqual(result.IdentityToken.Signature, string.Empty); TokenValidator validator = new TokenValidator(); var tokenValidation = validator.ValiateIdentityToken(result.IdentityToken); var strToken = result.IdentityToken.ToString(); IdentityToken cToken = new IdentityToken(strToken); var strCtoken = cToken.ToString(); Assert.AreEqual(strToken, strCtoken); Assert.AreEqual(tokenValidation.IsError, true); }
public async Task LoadNewToken(RefreshTokenResponse response) { IdentityToken = new IdentityToken(response.IdentityToken); await _tokenRepo.SaveIdentityToken(response.IdentityToken); await _tokenRepo.SaveRefreshToken(response.RefreshToken); }
public static UserInformation GenerateUserInfo(AccessToken aToken, IdentityToken iToke) { int userId = 0; int perId = 0; int actionId = -1; bool noUpdate = false; int.TryParse(iToke.ClaimValue(ClaimTypes.Subject), out userId); string fname = iToke.ClaimValue(ClaimTypes.Name); string lname = iToke.ClaimValue(ClaimTypes.FamilyName); string userName = iToke.ClaimValue(ClaimTypes.PreferredUserName); int.TryParse(iToke.ClaimValue(ClaimTypes.PersonId), out perId); var actionOperation = aToken.Operations.Where(it => it.IsActionId > 0).FirstOrDefault(); var viewOperation = aToken.Operations.Where(it => it.OperationName.ToLower() == "view").FirstOrDefault(); if (actionOperation != null) { actionId = (int)actionOperation.OperationId; } if (viewOperation != null && aToken.Operations.Count == 1) { noUpdate = true; } UserInformation userInfo = new UserInformation(userId, userName, fname, lname, perId, actionId, noUpdate); return(userInfo); }
public async Task LoadFromRepoAsync() { User = await GetUserObjectAsync(); Permissions = new PermissionsToken(await _tokenRepo.GetPermissionsTokenAsync()); IdentityToken = new IdentityToken(await GetIdentityTokenAsync()); }
/// <inheritdoc/> /// <remarks> /// This method calls <see cref="ProviderBase{TProvider}.PrepareRequestImpl"/> to create the /// initial <see cref="HttpWebRequest"/>, and then sets the <c>Client-Id</c> header according /// to the Marconi (Cloud Queues) specification before returning. /// </remarks> protected override HttpWebRequest PrepareRequestImpl(HttpMethod method, IdentityToken identityToken, UriTemplate template, Uri baseUri, IDictionary <string, string> parameters, Func <Uri, Uri> uriTransform) { HttpWebRequest request = base.PrepareRequestImpl(method, identityToken, template, baseUri, parameters, uriTransform); request.Headers["Client-Id"] = _clientId.ToString("D"); return(request); }
private static bool IsValidToken(IdentityToken token, string code) { return(token != null && !token.UseDateTime.HasValue && token.ExpirationDateTime >= DateTime.UtcNow && token.Type == IdentityTokenType.PasswordReset && token.Value == code); }
public static void SetToken(IdentityToken token) { // HttpContext.Current.Session["identityToken"] = token; var strToken = token.ToString(); var encToken = ISE.Framework.Utility.Utils.Encryption.EncryptData(strToken); HttpContext.Current.Response.Cookies.Add(new HttpCookie("identityToken", encToken)); }
public ActionResult ExternalTokenLogin() { string encToken = Request.Headers["Authorization"].ToString(); var token = ISE.Framework.Utility.Utils.Encryption.DecryptData(encToken); IdentityToken itoken = new IdentityToken(token); AuthorizationPresenter presenter = new AuthorizationPresenter(); var validateor = presenter.ValidateIdentityToken(itoken); return(RedirectToAction("About", "Home")); }
public void Logout(IdentityToken token, string clientId) { SignOutMessage msg = new SignOutMessage() { ClientId = clientId, IdentityToken = token }; var result = AuthenticationServiceAdapter.Execute(it => it.Logout(msg)); token = result.IdentityToken; }
public AuthorizationResult CheckAccess(SecurityResourceDto resource, IdentityToken token) { AuthorizationRequest request = new AuthorizationRequest() { IdentityToken = token, Resource = resource }; var result = AuthorizationServiceAdapter.Execute(it => it.CheckAccess(request)); //if (result.HasError) // return null; return(result); }
public async Task LoadLoginResponse(LoginResponse loginResponse) { IdentityToken = new IdentityToken(loginResponse.IdentityToken); Permissions = new PermissionsToken(loginResponse.PermissionsToken); User = loginResponse.MappedUser; await SaveUserObject(User); await _tokenRepo.SaveIdentityToken(loginResponse.IdentityToken); await _tokenRepo.SavePermissionsToken(loginResponse.PermissionsToken); await _tokenRepo.SaveRefreshToken(loginResponse.RefreshToken); }
public void BuildAUser() { string userId = "TestUserId"; string firstName = "First"; string lastName = "Last"; IdentityToken token = new IdentityToken(userId); var roles = GetUserRoles(); var target = new User(1, userId, firstName, lastName, token, roles); Assert.Equal(userId, target.UserId); Assert.Equal(firstName, target.FirstName); Assert.Equal(lastName, target.LastName); Assert.NotEmpty(target.Token.Token); }
/// <summary> /// Ensures the lifespan. /// </summary> /// <param name="token">The token.</param> /// <returns></returns> public IdentityResponse <IdentityToken> EnsureLifespan(IdentityToken token = null) { if (token?.HasExpired() == false) { return(new IdentityResponse <IdentityToken> { StatusCode = HttpStatusCode.OK, StatusMessage = HttpStatusCode.OK.ToString(), Token = token, }); } var response = RefreshToken(token); return(response); }
public List <SecurityResourceDto> GetMenuList(IdentityToken token, int appDomainId) { AuthorizationRequest request = new AuthorizationRequest() { AppDomainId = appDomainId, IdentityToken = token, }; var result = AuthorizationServiceAdapter.Execute(it => it.MenuList(request)); if (result.Response.HasException) { return(null); } return(result.SecurityResourceDtoList); }
public async System.Threading.Tasks.Task <AppointmentProxyResponse> PostServiceRequest(AppointmentProxyRequest proxyRequest) { AppointmentProxyResponse proxyResponse = new AppointmentProxyResponse(); try { IdentityToken identityToken = null; var organizerDomain = string.Empty; var thirdPartyEventId = (string.IsNullOrEmpty(proxyRequest.thirdPartyEventId)) ? string.Empty : proxyRequest.thirdPartyEventId; var thirdPartySecretKey = string.Empty; using (DecodedJsonToken decodedToken = JsonTokenDecoder.Decode(proxyRequest)) { if (decodedToken.IsValid) { identityToken = new IdentityToken(proxyRequest, decodedToken.Audience, decodedToken.AuthMetadataUri); // todo - add whatever logic you need to do here if (!string.IsNullOrEmpty(proxyRequest.organizerEmailAddress)) { organizerDomain = proxyRequest.organizerEmailAddress.Split('@')[1]; } if (string.IsNullOrEmpty(thirdPartyEventId)) { thirdPartyEventId = $"KF{Guid.NewGuid().ToString()}"; } var secretKey = organizerDomain.Replace('.', '-'); thirdPartySecretKey = await KeyVaultClientHelper.GetDomainSecret(secretKey); } } proxyResponse.token = identityToken; proxyResponse.organizerTenant = organizerDomain; proxyResponse.thirdPartyEventId = thirdPartyEventId; proxyResponse.thirdPartySecretKey = thirdPartySecretKey; } catch (Exception ex) { proxyResponse.errorMessage = ex.Message; } return(proxyResponse); }
public Task <LoginCommandResponse> Handle(LoginCommand request, CancellationToken cancellationToken) { return(Task.Run(() => { var userNames = GetUserNames(request.userId); var token = new IdentityToken(request.userId); User user = null; //new User( // 1, // TODO: hardcoded key // request.userId, // userNames.Item1, // userNames.Item2, // token, // GetUserRoles(request.userId)); return new LoginCommandResponse(user, (userNames.Item1 != "Guest")); }, cancellationToken)); }
/// <summary> /// 创建合法用户获取访问令牌接口数据 /// </summary> /// <param name="identityUser">IdentityUser</param> /// <param name="appConfig">AppConfig</param> /// <returns>IdentityToken</returns> public OperatedResult <IdentityToken> CreateIdentityToken(IdentityUser identityUser, AppConfig appConfig) { ValidateOperator.Begin() .NotNull(identityUser, "IdentityUser") .NotNull(appConfig, "AppConfig"); var payload = new Dictionary <string, object> { { "iss", identityUser.UserId }, { "iat", UnixEpochHelper.GetCurrentUnixTimestamp().TotalSeconds } }; var identityToken = new IdentityToken { AccessToken = CreateIdentityToken(appConfig.SharedKey, payload), ExpiresIn = appConfig.TokenExpiredDay * 24 * 3600 }; return(OperatedResult <IdentityToken> .Success(identityToken)); }
/// <summary> /// Refreshes the token. /// </summary> /// <param name="token">The token.</param> /// <returns></returns> public IdentityResponse <IdentityToken> RefreshToken(IdentityToken token) { if (DateTimeOffset.UtcNow >= token?.ExpireTime || string.IsNullOrWhiteSpace(token?.RefreshToken) == true) { var authResponse = _onAuthRequest?.Invoke(this); return(authResponse ?? new IdentityResponse <IdentityToken> { StatusCode = HttpStatusCode.Unauthorized, StatusMessage = HttpStatusCode.Unauthorized.ToString(), }); } var response = _identityAccess.GetUserRefreshToken(token?.RefreshToken); return(response); }
public TokenValidationResult ValiateIdentityToken(IdentityToken token) { if (token != null) { TokenValidationResult result = new TokenValidationResult(); if (DateTime.Now > token.ExpirationTime) { result.Error = "Token Expired."; result.IsValid = false; return(result); } var hashData = HashFactory.GetHash(token.PayloadString()); var plainData = TokenSignFactory.GetHashData(token.Signature); if (!string.Equals(hashData, plainData)) { result.Error = "Token Not Verified."; result.IsValid = false; return(result); } SessionBussiness sessionBs = new SessionBussiness(); var session = sessionBs.GetSingle(it => it.SecuritySessionId == token.SessionId); if (session != null) { if (session.ExpiredDate != null) { result.Error = "Session Is Expired."; result.IsValid = false; return(result); } } else { result.Error = "Session not exist."; result.IsValid = false; return(result); } result.IsValid = true; return(result); } return(null); }
public IdentityToken ExpireToken(IdentityToken token) { SessionBussiness sessionBs = new SessionBussiness(); TokenValidator tokenValidator = new TokenValidator(); var validationResult = tokenValidator.ValiateIdentityToken(token); if (validationResult.IsError) { return(token); } if (token.HasLogin) { sessionBs.ExpireSession(token.SessionId); token.HasLogin = false; TokenSigner.SignIdentityToken(token); } return(token); }
private async Task <string> GetTokenAsync() { var content = new FormUrlEncodedContent(new[] { new KeyValuePair <string, string>("grant_type", "password"), new KeyValuePair <string, string>("username", UserName), new KeyValuePair <string, string>("password", Password) }); HttpResponseMessage response = await client.PostAsync("Token", content); if (response.IsSuccessStatusCode) { IdentityToken identityToken = await response.Content.ReadAsAsync <IdentityToken>(); return(identityToken.AccessToken); } return(null); }
public async Task <ActionResult> Create(CreateProduct request) { var authorizationHeader = HttpContext.Request.Headers["Authorization"]; var idToken = new IdentityToken(AuthenticationHeaderValue.Parse(authorizationHeader)); try { _logger.LogInformation($"in create function...UserId-{idToken.UserId} and Role-{idToken.Role}"); var result = await _mediator.Send(request); _logger.LogInformation("out from repo function..."); throw new Exception("this is test exception"); //return new OkObjectResult(result); } catch (Exception ex) { return(LogExceptionHelper.CreateApiError(ex, _logger)); } }
public async Task <Guid> CreateAsync(IdentityToken token, CancellationToken ct) { var newToken = new IdentityToken { Id = Guid.NewGuid(), IdentityId = token.IdentityId, Type = token.Type, Value = token.Value, CreateDateTime = DateTime.UtcNow, ExpirationDateTime = token.ExpirationDateTime, IpAddress = token.IpAddress, UserAgent = token.UserAgent }; var entry = await _storage.AddAsync(newToken, ct); await _storage.SaveChangesAsync(ct); return(entry.Entity.Id); }
/// <summary> /// Gets the authentication token for the specified impersonation identity. If necessary, the /// identity is authenticated on the server to obtain a token. /// </summary> /// <remarks> /// If <paramref name="forceCacheRefresh"/> is <see langword="false"/> and a cached <see cref="IdentityToken"/> /// is available for the specified <paramref name="identity"/>, this method may return the cached /// value without performing an authentication against the server. If <paramref name="forceCacheRefresh"/> /// is <see langword="true"/>, this method always authenticates the identity with the server. /// </remarks> /// <param name="identity">The identity of the user to authenticate. If this value is <see langword="null"/>, the authentication is performed with the <see cref="DefaultIdentity"/>.</param> /// <param name="forceCacheRefresh">If <see langword="true"/>, the user is always authenticated against the server; otherwise a cached <see cref="IdentityToken"/> may be returned.</param> /// <returns>The user's authentication token.</returns> /// <exception cref="ArgumentNullException">If <paramref name="identity"/> is <see langword="null"/>.</exception> /// <exception cref="NotSupportedException">If the provider does not support the given <paramref name="identity"/> type.</exception> /// <exception cref="InvalidOperationException">If <paramref name="identity"/> is <see langword="null"/> and no default identity is available for the provider.</exception> /// <exception cref="ResponseException">If the authentication request failed.</exception> protected virtual UserAccess Impersonate(RackspaceImpersonationIdentity identity, bool forceCacheRefresh) { if (identity == null) { throw new ArgumentNullException("identity"); } var impToken = TokenCache.Get(string.Format("{0}:{1}/imp/{2}/{3}", UrlBase, identity.Username, identity.UserToImpersonate.Domain == null ? "none" : identity.UserToImpersonate.Domain.Name, identity.UserToImpersonate.Username), () => { const string urlPath = "/v2.0/RAX-AUTH/impersonation-tokens"; var request = BuildImpersonationRequestJson(identity.UserToImpersonate.Username, 600); var parentIdentity = new RackspaceCloudIdentity(identity); var response = ExecuteRESTRequest <UserImpersonationResponse>(parentIdentity, new Uri(UrlBase, urlPath), HttpMethod.POST, request); if (response == null || response.Data == null || response.Data.UserAccess == null) { return(null); } IdentityToken impersonationToken = response.Data.UserAccess.Token; if (impersonationToken == null) { return(null); } var userAccess = ValidateToken(impersonationToken.Id, identity: parentIdentity); if (userAccess == null) { return(null); } var endpoints = ListEndpoints(impersonationToken.Id, parentIdentity); var serviceCatalog = BuildServiceCatalog(endpoints); return(new UserAccess(userAccess.Token, userAccess.User, serviceCatalog)); }, forceCacheRefresh); return(impToken); }
public void TestGetToken() { IIdentityProvider provider = new CloudIdentityProvider(Bootstrapper.Settings.TestIdentity); IdentityToken token = provider.GetToken(); Assert.IsNotNull(token); // ensure the provider is caching the access token IdentityToken cachedToken = provider.GetToken(); Assert.AreSame(token, cachedToken); // ensure that the provider refreshes the token upon request IdentityToken newToken = provider.GetToken(forceCacheRefresh: true); Assert.AreNotSame(token, newToken); // ensure the the refresh was applied to the cache IdentityToken newCachedToken = provider.GetToken(); Assert.AreSame(newToken, newCachedToken); }
/// <summary> /// Initializes a new instance of the <see cref="ClientHelper"/> class. /// </summary> public ClientHelper() : base() { m_authenticationMethod = DefaultAuthenticationMethod; m_authenticationInput = DefaultAuthenticationInput; m_persistSettings = DefaultPersistSettings; m_settingsCategory = DefaultSettingsCategory; }