public ActionResult Auth(string postUrl, string methodSelect)
{
string postedValues = "end url=" + postUrl + " method=" + methodSelect;
string response = "";
using (var handler = new HttpClientHandler())
{
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.SslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls;
handler.ClientCertificates.Add(_certificate);
//Ignoring SSL Certificate Errors On .NET Core On HttpClient
handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;
var myModel = new Dictionary <string, string>
{
{ "id", "1" }
};
using (var content = new FormUrlEncodedContent(myModel))
using (var client = new HttpClient(handler))
{
HttpResponseMessage response2 = null;
switch (methodSelect.ToUpper())
{
case "GET":
response2 = client.GetAsync(postUrl).Result;
break;
case "POST":
response2 = client.PostAsync(postUrl, content).Result;
break;
case "PUT":
response2 = client.PutAsync(postUrl, content).Result;
break;
case "DELETE":
response2 = client.DeleteAsync(postUrl).Result;
break;
}
if (response2 != null)
{
response2.EnsureSuccessStatusCode();
string jsonString = response2.Content.ReadAsStringAsync().Result;
response = jsonString.ToString();
}
}
}
ViewBag.certificate = _certificate;
PostAuth postAuth = new PostAuth()
{
PostUrl = postUrl, MethodSelect = methodSelect, PostedValues = postedValues, Response = response
};
return(View(postAuth));
}
public async Task <IActionResult> login(PostAuth auth)
{
int i = 0;
string a = i.ToString();
var user = await this._authenticate.LoginAsync(auth.UserName, _aES.GetComputedHashKey(auth.Password));
//Result<LoginResponse> result = new Result<LoginResponse>(data: user, status: user != null ? Status.Success : Status.Failed, message: user != null ? "Success" : "Failed");
return(Ok(user));
}
public ActionResult Auth()
{
string postedValues = "nic cert=" + _certificate.FriendlyName + " " + _thumb.ToString();
string response = "start ";
ViewBag.certificate = _certificate;
PostAuth postAuth = new PostAuth()
{
PostUrl = "https://localhost:445/api/Project", PostedValues = postedValues, Response = response
};
return(View(postAuth));
}
/// <summary>
/// Gets JWT
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
private async Task <PostAuthResponse> PostAuthAsync(PostAuth request)
{
var message = await _client.PostAsync("auth", new StringContent(
JsonConvert.SerializeObject(request),
Encoding.UTF8,
"application/json"
));
if (!message.IsSuccessStatusCode)
{
return new PostAuthResponse {
AccessToken = string.Empty
}
}
;
var body = await message.Content.ReadAsStringAsync();
return(JsonConvert.DeserializeObject <PostAuthResponse>(body));
}
}
public async Task <IActionResult> Login([FromBody] PostAuth param)
{
try
{
param = new PostAuth();
var result = await this._authenticate.LoginAsync(param.UserName, this._encryption.GetComputedHashKey(param.Password));
if (result.Status == Status.Success)
{
result.Data.Token = this._token.Generate(result.Data);
result.Data.RefreshToken = this._token.Generate(result.Data, DateTime.Now.AddDays(1));
}
return(Ok(result));
}
catch (Exception ex)
{
_logger.LogError($"Account/Login: {ex.ToString()}");
return(Ok(new Result <LoginResponse>(null, Status.Failed, "Internal error")));
}
}
public IActionResult PostAuthenticate([FromBody] PostAuth request)
{
if (request == null || string.IsNullOrEmpty(request.Login) || string.IsNullOrEmpty(request.Password))
{
return(StatusCode(401));
}
// It is a dump authentication. Just to avoid abuses from clients
var(_login, _psw) = (_config.GetSection("Credentials").GetSection("Login").Value, _config.GetSection("Credentials").GetSection("Password").Value);
if (_psw != request.Password || _login != request.Login)
{
return(StatusCode(401));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_config.GetSection("Credentials").GetSection("key").Value);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(
new Claim[]
{
new Claim(ClaimTypes.Name, _login)
}
),
Expires = DateTime.UtcNow.AddHours(1),
NotBefore = DateTime.UtcNow,
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
Issuer = "Covid19Watcher"
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(StatusCode(200, new PostAuthResponse {
AccessToken = tokenHandler.WriteToken(token)
}));
}
