public static async Task <ResponseTokenViewModel> GenerateJwt(
ClaimsIdentity identity,
IJwtFactory jwtFactory,
string userName,
JwtIssuerOptions jwtOptions,
JsonSerializerSettings serializerSettings)
{
var response = new ResponseTokenViewModel
{
Id = identity.Claims.Single(c => c.Type == "id").Value,
Token = await jwtFactory.GenerateEncodedToken(userName, identity),
Expires = (int)jwtOptions.ValidFor.TotalSeconds
};
return(response);
}
private async Task <ResponseTokenViewModel> GenerateAccessAndRefreshToken(RequestTokenViewModel requestToken, string ipAddress)
{
ResponseTokenViewModel responseToken = new ResponseTokenViewModel();
AppUser appUser = await _userManager.FindUserWithRolesByNameAsync(requestToken.UserName);
if (appUser != null && !string.IsNullOrWhiteSpace(requestToken.RefreshToken))
{
RefreshToken oldRefreshToken = await _refreshTokenService.OldRefreshToken(_siteSettings.RefreshTokenSetting.ClientId, requestToken.RefreshToken, ipAddress);
if (oldRefreshToken != null)
{
AppUser userToken = await _userManager.FindByIdAsync(oldRefreshToken.UserId.ToString());
if (userToken == null)
{
throw new AppException(ApiResultStatusCode.LogOut, NotificationMessages.UnAuthorize, HttpStatusCode.Unauthorized);
}
if (oldRefreshToken.ExpireDate < DateTime.Now)
{
throw new AppException(ApiResultStatusCode.LogOut, NotificationMessages.UnAuthorize, HttpStatusCode.Unauthorized);
}
else
{
responseToken.RefreshToken = oldRefreshToken.Value;
responseToken.AccessToken = await GenerateAccessTokenAsync(appUser);
}
}
else
{
throw new AppException(ApiResultStatusCode.LogOut, NotificationMessages.UserNotFound, HttpStatusCode.Unauthorized);
}
}
else
{
throw new AppException(ApiResultStatusCode.LogOut, NotificationMessages.UserNotFound, HttpStatusCode.Unauthorized);
}
return(responseToken);
}
public ResponseTokenViewModel GeTokenViewModel(string username, string userid)
{
var refreshtoken = Guid.NewGuid().ToString("N");
var now = DateTime.UtcNow;
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.NameId, ""),
new Claim(JwtRegisteredClaimNames.Jti, ""),
new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(now).ToUniversalTime().ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Sub, username),
};
var jwt = new JwtSecurityToken(
issuer: _options.Issuer,
audience: _options.Audience,
claims: claims.ToArray(),
notBefore: now,
expires: now.AddMinutes(_options.Expiration),
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_options.SecretKey)), SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
_unitOfWork.DbContext.SysUserTokenses.Add(new SysUserTokens()
{
ExpiresUtc = DateTime.UtcNow, Token = encodedJwt, UserId = userid, Value = refreshtoken, LoginProvider = "", Name = username
});
_unitOfWork.SaveChanges();
ResponseTokenViewModel model = new ResponseTokenViewModel()
{
access_token = encodedJwt,
refresh_token = refreshtoken,
expires_in = (int)TimeSpan.FromSeconds(_options.Expiration * 60).TotalSeconds,
userName = username,
firstname = username,
lastname = username,
createtime = DateTime.Now
};
return(model);
}
public async Task <ResponseTokenViewModel> AuthenticateUser(HttpRequest request, RequestTokenViewModel requestToken)
{
string ipAddress = _httpContextAccessor.HttpContext.Connection?.RemoteIpAddress.ToString();
ResponseTokenViewModel responseTokenViewModel = new ResponseTokenViewModel();
if (requestToken.GrantType == "Password")
{
AppUser user = await _userManager.FindUserWithRolesByNameAsync(requestToken.UserName);
if (user == null)
{
responseTokenViewModel.IsSuccess = false;
responseTokenViewModel.Message = NotificationMessages.UserNotFound;
responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.UnAuthorized;
//throw new AppException(ApiResultStatusCode.UnAuthorized, NotificationMessages.UserNotFound, HttpStatusCode.BadRequest);
}
else
{
bool result = await _userManager.CheckPasswordAsync(user, requestToken.Password);
if (!result)
{
responseTokenViewModel.IsSuccess = false;
responseTokenViewModel.Message = NotificationMessages.InvalidUserNameOrPassword;
responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.UnAuthorized;
// throw new AppException(ApiResultStatusCode.UnAuthorized, NotificationMessages.InvalidUserNameOrPassword, HttpStatusCode.BadRequest);
}
else
{
UserViewModelApi userViewModel = await _userManager.FindUserApiByIdAsync(user.Id);
userViewModel.Image = $"{request.Scheme}://{request.Host}{request.PathBase.Value}/wwwroot/Users/{userViewModel.Image}";
RefreshToken oldRefreshToken = await _refreshTokenService.GetRefreshTokenByUserIdAsync(user.Id);
if (oldRefreshToken != null)
{
await _refreshTokenService.RemoveRefreshTokenAsync(oldRefreshToken);
}
RefreshToken refreshToken = _refreshTokenService.CreateRefreshToken(_siteSettings.RefreshTokenSetting, user.Id, requestToken.IsRemember, ipAddress);
await _refreshTokenService.AddRefreshTokenAsync(refreshToken);
responseTokenViewModel.AccessToken = await GenerateAccessTokenAsync(user);
responseTokenViewModel.RefreshToken = refreshToken.Value;
responseTokenViewModel.User = userViewModel;
responseTokenViewModel.IsSuccess = true;
}
}
}
else if (requestToken.GrantType == "RefreshToken")
{
responseTokenViewModel = await GenerateAccessAndRefreshToken(requestToken, ipAddress);
}
else
{
responseTokenViewModel.IsSuccess = false;
responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.NotFound;
responseTokenViewModel.Message = NotificationMessages.UserNotFound;
//throw new AppException(ApiResultStatusCode.BadRequest, NotificationMessages.TargetNotFounded, HttpStatusCode.BadRequest);
}
return(responseTokenViewModel);
}
