public static string GenerateToken(TokenRequestModel model) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, model.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(model.Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(model.Issuer, // issued by model.Audience, // issued for claims, // payload expires: DateTime.Now.AddMinutes(30), // valid for signingCredentials: creds); // signature var tokenEncoded = new JwtSecurityTokenHandler().WriteToken(token); return(tokenEncoded); }
public IHttpActionResult TokenResquest(TokenRequestModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } PayResponseBindingModel pr = new PayResponseBindingModel() { msgId = 7, tid = model.tid, token = "0", status = 1 }; notificationService.TokenRequest(Global.NotificationHubPNS.APNS, model); pr.status = 0; return(Ok(pr)); }
public HttpResponseMessage Post([FromBody] TokenRequestModel model) { try { var developer = Repository.GetApiUsers().FirstOrDefault(u => u.AppId == model.ApiKey); if (developer != null) { var secret = developer.Secret; var key = Convert.FromBase64String(secret); var provider = new System.Security.Cryptography.HMACSHA256(key); var hash = provider.ComputeHash(Encoding.UTF8.GetBytes(developer.AppId)); var signature = Convert.ToBase64String(hash); if (model.Signature == signature) { var rawTokenInfo = $"{developer.AppId} {DateTime.UtcNow:d}"; var rawTokenByte = Encoding.UTF8.GetBytes(rawTokenInfo); var token = provider.ComputeHash(rawTokenByte); var authToken = new AuthToken { Token = Convert.ToBase64String(token), Expiration = DateTime.UtcNow.AddDays(7), ApiUser = developer }; if (Repository.Insert(authToken) && Repository.SaveAll()) { return(Request.CreateResponse(HttpStatusCode.Created, ModelFactory.Create(authToken))); } } } return(Request.CreateResponse(HttpStatusCode.BadRequest)); } catch (Exception xc) { return(Request.CreateResponse(HttpStatusCode.BadRequest, xc)); } }
public async Task <IActionResult> Register([FromBody] RegisterViewModel model) { try { var salt = Guid.NewGuid().ToString(); var user = new User { UserName = model.Email, Email = model.Email, PhoneNumber = model.Phone, HashSalt = salt }; var password = $"{model.Password + salt}"; var result = await _userManager.CreateAsync(user, password); if (result.Succeeded) { var token = await GetToken(user); var response = new TokenRequestModel { Status = "success", Message = "acount successfully created", Token = new JwtSecurityTokenHandler().WriteToken(token), Expires = token.ValidTo, }; return(Created("", response)); } return(BadRequest(new ErrorModel { Status = "error", Message = $"cannot register user {model.Email}" })); } catch (Exception ex) { var response = new ErrorModel { Status = "error", Message = $"{ex.Message}", }; return(BadRequest(response)); } }
// These method will be called by Client or application Users => Angular/REST API app public async Task <TokenResponseModel> Auth(TokenRequestModel model) { // We will return Generic 500 HTTP Server Status Error // If we receive an invalid payload if (model == null) { return(CreateErrorResponseToken("Model State is Invalid", HttpStatusCode.InternalServerError)); } switch (model.GrantType) { case "password": return(await GenerateNewToken(model)); case "refresh_token": return(await RefreshToken(model)); default: // not supported - return a HTTP 401 (Unauthorized) return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } }
public async Task <AuthModel> GetTokenAsync(TokenRequestModel model) { var authModel = new AuthModel(); var user = await _userManager.FindByEmailAsync(model.Email); if (user is null || !await _userManager.CheckPasswordAsync(user, model.Password)) { authModel.Message = "Email Or Password InCorrect"; return(authModel); } var jwtSecurityToken = await CreateJwtToken(user); var RolesList = await _userManager.GetRolesAsync(user); authModel.IsAuthenticated = true; authModel.Email = user.Email; authModel.Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); authModel.UserName = user.UserName; authModel.ExpiresOn = jwtSecurityToken.ValidTo; authModel.Roles = RolesList.ToList(); return(authModel); }
public HttpResponseMessage Post([FromBody] TokenRequestModel model) { try { var user = TheRepository.GetApiUsers().Where(u => u.AppId == model.ApiKey).FirstOrDefault(); if (user != null) { var secret = user.Secret; var key = Convert.FromBase64String(secret); HMACSHA256 provider = new HMACSHA256(key); byte[] hash = provider.ComputeHash(Encoding.UTF8.GetBytes(user.AppId)); string signature = Convert.ToBase64String(hash); if (signature == model.Signature) { var rawTokenInfo = string.Concat(user.AppId + DateTime.UtcNow.ToString("d")); var rawTokenByte = Encoding.UTF8.GetBytes(rawTokenInfo); var token = provider.ComputeHash(rawTokenByte); var authToken = new AuthToken() { Token = Convert.ToBase64String(token), Expiration = DateTime.UtcNow.AddDays(7), ApiUser = user }; if (TheRepository.Insert(authToken) && TheRepository.SaveAll()) { return(Request.CreateResponse(HttpStatusCode.Created, TheModelFactory.Create(authToken))); } } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex)); } return(Request.CreateResponse(HttpStatusCode.BadRequest)); }
public async Task <IActionResult> Auth([FromBody] TokenRequestModel model) // granttype = "refresh_token" { // We will return Generic 500 HTTP Server Status Error // If we receive an invalid payload if (model == null) { return(new StatusCodeResult(500)); } switch (model.GrantType) { case "password": return(await GenerateNewToken(model)); case "refresh_token": return(await RefreshToken(model)); default: // not supported - return a HTTP 401 (Unauthorized) return(new UnauthorizedResult()); } }
public IHttpActionResult TestNotification(TokenRequestModel model) { string slog = string.Format("TestNotification tokenReqModel: {0}", JsonConvert.SerializeObject(model)); logger.Debug(slog); HttpStatusCode ret = HttpStatusCode.InternalServerError; if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = userService.GetUserByEmail(model.vid); if (user != null) { try { /////////////////////////////////////// // Notify the mobile applet /////////////////////////////////////// notificationService.TokenRequest(Global.NotificationHubPNS.APNS, user.Id, model); } catch (MessagingException e) { ReturnGoneIfHubResponseIsGone(e); } catch (Exception ex) { return(BadRequest(ex.Message)); } } else { return(BadRequest("Bad UserId")); } return(Ok(ret)); }
/// <summary> /// Method to Refresh JWT and Refresh Token. /// </summary> /// <param name="model"></param> /// <returns></returns> /// <exception cref="NotImplementedException"></exception> private async Task <IActionResult> RefreshToken(TokenRequestModel model) { try { var rt = _db.RefreshTokens.FirstOrDefault(t => t.ClientId == _appSettings.ClientId && t.Value == model.RefreshToken); if (rt == null || rt.ExpiryTime < DateTime.UtcNow) { return(new UnauthorizedResult()); } //Check if there`s user with the refresh token`s userId var user = await _userManager.FindByIdAsync(rt.UserId); if (user == null) { return(new UnauthorizedResult()); } //Generate new Refresh token var rtNew = _tokenCreator.CreateRefreshToken(rt.ClientId, rt.UserId); _db.RefreshTokens.Remove(rt); _db.RefreshTokens.Add(rtNew); await _db.SaveChangesAsync(); var response = await _tokenCreator.CreateAccessToken(user, rtNew.Value); return(Ok(new { authToken = response })); } catch (Exception e) { return(new UnauthorizedResult()); } }
public async Task <AuthenticationModel> LoginAsync(TokenRequestModel model) { var authenticationModel = new AuthenticationModel(); var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { authenticationModel.IsAuthenticated = false; authenticationModel.Message = $"No Accounts Registered with {model.Email}"; return(authenticationModel); } if (await _userManager.CheckPasswordAsync(user, model.Password)) { authenticationModel.IsAuthenticated = true; authenticationModel.Email = user.Email; authenticationModel.Name = user.Name; return(authenticationModel); } authenticationModel.IsAuthenticated = false; authenticationModel.Message = $"Incorrect Credentials for user {user.Email}"; return(authenticationModel); }
public async Task <IActionResult> Auth([FromBody] TokenRequestModel model) { //We will return Generic 500 Http Server Error //If we receive an invalid payload if (model == null) { return(new StatusCodeResult(500)); } switch (model.GrantType) { case GrantType.Login: return(await GenerateNewToken(model)); case GrantType.RefreshToken: return(await RefreshToken(model)); default: // Non supported return 401(Unauthorized) return(new UnauthorizedResult()); } }
public IActionResult Request(TokenRequestModel model) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JwtSettings:SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(ClaimTypes.Name, "管理员") , new Claim(ClaimTypes.Role, "admin") }; var expires = DateTime.Now.AddDays(Convert.ToDouble(configuration["JwtSettings:ExpiresDay"])); var token = new JwtSecurityToken( issuer: configuration["JwtSettings:Issuer"], audience: configuration["JwtSettings:Audience"], claims: claims, notBefore: DateTime.Now, expires: expires, signingCredentials: creds); return(Ok(new { Token = new JwtSecurityTokenHandler().WriteToken(token), Expires = expires.ToString("yyyy-MM-dd HH:mm:ss") })); }
public IActionResult Post(TokenRequestModel tokenRequest) { if (tokenRequest != null && !string.IsNullOrEmpty(tokenRequest.ApiKey)) { var user = _IMerchantService.GetMerchantProfile(tokenRequest.ApiKey); if (user != null) { //create claims details based on the user information var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, _configuration["Jwt:Subject"]), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()), new Claim("ProfileId", user.Id.ToString()), new Claim("Name", user.Name), new Claim("UserName", user.Merchant.Email), new Claim("APIMode", user.Mode == Core.Models.Common.APIMode.Live ? "1" :"0") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(_configuration["Jwt:Issuer"], _configuration["Jwt:Audience"], claims, expires: DateTime.UtcNow.AddMinutes(10), signingCredentials: signIn); return(Ok(new JwtSecurityTokenHandler().WriteToken(token))); } else { return(BadRequest("Invalid credentials")); } } else { return(BadRequest()); } }
//Method to Refresh JWT and Refresh Token private async Task <TokenResponseModel> RefreshToken(TokenRequestModel model) { TokenModel rt = await _dalLayer.GetRefreshToken(_appSettings.ClientId, model.RefreshToken.ToString()); // check if refresh token is expired if (rt.ExpiryTime < DateTime.UtcNow) { return(null); } // check if there's an user with the refresh token's userId var user = await _userManager.FindById(rt.UserId); if (user == null) { // UserId not found or invalid return(null); } // generate a new refresh token var rtNew = CreateRefreshToken(rt.ClientId, rt.UserId); // invalidate the old refresh token (by deleting it) List <TokenModel> rtList = new List <TokenModel>() { rt }; await _dalLayer.RemoveTokens(rtList); // add the new refresh token await _dalLayer.AddToken(rtNew); // var response = await CreateAccessToken(user, rtNew.Value); return(response); }
public async Task <IActionResult> Auth([FromBody] TokenRequestModel model) { if (!ModelState.IsValid) { return(BadRequest()); } try { var jwtToken = await _authSvc.Auth(model); if (jwtToken.ResponseInfo.StatusCode == HttpStatusCode.Unauthorized) { _authSvc.DeleteAllCookies(_cookiesToDelete); return(Unauthorized(new { LoginError = jwtToken.ResponseInfo.Message })); } if (jwtToken.ResponseInfo.StatusCode == HttpStatusCode.InternalServerError) { _authSvc.DeleteAllCookies(_cookiesToDelete); return(StatusCode(StatusCodes.Status500InternalServerError)); } if (jwtToken.ResponseInfo.StatusCode == HttpStatusCode.BadRequest) { _authSvc.DeleteAllCookies(_cookiesToDelete); return(BadRequest(new { LoginError = jwtToken.ResponseInfo.Message })); } return(Ok(jwtToken)); } catch (Exception ex) { Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); } return(Unauthorized()); }
private async Task <IActionResult> RefreshToken(TokenRequestModel model) { try { var rt = _context.Tokens.FirstOrDefault(t => t.ClientId == _appSettings.ClientId && t.Value == model.RefreshToken.ToString()); if (rt == null) { return(new UnauthorizedResult()); } if (rt.ExpiryDate < DateTime.UtcNow) { return(new UnauthorizedResult()); } var user = await _userManager.FindByIdAsync(rt.UserId.ToString()); if (user == null) { return(new UnauthorizedResult()); } var rtNew = CreateRefreshToken(rt.ClientId, rt.UserId); _context.Tokens.Remove(rt); _context.Tokens.Add(rtNew); await _context.SaveChangesAsync(); var response = await CreateAccesToken(user, rtNew.Value); var appUser = await _userManager.Users.Include(p => p.Photos).FirstOrDefaultAsync(u => u.UserName == model.Username); var userForReturn = _mapper.Map <UserForListDto>(appUser); return(Ok(new { authToken = response, user = userForReturn })); } catch (Exception ex) { return(new UnauthorizedResult()); } }
public IActionResult CreateToken([FromBody] TokenRequestModel requestModelModel) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var details = Repo.GetUserMaster(requestModelModel.UserEmail); if (details == null) { return(BadRequest("User validation failed")); } var hashedPassword = _passwordHashingHelper.HashValues(requestModelModel.Password, _passwordHashingHelper.GetSaltFromString(details.Salt)); if (!string.Equals(hashedPassword, details.UserPassword)) { return(BadRequest("User validation failed")); } var token = TokenHandler.Create(requestModelModel.UserEmail, AppSettings.Value.SigningKey); if (string.IsNullOrEmpty(token)) { return(StatusCode(500)); } var tokenModel = new TokenResponseModel() { UserEmail = requestModelModel.UserEmail, BearerToken = token }; return(Ok(tokenModel)); }
public async Task GivenTokenRequest_WhenGetToken_ThenGetTokenSuccessful() { //?Given var request = new TokenRequestModel(); var tokenReponse = new TokenResponse(); var expected = new TokenResponseModel(); _tokenManager.Setup(x => x.GetToken(It.IsAny <TokenRequest>())) .ReturnsAsync(tokenReponse) .Verifiable(); _mapper.Setup(x => x.Map <TokenResponseModel>(tokenReponse)) .Returns(expected); //?When var actual = await _authController.GetToken(request); //?Then Assert.IsAssignableFrom <OkObjectResult>(actual); Assert.Equal(((OkObjectResult)actual).Value, expected); _tokenManager.Verify(); _mapper.Verify(); }
public IActionResult Authenticate([FromBody] TokenRequestModel request) { _logger.LogDebug(string.Format("authenticate api called with parameters. Username:{0} ", request.Username)); if (!ModelState.IsValid) { return(BadRequest(ModelState)); } UserModel objUser = _userService.IsValidUser(request.Username, request.Password); if (objUser == null) { _logger.LogDebug(string.Format("User is not valid. Username:{0} ", request.Username)); return(BadRequest(ResponseMessageModel.CreateResponseMessage("Invalid User", "Username or password is not correct."))); } objUser.AccessToken = objTokenHandler.GenerateJWTToken(objUser.UserID); objUser.RefreshToken = objTokenHandler.GenerateRefreshToken(); _logger.LogDebug(string.Format("Generated access token and refresh token for UserID:{0}", objUser.UserID)); return(Ok(objUser)); }
public async Task <IActionResult> RequestToken([FromBody] TokenRequestModel model) { var account = await _Context.Accounts.Include(x => x.Organization).FirstOrDefaultAsync(x => x.Mail.ToLower() == model.Account.ToLower() || x.Phone == model.Account); if (account == null) { return(BadRequest(new ErrorRespondModel() { Message = "用户名或者密码有误" })); } if (account.Password != model.Password) { return(BadRequest(new ErrorRespondModel() { Message = "用户名或者密码有误" })); } if (account.Frozened) { return(BadRequest(new ErrorRespondModel() { Message = "账户已被冻结" })); } var now = DateTime.UtcNow; if (now < account.ActivationTime.AddDays(-1)) { return(BadRequest(new ErrorRespondModel() { Message = "账户未启用" })); } if (now > account.Organization.ExpireTime) { return(BadRequest(new ErrorRespondModel() { Message = "账户已失效" })); } else { //普通用户,过期时间在组织过期时间之内 if (account.Organization.OwnerId != account.Id) { if (now > account.ExpireTime) { return(BadRequest(new ErrorRespondModel() { Message = "账户已失效" })); } } } var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_AppConfig.JwtSettings.SecretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); //var claims = new[] { new Claim(ClaimTypes.Name, account.Id) }; var claims = new[] { new Claim(ClaimTypes.Name, account.Id) , new Claim(ClaimTypes.Role, account.Type) , new Claim("OrganizationId", account.OrganizationId) }; var expires = DateTime.Now.AddDays(_AppConfig.JwtSettings.ExpiresDay); var token = new JwtSecurityToken( issuer: _AppConfig.JwtSettings.Issuer, audience: _AppConfig.JwtSettings.Audience, claims: claims, notBefore: DateTime.Now, expires: expires, signingCredentials: creds); return(Ok(new { Token = new JwtSecurityTokenHandler().WriteToken(token), Expires = expires.ToString("yyyy-MM-dd HH:mm:ss") })); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Cookies.ContainsKey(AccessToken) || !Request.Cookies.ContainsKey(User_Id)) { Log.Error("No Access Token or User Id found."); return(await Task.FromResult(AuthenticateResult.NoResult())); } if (!AuthenticationHeaderValue.TryParse($"{"Bearer " + Request.Cookies[AccessToken]}", out AuthenticationHeaderValue headerValue)) { Log.Error("Could not Parse Token from Authentication Header."); return(await Task.FromResult(AuthenticateResult.NoResult())); } if (!AuthenticationHeaderValue.TryParse($"{"Bearer " + Request.Cookies[User_Id]}", out AuthenticationHeaderValue headerValueUid)) { Log.Error("Could not Parse User Id from Authentication Header."); return(await Task.FromResult(AuthenticateResult.NoResult())); } try { /* STEP 1. Get the Validation Parameters for our applications JWT Token */ var key = Encoding.ASCII.GetBytes(_appSettings.Secret); /* STEP 2. Create an instance of Jwt token handler */ handler = new JwtSecurityTokenHandler(); /* STEP 3. Create an instance of Jwt token validation parameters */ validationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, ValidateIssuer = true, ValidateAudience = true, ValidIssuer = _appSettings.Site, ValidAudience = _appSettings.Audience, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateLifetime = true, ClockSkew = TimeSpan.Zero }; /* STEP 4. Get the Data protection service instance */ var protectorProvider = _provider.GetService <IDataProtectionProvider>(); /* STEP 5. create a protector instance */ var protector = protectorProvider.CreateProtector(_dataProtectionKeys.ApplicationUserKey); /* STEP 6. Layer One Unprotect the user id */ var decryptedUid = protector.Unprotect(headerValueUid.Parameter); /* STEP 7. Layer One Unprotect the user token */ var decryptedToken = protector.Unprotect(headerValue.Parameter); /* STEP 8. Create an instance of the user tokenModel */ TokenModel tokenModel; /* STEP 9 Get the existing token for the user from Database */ /* Step 10. Create a scoped request */ using (var scope = _provider.CreateScope()) { var dbContextService = scope.ServiceProvider.GetService <ApplicationDbContext>(); var userToken = dbContextService.Tokens.Include(x => x.User). FirstOrDefault(ut => ut.UserId == decryptedUid && ut.User.UserName == Request.Cookies[Username] && ut.User.Id == decryptedUid); tokenModel = userToken; } if (tokenModel == null) { return(await Task.FromResult(AuthenticateResult.Fail("You are not authorized to View this Page"))); } /* STEP 11. Apply second layer of decryption using the key store in the token model */ /* STEP 11.1 Create Protector instance for layer two using token model key */ /* IMPORTANT - If np key exists or key is invalid - exception will be thrown */ IDataProtector layerTwoProtector = protectorProvider.CreateProtector(tokenModel?.EncryptionKeyJwt); decryptedTokenLayerTwo = layerTwoProtector.Unprotect(decryptedToken); /* STEP 12. Validate the token we received - using validation parameters set in step 3 */ /* IMPORTANT - If the validation fails - the method ValidateToken will throw exception */ validateToken = handler.ValidateToken(decryptedTokenLayerTwo, validationParameters, out var securityToken); /* Checking Token Signature */ if (!(securityToken is JwtSecurityToken jwtSecurityToken) || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { return(await Task.FromResult(AuthenticateResult.Fail("Your are not authorized"))); } /* STEP 13. Extract the email from the validated token */ var username = validateToken.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.NameIdentifier)?.Value; /* STEP 14. Get User by their email */ if (Request.Cookies[Username] != username) { return(await Task.FromResult(AuthenticateResult.Fail("You are not authorized to View this Page"))); } var user = await _userManager.FindByNameAsync(username); /* STEP 15. If user does not exist return authentication failed result */ if (user == null) { return(await Task.FromResult(AuthenticateResult.Fail("You are not authorized to View this Page"))); } /* STEP 16. We need to check if the user belongs to the group of user-roles */ if (!UserRoles.Contains(user.UserRole)) { return(await Task.FromResult(AuthenticateResult.Fail("You are not authorized to View this Page"))); } /* STEP 17. Now we will create an authentication ticket, as the token is valid */ var identity = new ClaimsIdentity(validateToken.Claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(await Task.FromResult(AuthenticateResult.Success(ticket))); } catch (Exception ex) { if (ex.GetType() == typeof(SecurityTokenExpiredException)) { if (_appSettings.AllowSiteWideTokenRefresh) { var refreshToken = Request.Cookies[RefreshToken]; var accessToken = Request.Cookies[AccessToken]; var userId = Request.Cookies[User_Id]; var username = Request.Cookies[Username]; var role = Request.Cookies[UserRole]; if (accessToken != null && userId != null) { // Call the refresh token method if it is valid TokenRequestModel model = new TokenRequestModel { RefreshToken = refreshToken, GrantType = "refresh_token", UserName = username }; var result = await _authSvc.Auth(model); if (result.ResponseInfo.StatusCode == HttpStatusCode.OK) { var identity = new ClaimsIdentity(result.Principal.Claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(await Task.FromResult(AuthenticateResult.Success(ticket))); } } } } Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); return(await Task.FromResult(AuthenticateResult.Fail("Your are not authorized"))); } }
public IActionResult Token([FromBody] TokenRequestModel requestModel, [FromHeader] string displayLanguage) { Return <TokenResponseModel> responseModel = new Return <TokenResponseModel>() { DisplayLanguage = displayLanguage }; // parameter validations if (requestModel == null || string.IsNullOrEmpty(requestModel.UserName) || string.IsNullOrEmpty(requestModel.Password)) { responseModel.Status = ResultStatusCodeStatic.BadRequest; responseModel.Message = "Parametreler boş olmamalıdır."; responseModel.Success = false; ReturnError error = new ReturnError(); error.Key = "400"; error.Message = "Parametreler boş olmamalıdır."; error.Code = 400; responseModel.Errors = new List <ReturnError>(); responseModel.Errors.Add(error); responseModel.Data = null; //hata oluştugundan dolayı Data null olarak dönülür. return(BadRequest(responseModel)); } var userLoginResponse = _authenticationService.Login(requestModel.UserName, requestModel.Password, displayLanguage); if (userLoginResponse.IsValid) { responseModel.Data = new TokenResponseModel(); responseModel.Data.Id = userLoginResponse.Personnel.Id; responseModel.Data.TC = userLoginResponse.Personnel.TC; responseModel.Data.Name = userLoginResponse.Personnel.Name; responseModel.Data.LastName = userLoginResponse.Personnel.LastName; responseModel.Data.Phone = userLoginResponse.Personnel.Phone; responseModel.Data.Address = userLoginResponse.Personnel.Address; responseModel.Data.UserName = userLoginResponse.Personnel.UserName; responseModel.Data.Password = "******"; responseModel.Data.TokenExpirePeriod = 60; // kullanıcının authcode bilgileri elde edilir var userAuthCodeListAsString = _profileDetailService.GetAllAuthCodeByPersonnelIdAsConcatenateString(userLoginResponse.Personnel.Id); //jwt token eklenmesi işlevi responseModel.Data.UserToken = TokenHelper.CreateToken(userLoginResponse.Personnel, userAuthCodeListAsString); //userToken.Token; responseModel.Status = ResultStatusCodeStatic.Success; responseModel.Message = "Success"; responseModel.Success = true; return(Ok(responseModel)); } else { responseModel.Status = ResultStatusCodeStatic.InternalServerError; responseModel.Message = userLoginResponse.ErrorMessage; responseModel.Success = false; ReturnError error = new ReturnError(); error.Key = "500"; error.Message = userLoginResponse.ErrorMessage; error.Code = 500; responseModel.Errors = new List <ReturnError>(); responseModel.Errors.Add(error); responseModel.Data = null; //hata oluştugundan dolayı Data null olarak dönülür. // return BadRequest(responseModel); //return Ok(responseModel); return(BadRequest(responseModel)); } }
public IActionResult GetToken([FromBody] TokenRequestModel model) { var tokenEncoded = HashFactory.GenerateToken(model); return(new OkObjectResult(new { token = tokenEncoded })); }
//public Task<NotificationOutcome> TokenRequest(string pns, TokenRequestModel model) //{ // throw new NotImplementedException(); //} private string TokenRequestModelAPNS(TokenRequestModel model) { string ret = JsonConvert.SerializeObject(model); return(ret); }
public async Task <AuthenticationModel> LoginAsync(TokenRequestModel model) { var result = await _userService.LoginAsync(model); return(result); }
/// <summary> /// Note: Although the Apple devicetoken is stored in pass-in, but at the time the devicetoken was registered through our Account/RegisterPhoneToken, /// Azure Notification Hub is associated userId to the DeviceToken. So the UserId is the real identifier (not the APNS devicetoken), userId_[12125...] is the real key. /// </summary> /// <param name="pns"></param> /// <param name="userId"></param> /// <param name="model"></param> /// <returns></returns> public async Task <NotificationOutcome> TokenRequest(NotificationHubPNS pns, string userId, TokenRequestModel model) { string[] userTag = new string[1]; userTag[0] = "userId_" + userId.Trim(); Microsoft.Azure.NotificationHubs.NotificationOutcome outcome = null; switch (pns) { case NotificationHubPNS.APNS: // iOS string serializeModel = TokenRequestModelAPNS(model); string logStr = string.Format("APNS TokenRequest SerializeModel: {0}", serializeModel); logger.Debug(logStr); int n = serializeModel.IndexOf('{'); if (n >= 0) { serializeModel = serializeModel.Remove(n, 1); } n = serializeModel.LastIndexOf('}'); if (n > 0) { serializeModel = serializeModel.Remove(n, 1); } string alert = "{"; alert += "\"aps\":{\"alert\":\"" + "vid: " + model.vid + ", tid " + model.tid + ", merchant " + model.merchantIdentifier + "\", \"sound\":\"default\"},"; alert += serializeModel; alert += "}"; logStr = string.Format("APNS TokenRequest Alert: {0}", alert); logger.Debug(logStr); //outcome = await Hub.SendAppleNativeNotificationAsync(alert); if (!string.IsNullOrEmpty(userId)) { outcome = await Hub.SendAppleNativeNotificationAsync(alert, userTag); } else { outcome = await Hub.SendAppleNativeNotificationAsync(alert); } break; } return(outcome); }
public async Task <IActionResult> GetTokenAsync(TokenRequestModel model) { var result = await _userService.GetTokenAsync(model); return(Ok(result)); }
public IHttpActionResult PayRequest(PayRequestBindingModel model) { string slog = string.Format("PayRequest Begin model: {0}", JsonConvert.SerializeObject(model)); logger.Debug(slog); PayResponseBindingModel pr = new PayResponseBindingModel() { msgId = 2, tid = model.tid, token = "", status = 2 }; if (!ModelState.IsValid) { logger.Debug("PayRequest ModelState is invalid"); pr.status = -1; return(Ok(pr)); } /////////////////////////////////////// // Check for valid vid or email /////////////////////////////////////// User user = userService.GetUserByEmail(model.vid); if (user == null) { // Invalid user email pr.status = 1; return(Ok(pr)); } else if (user != null && user.EmailConfirmed == false) { // User hasn't confirmed email. pr.status = 1; return(Ok(pr)); } /////////////////////////////////////// // Check for valid merchant /////////////////////////////////////// Merchant merchant = merchantService.GetMerchantByAlias(model.merchantIdentifier); if (merchant == null) { // Invalid merchant pr.status = 2; return(Ok(pr)); } var pay = new PaymentLog() { TId = model.tid.ToString(), TTime = model.ttime, ShippingInfo = model.shippingInfo, Amount = model.amount, CountryCode = model.countryCode, CurrencyCode = model.currencyCode, MerchantId = model.merchantIdentifier, MechantName = model.merchantName, LineItems = model.lineItems, PublicKey = model.publicKey, Email = model.vid, MerchantCapability = merchant.MerchantCapabilities, SupportedNetwork = merchant.SupportNetwork, PaymentMethodTokenizationType = merchant.PaymnetMethodTokenizationType, CodeCheck = string.Empty, CodeCheckCount = 0, IsCodeCheckValidated = false }; string codeCheck = GetRamdomCodeCheck(); bool correctShippingInfo = paymentService.IsValidUserShippingInfo(user, model.shippingInfo); if (!correctShippingInfo) { pay.CodeCheck = codeCheck; } /////////////////////////////////////// // Save payment to database PaymentLog table /////////////////////////////////////// PaymentLog checkLog = paymentService.GetPaymentByTid(pay.TId); if (checkLog == null) { // Save pay to the database string val = paymentService.RequestPay(pay); if (string.IsNullOrEmpty(val)) { //ModelState.AddModelError("", string.Format("Error PayRequest")); //return BadRequest(ModelState); logger.Debug("PayRequest can't add to the database PaymentLog table"); pr.status = -1; return(Ok(pr)); } } //else //{ // //ModelState.AddModelError("", string.Format("Error tid is already exist")); // return BadRequest(ModelState); //} /////////////////////////////////////// // Check to make sure Shipping Info is to the vid or email user /////////////////////////////////////// if (!correctShippingInfo) { /////////////////////////////////////// // Insert key to PayTokenManager PaymentRequest /////////////////////////////////////// PayTokenManager.Instance.SavePaymentLog(model.tid, pay); // Send CodeCheck back to the browser CodeCommandBindingModel codeCommand = new CodeCommandBindingModel() { msgId = 5, tid = model.tid, code = codeCheck }; return(Ok(codeCommand)); } try { /////////////////////////////////////// // Get token value from PayTokenManger /////////////////////////////////////// TokenRequestModel trModel = PaymentLogToTokenRequestModel(pay, user, merchant); string token = SendMobileTokenRequest(model.tid, user.Id, trModel); if (!string.IsNullOrEmpty(token)) { pr.status = 0; } else { pr.status = 4; } pr.token = token; /* * /////////////////////////////////////// * // Notify the mobile applet * /////////////////////////////////////// * TokenRequestModel trModel = PaymentLogToTokenRequestModel(model, user, merchant); * notificationService.TokenRequest(Global.NotificationHubPNS.APNS, user.Id, trModel); * * /////////////////////////////////////// * // Insert key to PayTokenManager * /////////////////////////////////////// * PayTokenManager.Instance.Save(model.tid, string.Empty); * * /////////////////////////////////////// * // Waiting for TokenResponse from applet to update the PayTokenManager * /////////////////////////////////////// * * int timerPayRequest = 10; * int.TryParse(ConfigurationManager.AppSettings["TimerPayRequest"].ToString(), out timerPayRequest); * * timerPayRequest *= 1000; * * int tCount = 30; * int interval = timerPayRequest / tCount; * int timer = 0; * while (timer < timerPayRequest) * { * Thread.Sleep(interval); * timer += interval; * string tok; * PayTokenManager.Instance.Get(model.tid, out tok); * if (!string.IsNullOrEmpty(tok)) * { * break; * } * } * * /////////////////////////////////////// * // Get token value from PayTokenManger * /////////////////////////////////////// * string token = ""; * if (PayTokenManager.Instance.Get(model.tid, out token) && !string.IsNullOrEmpty(token)) * { * pr.status = 0; * PayTokenManager.Instance.Delete(model.tid); * } * else * { * pr.status = 4; * } * pr.token = token; */ if (pr.status == 0) { paymentService.SavePaymentRequestConfimred(model.tid.ToString()); } else { paymentService.SavePaymentRequestRejected(model.tid.ToString()); } PayTokenManager.Instance.Delete(model.tid); } catch (MessagingException e) { logger.Error("PayRequest MessageException", e); //ReturnGoneIfHubResponseIsGone(e); pr.status = 4; return(Ok(pr)); } catch (Exception ex) { logger.Error("PayRequest", ex); pr.status = 4; return(Ok(pr)); } slog = string.Format("PayRequest Returns: {0}", JsonConvert.SerializeObject(pr)); logger.Debug(slog); return(Ok(pr)); }
public async Task<IActionResult> RefreshingTokens([FromBody] TokenRequestModel model) { TokenResponseModel responseModel = await _jwtProvider.RefreshTokensAsync(model.AccessToken, model.RefreshToken); return Ok(responseModel); }