public async Task <AuthOutput> GetPermissionByUserId(Guid userId)
{
var failed = new AuthOutput
{
Result = AuthMessage.AuthFailed
};
try
{
var query = from a in _userRepo.GetAll()
join b in _roleAssignmentRepo.GetAll() on a.Id equals b.UserId
join c in _permissionRepo.GetAll() on b.RoleId equals c.RoleId
where a.Id == userId && !a.IsDeleted && !b.IsDeleted && !c.IsDeleted
select c;
var output = await query.ToListAsync();
return(new AuthOutput
{
Permissions = output.Select(x => x.Claim).ToList()
});
}
catch (Exception e)
{
throw e;
}
}
public async Task <AuthOutput> Authenticate(string password, string loginName, string secretKey, int validPeriodInMinutes)
{
var failed = new AuthOutput
{
Result = AuthMessage.AuthFailed
};
try
{
var query = from a in _userRepo.GetAll()
join b in _roleAssignmentRepo.GetAll() on a.Id equals b.UserId
join c in _permissionRepo.GetAll() on b.RoleId equals c.RoleId
where a.LoginName == loginName && !a.IsDeleted && !b.IsDeleted && !c.IsDeleted
select new
{
User = a,
RoleAssignment = b,
Claim = c
};
var output = await query.ToListAsync();
if (output.Count == 0)
{
return(failed);
}
var credential = output.First().User;
var computedHashPw = _crypytoHelper.GenerateHashedPassword(password, credential.Salt);
if (credential.PasswordHash != computedHashPw)
{
return(failed);
}
return(new AuthOutput
{
Result = AuthMessage.AuthSuccess,
DisplayName = credential.DisplayName,
JwToken = _tokenHelper.GenerateJwToken(credential.Id, secretKey, validPeriodInMinutes),
Permissions = output.Select(x => x.Claim.Claim).ToList(),
UserId = credential.Id,
RoleId = output.First().RoleAssignment.RoleId
});
}
catch (InvalidOperationException)
{
return(failed);
}
catch (Exception e)
{
throw e;
}
}
public void TestSuccessfulPatAcquisition()
{
var outStream = new StringBuilder();
var testAuthOutput = new AuthOutput()
{
Username = "",
Password = "******",
Message = ""
};
var serialized = JsonConvert.SerializeObject(testAuthOutput);
var credHelper = CredentialProviderHelper.CreateInstanceForTesting(m => outStream.AppendLine(m), CmdHelper.OsShellExe, $"/d /c echo {serialized}");
var result = credHelper.AcquirePatAsync(new Uri("https://foo"), PatType.CacheReadWrite).Result;
XAssert.IsTrue(result.Result == CredentialHelperResultType.Success);
XAssert.IsTrue(outStream.ToString().Contains("Credentials were successfully retrieved from provider"));
XAssert.IsTrue(outStream.ToString().Contains("testPassword"));
XAssert.IsNotNull(result.Pat);
}
public async Task <AuthOutput> Authenticate(string token, string secretKey)
{
var failed = new AuthOutput
{
Result = AuthMessage.AuthFailed
};
try
{
var result = _tokenHelper.DecodeJwToken(token, secretKey, out IEnumerable <Claim> claims);
if (result == false)
{
return(failed);
}
var id = claims.First(x => x.Type == "uid").Value;
var user = await _userRepo.GetUserById(Guid.Parse(id));
if (user.IsDeleted == true)
{
return(failed);
}
return(new AuthOutput
{
Result = AuthMessage.AuthSuccess,
DisplayName = user.DisplayName,
JwToken = token
});
}
catch (InvalidOperationException)
{
return(failed);
}
catch (Exception e)
{
throw e;
}
}
/// <summary>
/// Authenticates user based on his email and password
/// </summary>
/// <param name="email"></param>
/// <param name="pass"></param>
/// <returns></returns>
public static async Task <AuthOutput> LetMeInAsync(string email, string pass)
{
return(AuthOutput.FromTokenResponse(
await AuthenticateUserAsync(email, pass)
));
}
/// <summary>
/// Refreshes auth tokens - access token + refresh token
/// </summary>
/// <param name="refreshToken"></param>
/// <returns></returns>
public static async Task <AuthOutput> RefreshTokensAsync(string refreshToken)
{
return(AuthOutput.FromTokenResponse(
await RequestRefreshTokenAsync(refreshToken)
));
}
