private void attachUserToContext(HttpContext context, AuthenticationInterface userService, string token) { try { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later) ClockSkew = TimeSpan.Zero }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; var userId = int.Parse(jwtToken.Claims.First(x => x.Type == "id").Value); var role = new Role { Name = jwtToken.Claims.First(x => x.Type == "Role").Value }; // attach user to context on successful jwt validation context.Items["User"] = userService.GetById(userId); context.Items["Role"] = role; } catch { // do nothing if jwt validation fails // user is not attached to context so request won't have access to secure routes } }
public async Task Invoke(HttpContext context, AuthenticationInterface userService) { var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last(); if (token != null) { attachUserToContext(context, userService, token); } await _next(context); }
public BasicAuthenticationHandler( IOptionsMonitor <AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, AuthenticationInterface userService, UserManager <User> userManager) : base(options, logger, encoder, clock) { _userService = userService; _userManager = userManager; }
/// <summary> /// Sets the authentication. /// </summary> /// <param name="authentication">Authentication.</param> public static void SetAuthentication(AuthenticationInterface authentication) { ApiConfig.authentication = authentication; }
public static string GenerateSignature(string URL, string method, string body, string clientId, AsymmetricAlgorithm privateKey, AuthenticationInterface auth = null) { OAuthParameters oAuthParameters = new OAuthParameters(); oAuthParameters.setOAuthConsumerKey(clientId); oAuthParameters.setOAuthNonce(OAuthUtil.GetNonce()); oAuthParameters.setOAuthTimestamp(OAuthUtil.GetTimestamp()); oAuthParameters.setOAuthSignatureMethod("RSA-SHA1"); oAuthParameters.setOAuthVersion("1.0"); if (!string.IsNullOrEmpty(body)) { string oAuthBodyHash = Util.Base64Encode(Util.Sha1Encode(body)); oAuthParameters.setOAuthBodyHash(oAuthBodyHash); } string oAuthSignature = OAuthUtil.RsaSign(OAuthUtil.GetBaseString(URL, method, oAuthParameters.getBaseParameters()), auth); oAuthParameters.setOAuthSignature(oAuthSignature); StringBuilder stringBuilder = new StringBuilder(); foreach (KeyValuePair <string, string> current in oAuthParameters.getBaseParameters()) { if (stringBuilder.Length == 0) { stringBuilder.Append(OAuthParameters.OAUTH_KEY).Append(" "); } else { stringBuilder.Append(","); } stringBuilder.Append(current.Key).Append("=\"").Append(Util.UriRfc3986(current.Value)).Append("\""); } return(stringBuilder.ToString()); }
public static string RsaSign(string baseString, AuthenticationInterface auth = null) { return((auth ?? ApiConfig.GetAuthentication()).SignMessage(baseString)); }
public AuthenticationController(AuthenticationInterface userService) { _userService = userService; }
public void SetAuthentication(AuthenticationInterface authentication) { this.authentication = authentication; }