public async Task <AuthenticationProviderResult <RefreshToken> > ValidateRefreshToken( ApplicationClient client, string refreshTokenTicket) { var response = new AuthenticationProviderResult <RefreshToken>() { IsSuccessful = false, ResponseMessage = "", Result = null }; var existingRefreshToken = await this.dataService .RefreshTokens .FindByCondition(r => r.ApplicationClientId == client.Id && r.ProtectedTicket == refreshTokenTicket); if (existingRefreshToken == null) { response.ResponseMessage = "Invalid token"; return(response); } if (existingRefreshToken.ExpiresUtc < DateTime.Now.ToUniversalTime()) { response.ResponseMessage = "Token expired"; return(response); } response.IsSuccessful = true; response.Result = existingRefreshToken; return(response); }
public async Task <AuthenticationProviderResult <ApplicationClient> > ValidateApplicationClientAsync(HttpRequest request) { var response = new AuthenticationProviderResult <ApplicationClient>() { IsSuccessful = false, ResponseMessage = "", Result = null }; var clientId = request.Headers["client_id"]; if (string.IsNullOrEmpty(clientId)) { response.ResponseMessage = "Client Id is not set"; return(response); } if (!Guid.TryParse(clientId, out Guid validClientID)) { response.ResponseMessage = "Invalid client Id"; return(response); } var client = await this.dataService.ApplicationClients.FindByIdAsync(validClientID); if (client == null) { response.ResponseMessage = "Invalid client Id"; return(response); } if (!client.Enabled) { response.ResponseMessage = "Client is inactive"; return(response); } if (client.ApplicationClientType == ApplicationClientType.Confidential) { var clientSecret = request.Headers["client_secret"]; if (string.IsNullOrEmpty(clientSecret)) { response.ResponseMessage = "Client secret is not set"; return(response); } ; if (client.Base64Secret != clientSecret) { response.ResponseMessage = "Client secret do not match"; return(response); } } response.IsSuccessful = true; response.Result = client; return(response); }
public async Task <AuthenticationProviderResult <ApplicationUser> > ValidateUserAuthenticationAsync(UserForAuthenticationDto userDto) { var response = new AuthenticationProviderResult <ApplicationUser>() { IsSuccessful = false, ResponseMessage = "", Result = null }; var user = await this.dataService.UserManager.FindByEmailAsync(userDto.Email); if (user == null) { response.ResponseMessage = "Username or password is incorrect"; return(response); } // if (!user.EmailConfirmed) // { // response.ResponseMessage = "Email not confirmed"; // return response; // } var result = await this.signInManager.PasswordSignInAsync(user.UserName, userDto.Password, false, true); if (result.Succeeded) { response.IsSuccessful = true; response.Result = user; return(response); } else if (result.IsLockedOut) { response.ResponseMessage = "User is lockout"; return(response); } else { response.ResponseMessage = "Username or password is incorrect"; return(response); } }
public async Task <AuthenticationProviderResult <ApplicationUser> > ValidateUserAsync(Guid userId) { var response = new AuthenticationProviderResult <ApplicationUser>() { IsSuccessful = false, ResponseMessage = "", Result = null }; var user = await this.dataService.UserManager.FindByIdAsync(userId.ToString()); response.ResponseMessage = "Unauthorized"; if (user == null) { return(response); } if (!await this.signInManager.CanSignInAsync(user)) { return(response); } if (this.dataService.UserManager.SupportsUserLockout && await this.dataService.UserManager.IsLockedOutAsync(user)) { response.ResponseMessage = "User is lockout"; return(response); } // ToDo When Email confirmation available // if (!user.EmailConfirmed) // { // response.ResponseMessage = "Email not confirmed"; // return response; // } response.IsSuccessful = true; response.ResponseMessage = ""; response.Result = user; return(response); }
private async Task <AuthenticationDto> CreateAuthentificationDto(AuthenticationProviderResult <ApplicationClient> isValidClient, AuthenticationProviderResult <ApplicationUser> isAuthorize) { var userClaims = await this.authenticationProvider.GetUserClaimsAsync(isAuthorize.Result); var userRoles = await this.authenticationProvider.GetUserRolesAsync(isAuthorize.Result); var claims = await this.jWTProvider.GetValidClaims(isAuthorize.Result, userRoles, userClaims); var token = this.jWTProvider.GenerateToken(claims, isValidClient.Result.JWTAudienceCategory); var refreshToken = await this.refreshTokenProvider.GenerateRefreshToken(isAuthorize.Result, isValidClient.Result); var bearerToken = new AuthenticationDto() { Id = Guid.Parse(isAuthorize.Result.Id), Email = isAuthorize.Result.Email, Roles = userRoles, Claims = userClaims, Token = token, RefreshToken = refreshToken }; return(bearerToken); }