public async Task <ActionResult <string> > AuthorizeAsync(AuthorizationRequest request)
{
var authorizationResult = await _authorizationService.Authorize(request.User, request.Password);
return(authorizationResult switch
{
AuthorizationFail _ =>
BadRequest("Bad credentials"),
AuthorizationSuccess authorizationSuccess
=> authorizationSuccess.Token,
_ => throw new NotImplementedException(nameof(AuthorizationResult))
});
/// <summary>
/// Handles incoming messages from EBS.
/// </summary>
private void EBSOnMessage(object sender, MessageEventArgs e)
{
if (!e.IsText)
{
return;
}
logger.Debug(new LogReceivedMessage {
Message = e.Data, Session = EBS_SESSION
}.ToJson());
string msgType = null;
try
{
var msg = JObject.Parse(e.Data);
msgType = msg["type"].ToObject <string>();
switch (msgType)
{
case "Authorization.Success":
// successful authorization
OnAuthorizationSuccess(AuthorizationSuccess.FromJson(e.Data));
break;
case "PollError":
// Poll request got canceled
var pollError = PollError.FromJson(e.Data);
logger.Warn(new LogPollAbortedEBS {
Reason = pollError.Reason
}.ToJson());
pollActive = false;
SendMessage(Subscribers, new PollStopped().ToJson());
break;
case "PollResult":
// poll results
OnPollResult(PollResult.FromJson(e.Data));
pollActive = false;
SendMessage(Subscribers, new PollStopped().ToJson());
break;
case "PollStarted":
// poll successfully started from request
pollActive = true;
SendMessage(Subscribers, new PollStarted().ToJson());
break;
default:
logger.Warn(new LogReceivedUnknownMessageType
{
MessageType = msgType,
Session = EBS_SESSION
}.ToJson());
break;
}
}
catch (Exception ex)
{
logger.Error(new LogMessageHandlingError
{
Exception = ex,
MessageType = msgType,
Session = EBS_SESSION
}.ToJson());
}
}
public async Task <AuthorizationResult> Authorize(string userName, string password)
{
var tokenHandler = new JwtSecurityTokenHandler();
var user = await _usersRolesService.GetUser(userName);
if (user is null)
{
return(new AuthorizationFail());
}
if (user.Password != password)
{
return(new AuthorizationFail());
}
var roles = user.GetRoles();
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, user.Id)
};
foreach (var role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role.Id));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Audience = JwtShared.Audience,
Issuer = JwtShared.Issuer,
Subject = new ClaimsIdentity(claims.ToArray()),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(JwtShared.SecurityKey, SecurityAlgorithms.HmacSha256Signature)
};
SecurityToken token;
try
{
token = tokenHandler.CreateToken(tokenDescriptor);
}
catch (Exception e)
{
_logger.LogCritical(e.ToString());
throw;
}
string tokenString;
try
{
tokenString = tokenHandler.WriteToken(token);
}
catch (Exception e)
{
_logger.LogCritical(e.ToString());
throw;
}
var result = new AuthorizationSuccess(tokenString);
return(result);
}
