private async Task<string> GenerateUserToken(ApplicationUser validatedUser)
{
CustomJwtFormat jwt = new CustomJwtFormat("http://jv.com");
var identity = await validatedUser.GenerateUserIdentityAsync(AppUserManager, "password");
Microsoft.Owin.Security.AuthenticationProperties properties = new Microsoft.Owin.Security.AuthenticationProperties();
properties.IssuedUtc = DateTime.Now.ToUniversalTime();
properties.ExpiresUtc = DateTime.Now.AddMinutes(5).ToUniversalTime();
return jwt.Protect(new Microsoft.Owin.Security.AuthenticationTicket(identity, properties));
}
private async Task <string> GenerateUserToken(ApplicationUser validatedUser)
{
CustomJwtFormat jwt = new CustomJwtFormat("http://jv.com");
var identity = await validatedUser.GenerateUserIdentityAsync(AppUserManager, "password");
Microsoft.Owin.Security.AuthenticationProperties properties = new Microsoft.Owin.Security.AuthenticationProperties();
properties.IssuedUtc = DateTime.Now.ToUniversalTime();
properties.ExpiresUtc = DateTime.Now.AddMinutes(5).ToUniversalTime();
return(jwt.Protect(new Microsoft.Owin.Security.AuthenticationTicket(identity, properties)));
}
private JObject GenerateLocalAccessTokenResponse(string userName, List <string> roleList, string clientId)
{
var tokenExpirationMinutes = Helper.GetTokenExpirationMinutes();
var tokenExpiration = TimeSpan.FromMinutes(tokenExpirationMinutes);
var ticket = Helper.GetJwtAuthenticationTicket(userName, roleList, clientId);
var customJwtFormat = new CustomJwtFormat(_tokenIssuer);
var accessToken = customJwtFormat.Protect(ticket);
JObject tokenResponse = new JObject(
new JProperty("userName", userName),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", tokenExpiration.TotalSeconds.ToString()),
new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()),
new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString())
);
return(tokenResponse);
}
/// <summary>
/// Generate a valid token for a user from controller
/// </summary>
/// <param name="user">The logged in user</param>
/// <returns></returns>
protected async Task <JObject> GenerateLocalAccessToken(PhongTroUser user)
{
var userManager = HttpContext.Current.GetOwinContext().GetUserManager <PhongTroUserManager>();
var validTime = TimeSpan.FromDays(1);
var identity = await userManager.CreateIdentityAsync(user, JWTAuthenticationType);
var jwtFormat = new CustomJwtFormat(ConfigurationManager.AppSettings[KeyTokenIssuer]);
var authenticationProperties = new AuthenticationProperties()
{
IssuedUtc = DateTimeOffset.UtcNow,
ExpiresUtc = DateTimeOffset.UtcNow.Add(validTime)
};
var authenticationTicket = new AuthenticationTicket(identity, authenticationProperties);
var token = jwtFormat.Protect(authenticationTicket);
JObject response = new JObject(
new JProperty(KeyResponseToken, token),
new JProperty(KeyResponseType, TokenType),
new JProperty(KeyResponseExpire, validTime.TotalSeconds.ToString()));
return(response);
}
// GET: Lti
public async Task <ActionResult> LtiEntry()
{
var isLti = Request.IsAuthenticatedWithLti();
if (!isLti)
{
return(null);
}
var ltiRequest = new LtiRequest();
ltiRequest.ParseRequest(Request);
var person = new Person();
try
{
person = await _userRepo.ProcessLtiUser(ltiRequest);
}
catch (InvalidEmailException ex)
{
ViewBag.Error = ex.Message + "\n\n Please update your email address in both the LMS and AU Portal to use ECAT.";
return(View());
}
catch (UserUpdateException) {
ViewBag.Error = "There was an error updating your account with the information from the LMS. Please try again.";
return(View());
}
var token = new IdToken
{
TokenExpire = DateTime.Now.Add(TimeSpan.FromHours(24)),
TokenExpireWarning = DateTime.Now.Add(TimeSpan.FromHours(23)),
LastName = person.LastName,
FirstName = person.FirstName,
Email = person.Email,
MpAffiliation = person.MpAffiliation,
MpComponent = person.MpComponent,
MpPaygrade = person.MpPaygrade,
MpGender = person.MpGender,
MpInstituteRole = person.MpInstituteRole,
RegistrationComplete = person.RegistrationComplete,
PersonId = person.PersonId
};
var identity = UserAuthToken.GetClaimId;
identity.AddClaim(new Claim(ClaimTypes.PrimarySid, token.PersonId.ToString()));
switch (person.MpInstituteRole)
{
case MpInstituteRoleId.Faculty:
//person.Faculty = null;
identity.AddClaim(new Claim(ClaimTypes.Role, RoleMap.Faculty.ToString()));
if (person.Faculty.IsCourseAdmin)
{
identity.AddClaim(new Claim(ClaimTypes.Role, MpInstituteRole.ISA));
}
else
{
identity.AddClaim(new Claim(ClaimTypes.Role, MpInstituteRole.notISA));
}
break;
case MpInstituteRoleId.Student:
identity.AddClaim(new Claim(ClaimTypes.Role, RoleMap.Student.ToString()));
break;
default:
identity.AddClaim(new Claim(ClaimTypes.Role, RoleMap.External.ToString()));
break;
}
var ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
ticket.Properties.IssuedUtc = DateTime.Now;
ticket.Properties.ExpiresUtc = DateTime.Now.AddHours(24);
//token.AuthToken = AuthServerOptions.OabOpts.AccessTokenFormat.Protect(ticket);
var format = new CustomJwtFormat(ConfigurationManager.AppSettings["issuer"]);
token.AuthToken = format.Protect(ticket);
ViewBag.User = JsonConvert.SerializeObject(token, Formatting.None,
new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver(),
ReferenceLoopHandling = ReferenceLoopHandling.Ignore,
});
return(View());
}