public async Task <IActionResult> Login([FromBody] LoginUserCommand command)
{
var result = _handler.Handle(command);
if (result.Success == true)
{
var userClaimsList = (List <string>)result.Data;
var user = _repository.GetByLogin(command.UserName);
var token = new JwtGenerator(_appSettings).GenerateToken(result, userClaimsList);
var tokenResult = new TokenResult()
{
Token = token, LoggedSuccessful = true, UserName = user.Name.ToString(), UserEmail = user.Email.EmailAddress, UserId = user.Id.ToString()
};
return(await Response(new BaseCommandResult(true, "Logged with Success.", tokenResult))); //Do Not need to Jsonfy it, so I'll return the Own Result
}
return(await Response(new BaseCommandResult(false, "Username or Password invalid.", null))); //Do Not need to Jsonfy it, so I'll return the Own Result
}
public async Task <IActionResult> SecureLogin(LoginModel model)
{
var user = await _userManager.FindByNameAsync(model.Username);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
var role = await _userManager.GetRolesAsync(user);
var crypto = new VirgilCrypto();
var appKey = crypto.ImportPrivateKey(Bytes.FromString(_appsettings.APPKEYBASE64, StringEncoding.BASE64), _appsettings.APP_KEY_PASSWORD.ToString());
var accessTokenSigner = new VirgilAccessTokenSigner();
var jwtGenerator = new JwtGenerator(_appsettings.APP_ID, appKey, _appsettings.APP_KEY_ID, TimeSpan.FromMinutes(5), accessTokenSigner);
var token = jwtGenerator.GenerateToken(user.Id).ToString() + jwtGenerator.GenerateToken(user.UserName).ToString() + jwtGenerator.GenerateToken(role.FirstOrDefault()).ToString();
return(Ok(new { token }));
}
return(BadRequest(new { message = "Username or Password is Incorrect" }));
}
public GenerateAuthorizationResponse(
IAuthorizationCodeStore authorizationCodeStore,
ITokenStore tokenStore,
IScopeRepository scopeRepository,
IClientStore clientStore,
IConsentRepository consentRepository,
IJwksStore jwksStore,
IEventPublisher eventPublisher,
ILogger logger)
{
_authorizationCodeStore = authorizationCodeStore;
_tokenStore = tokenStore;
_jwtGenerator = new JwtGenerator(clientStore, scopeRepository, jwksStore, logger);
_eventPublisher = eventPublisher;
_clientStore = clientStore;
_consentRepository = consentRepository;
_jwksStore = jwksStore;
}
public void IssuedToken_WithInvalidValues_FailsValidation()
{
using (var variables = new TestScopedEnvironmentVariable(Constants.AzureWebsiteLocalEncryptionKey, TestKeyValue))
{
var token = JwtGenerator.GenerateToken("testissuer", "testaudience");
var testParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TestKeyValue)),
ValidateIssuer = true,
ValidateAudience = true
};
bool result = JwtGenerator.IsTokenValid(token, testParameters);
Assert.False(result);
}
}
public async Task <ActionResult <User> > Login([FromBody] AuthModel model)
{
if (ModelState.IsValid)
{
var result =
await _signInManager.PasswordSignInAsync(model.Login, model.Password, false, false);
if (result.Succeeded)
{
return(Ok(JwtGenerator.GenerateJwt(await _userManager.FindByNameAsync(model.Login))));
}
else
{
ModelState.AddModelError("", "Неправильный логин и (или) пароль");
}
}
return(BadRequest(ModelState));
}
public IActionResult ResetPassword(Login login)
{
try
{
User user = Authentification.UserLink(login.Username);
string token = JwtGenerator.GenerateJSONWebToken(user.Id);
Response.Headers.Add("Token", token);
Uri domain = new Uri(Request.GetDisplayUrl());
Uri uri = new Uri(domain.Scheme + "://" + domain.Host + (domain.IsDefaultPort ? "" : ":" + domain.Port));
string url = uri.ToString();
EmailManager.SendEmail(user, token, url);
return(Ok());
}
catch
{
return(BadRequest());
}
}
public async Task <AuthenticatedUser> SignIn(User user)
{
var dbUser = await _context.Users
.FirstOrDefaultAsync(u => u.Email == user.Email);
if (dbUser == null || _passwordHasher.VerifyHashedPassword(dbUser.Password, user.Password) == PasswordVerificationResult.Failed)
{
throw new InvalidEmailPasswordException("Invalid Username or Password");
}
return(new AuthenticatedUser
{
Token = JwtGenerator.GenerateUserToken(user.Email),
Email = user.Email,
Password = user.Password,
Name = dbUser.Name
});
}
/// <summary>
/// logging into a user's account
/// </summary>
/// <param name="user"></param>
/// <returns> user's username, JWT token, their ID </returns>
public async Task <AuthenticatedUser> SignIn(Strength.DB.User user)
{
// finding user in the database
var dbUser = await _context.Users
.FirstOrDefaultAsync(u => u.Email == user.Email);
// checking if user was found and if given password matches password in the database
if (dbUser == null || _passwordHasher.VerifyHashedPassword(dbUser.Password, user.Password) == PasswordVerificationResult.Failed)
{
throw new InvalidUsernamePasswordException("Invalid username or password");
}
return(new AuthenticatedUser
{
Username = dbUser.Username,
Token = JwtGenerator.GenerateUserToken(dbUser.Username),
Id = dbUser.Id
});
}
public void GeneratedToken_ContainsExpectedClaims()
{
using (var variables = new TestScopedEnvironmentVariable(Constants.AzureWebsiteLocalEncryptionKey, TestKeyValue))
{
var issuer = "testissuer";
var audience = "testaudience";
var expiration = new DateTime(2017, 1, 1, 0, 0, 0, DateTimeKind.Utc);
var notBefore = expiration.AddSeconds(-10);
var token = JwtGenerator.GenerateToken(issuer, audience, notBefore, expiration);
var jwt = new JwtSecurityToken(token);
Assert.Equal(issuer, jwt.Issuer);
Assert.Equal(audience, jwt.Audiences.First());
Assert.Equal(expiration, jwt.ValidTo);
Assert.Equal(notBefore, jwt.ValidFrom);
}
}
public void Setup()
{
_configuration = new JwtConfiguration
{
TokenKey = "qwertzuiopaasdfghjklxcvbnm",
Audience = "audience",
Issuer = "issuer",
AccessTokenExpiryInMinutes = 60
};
_userManager = new FakeUserManager();
_httpContextAccessor = Substitute.For <IHttpContextAccessor>();
_arpaContext = Substitute.For <IArpaContext>();
_jwtGenerator = new JwtGenerator(
_configuration,
_userManager,
_arpaContext,
_httpContextAccessor,
new FakeDateTimeProvider());
}
public void TestSingleAcl()
{
var expected = @"{""paths"":{""/*/users/**"":{}}}";
var acls = new Acls
{
Paths = new List <AclPath>
{
new AclPath
{
ApiVersion = "*", ResourceType = "users", Resource = "**", AccessLevels = new object()
}
}
};
var generator = new JwtGenerator(_mockAppId, _mockPKCS1, acls);
var jwt = generator.GenerateJwt();
var decoded = JsonConvert.DeserializeObject <JObject>(generator.DecodeJwt(jwt));
Assert.Equal(_mockAppId, decoded["application_id"].ToString());
Assert.Equal(expected, Regex.Replace(decoded["acls"].ToString(), @"\s+", ""));
}
static AuthenticationService()
{
NewtonsoftJsonSerializer njs = new NewtonsoftJsonSerializer();
var config = njs.Deserialize <Config>(File.ReadAllText(@"appsettings.json"));
var apiKeyBase64 = config.API_KEY;
var privateKeyData = Bytes.FromString(apiKeyBase64, StringEncoding.BASE64);
var crypto = new VirgilCrypto();
var apiKey = crypto.ImportPrivateKey(privateKeyData);
var accessTokenSigner = new VirgilAccessTokenSigner();
var appId = config.APP_ID;
var apiKeyId = config.API_KEY_ID;
var ttl = TimeSpan.FromHours(1); // 1 hour (JWT's lifetime)
_jwtGenerator = new JwtGenerator(appId, apiKey, apiKeyId, ttl, accessTokenSigner);
_authTokens = new Dictionary <string, string>();
}
public async Task <IActionResult> Login(LoginModel model)
{
var user = await _userManager.FindByNameAsync(model.Username);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
var role = await _userManager.GetRolesAsync(user);
IdentityOptions _options = new IdentityOptions();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("UserID", user.Id.ToString()),
new Claim("Username", user.UserName.ToString()),
new Claim(_options.ClaimsIdentity.RoleClaimType, role.FirstOrDefault())
}),
Expires = DateTime.UtcNow.AddMinutes(5),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appsettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
var SecureRole = await _userManager.GetRolesAsync(user);
var crypto = new VirgilCrypto();
var appKey = crypto.ImportPrivateKey(Bytes.FromString(_appsettings.APPKEYBASE64, StringEncoding.BASE64), _appsettings.APP_KEY_PASSWORD.ToString());
var accessTokenSigner = new VirgilAccessTokenSigner();
var jwtGenerator = new JwtGenerator(_appsettings.APP_ID, appKey, _appsettings.APP_KEY_ID, TimeSpan.FromMinutes(5), accessTokenSigner);
var SecureToken = jwtGenerator.GenerateToken(user.Id).ToString() + jwtGenerator.GenerateToken(user.UserName).ToString() + jwtGenerator.GenerateToken(role.FirstOrDefault()).ToString();
return(Ok(new { token, SecureToken, user.Id, user.UserName, user.Email }));
}
else
{
return(BadRequest(new { message = "Username or Password is Incorrect" }));
}
}
public string ChangeUsername(string username)
{
// finding user in the database
var dbUser = _context.Users
.FirstOrDefault(u => u.Id == _user.Id);
// checking if user was found and verifying his password
if (dbUser == null)
{
throw new DoesNotMatchIdException("User not found");
}
if (_context.Users.Any(u => u.Username == username)){
throw new UsernameAlreadyExistsException("This username is taken. Try another one.");
}
dbUser.Username = username;
_context.SaveChanges();
return JwtGenerator.GenerateUserToken(username);
}
public IActionResult Login([FromBody] LoginModel login)
{
if (!this._userService.Verify(login.Account, login.Password))
{
return(Unauthorized());
}
var claims = new List <Claim>
{
new Claim("rol", "Admin"),
new Claim("nam", login.Account)
};
var token = JwtGenerator.GeneratorToken(_config["Jwt:Issuer"], _config["Jwt:Issuer"], _config["Jwt:Key"],
SecurityAlgorithms.HmacSha256, claims, 30);
return(Ok(
new
{
token = token
}));
}
private string CreateClientAssertion()
{
var tokenEndpoint = _settings.Authority + "connect/token";
var certificate = CertificateStore.GetCertificateByThumbprint(_settings.Thumbprint);
var securityKey = new X509SecurityKey(certificate);
var extraClaims = new Dictionary <string, string>();
extraClaims.Add("helseid://client/claims/orgnr_child_description", "a child description");
var assertion = JwtGenerator.Generate(
_settings.ClientIdActorClient,
tokenEndpoint,
extraClaims,
new TimeSpan(0, 1, 0),
JwtGenerator.SigningMethod.X509EnterpriseSecurityKey,
securityKey,
SecurityAlgorithms.RsaSha512);
return(assertion);
}
private IActionResult ProcessPayload(JwtPayload payload)
{
// generate token
String token = JwtGenerator.GetToken(payload, Config.Authorization.Secret, Config.Authorization.ExpirationShift);
if (String.IsNullOrWhiteSpace(token))
{
LoggerBundle.Warn("JWT token generation failed: empty token");
return(StatusCode((Int32)HttpStatusCode.InternalServerError));
}
return(Ok(new Dictionary <String, String>
{
{
"token", token
}
,
{
"expires", payload.Exp.ToString(CultureInfo.InvariantCulture)
}
}));
}
public async Task <AuthenticatedUser> SignUp(User user)
{
var checkUser = await _context.Users
.FirstOrDefaultAsync(u => u.Email.Equals(user.Email));
if (checkUser != null)
{
throw new EmailAlreadyExistsException("Email Already Exists");
}
user.Password = _passwordHasher.HashPassword(user.Password);
await _context.AddAsync(user);
await _context.SaveChangesAsync();
return(new AuthenticatedUser
{
Token = JwtGenerator.GenerateUserToken(user.Email),
Email = user.Email,
Password = user.Password,
Name = user.Name
});
}
public async Task <ActionResult <string> > Entrar([FromBody] LoginUserViewModel loginVM)
{
if (!ModelState.IsValid)
{
return(CustomResponse(ModelState));
}
var result = await _signInManager.PasswordSignInAsync(loginVM.Email, loginVM.Password, false, true);
if (result.Succeeded)
{
LoginResponseViewModel token = await JwtGenerator.GerarToken(loginVM.Email, _appSettings, _userManager);
return(CustomResponse(token));
}
if (result.IsLockedOut)
{
return(CustomErrorResponse("Usuário temporiariamente bloqueado por ter feito várias tentativas de entrada inválidas!"));
}
return(CustomErrorResponse("Usuário ou senha incorretos! Tente novamente."));
}
public static Task <string> EmulateServerResponseToBuildTokenRequest(TokenContext tokenContext, double lifeTimeMin = 10)
{
var serverResponse = Task <string> .Factory.StartNew(() =>
{
Thread.Sleep(1000); // simulation of long-term processing
var data = new Dictionary <object, object>
{
{ "username", "my_username" }
};
var builder = new JwtGenerator(
AppSettings.AppId,
ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(lifeTimeMin),
new VirgilAccessTokenSigner()
);
var identity = SomeHash(tokenContext.Identity);
return(builder.GenerateToken(identity, data).ToString());
}
);
return(serverResponse);
}
public UmaTokenActions(
ITicketStore ticketStore,
RuntimeSettings configurationService,
IClientStore clientStore,
IScopeStore scopeRepository,
ITokenStore tokenStore,
IResourceSetRepository resourceSetRepository,
IJwksStore jwksStore,
IEventPublisher eventPublisher,
ILogger logger)
{
_ticketStore = ticketStore;
_configurationService = configurationService;
_authorizationPolicyValidator = new AuthorizationPolicyValidator(
jwksStore,
resourceSetRepository,
eventPublisher);
_authenticateClient = new AuthenticateClient(clientStore, jwksStore);
_jwtGenerator = new JwtGenerator(clientStore, scopeRepository, jwksStore, logger);
_tokenStore = tokenStore;
_eventPublisher = eventPublisher;
_logger = logger;
}
public async System.Threading.Tasks.Task Prepair_TestDataAsync()
{
var model = faker.PredefinedRawSignedModel();
var fullModel = faker.PredefinedRawSignedModel(
"a666318071274adb738af3f67b8c7ec29d954de2cabfd71a942e6ea38e59fff9",
true, true, true);
var data = new Dictionary <string, string>
{
{ "STC-1.as_string", model.ExportAsString() },
{ "STC-1.as_json", model.ExportAsJson() },
{ "STC-2.as_string", fullModel.ExportAsString() },
{ "STC-2.as_json", fullModel.ExportAsJson() }
};
var cardManager = faker.CardManager();
var card = cardManager.ImportCardFromString(model.ExportAsString());
var crypto = new VirgilCrypto();
data.Add("STC-3.as_string", cardManager.ExportCardAsString(card));
data.Add("STC-3.as_json", cardManager.ExportCardAsJson(card));
data.Add("STC-3.card_id", card.Id);
data.Add("STC-3.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(card.PublicKey), StringEncoding.BASE64));
fullModel = faker.PredefinedRawSignedModel(null, true, true, true);
var fullCard = cardManager.ImportCardFromString(fullModel.ExportAsString());
data.Add("STC-4.as_string", cardManager.ExportCardAsString(fullCard));
data.Add("STC-4.as_json", cardManager.ExportCardAsJson(fullCard));
data.Add("STC-4.card_id", fullCard.Id);
data.Add("STC-4.public_key_base64", Bytes.ToString(crypto.ExportPublicKey(fullCard.PublicKey),
StringEncoding.BASE64));
foreach (var signature in fullCard.Signatures)
{
data.Add($"STC-4.signature_{signature.Signer}_base64", Bytes.ToString(signature.Signature,
StringEncoding.BASE64));
}
string apiPublicKeyId;
string apiPublicKeyBase64;
var(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromMinutes(10),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-22.jwt", token.ToString());
data.Add("STC-22.api_public_key_base64", apiPublicKeyBase64);
data.Add("STC-22.api_key_id", apiPublicKeyId);
data.Add("STC-23.api_public_key_base64", apiPublicKeyBase64);
data.Add("STC-23.api_key_id", apiPublicKeyId);
data.Add("STC-23.app_id", jwtGenerator.AppId);
data.Add("STC-23.api_private_key_base64", Bytes.ToString(
crypto.ExportPrivateKey(jwtGenerator.ApiKey), StringEncoding.BASE64));
// STC-10
var cardKeyPair = crypto.GenerateKeys();
var cardIdentity = faker.Random.AlphaNumeric(10);
var rawCardContent1 = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = cardIdentity,
PublicKey = crypto.ExportPublicKey(cardKeyPair.PublicKey),
Version = "5.0",
};
var rawSignedModel = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent1)
};
var signer = new ModelSigner(new VirgilCardCrypto());
signer.SelfSign(rawSignedModel, cardKeyPair.PrivateKey);
var keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "extra"
});
data.Add("STC-10.private_key1_base64", Bytes.ToString(
crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));
var accessTokenGenerator = new JwtGenerator(
AppSettings.AppId,
IntegrationHelper.ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(10),
new VirgilAccessTokenSigner()
);
var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
accessTokenGenerator.GenerateToken(cardIdentity)
);
var validator = new VirgilCardVerifier(new VirgilCardCrypto())
{
VerifySelfSignature = true, VerifyVirgilSignature = true
};
validator.ChangeServiceCreds(AppSettings.ServicePublicKeyDerBase64);
var manager = new CardManager(new CardManagerParams()
{
CardCrypto = new VirgilCardCrypto(),
AccessTokenProvider = accessTokenProvider,
ApiUrl = AppSettings.CardsServiceAddress,
Verifier = validator
});
card = await manager.PublishCardAsync(rawSignedModel);
data.Add("STC-10.as_string", manager.ExportCardAsString(card));
// STC - 11
rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
data.Add("STC-11.as_string", rawSignedModel.ExportAsString());
// STC - 12
rawSignedModel = faker.PredefinedRawSignedModel(null, true, false, false);
data.Add("STC-12.as_string", rawSignedModel.ExportAsString());
// STC - 14
rawSignedModel = faker.PredefinedRawSignedModel(null, false, true, false);
data.Add("STC-14.as_string", rawSignedModel.ExportAsString());
// STC - 15
rawSignedModel = faker.PredefinedRawSignedModel(null, false, false, false);
keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "self"
});
data.Add("STC-15.as_string", rawSignedModel.ExportAsString());
// STC - 16
rawSignedModel = faker.PredefinedRawSignedModel(null, true, true, false);
keyPair = crypto.GenerateKeys();
signer.Sign(rawSignedModel, new SignParams()
{
SignerPrivateKey = keyPair.PrivateKey,
Signer = "extra"
});
data.Add("STC-16.as_string", rawSignedModel.ExportAsString());
data.Add("STC-16.public_key1_base64", Bytes.ToString(
crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));
// STC - 28
(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromMinutes(2),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-28.jwt", token.ToString());
data.Add("STC-28.jwt_identity", token.BodyContent.Identity);
data.Add("STC-28.jwt_app_id", token.BodyContent.AppId);
data.Add("STC-28.jw_issuer", token.BodyContent.Issuer);
data.Add("STC-28.jwt_subject", token.BodyContent.Subject);
data.Add("STC-28.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
data.Add("STC-28.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
data.Add("STC-28.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
data.Add("STC-28.jwt_algorithm", token.HeaderContent.Algorithm);
data.Add("STC-28.jwt_api_key_id", token.HeaderContent.KeyId);
data.Add("STC-28.jwt_content_type", token.HeaderContent.ContentType);
data.Add("STC-28.jwt_type", token.HeaderContent.Type);
data.Add("STC-28.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));
// STC - 29
(token, jwtGenerator) = faker.PredefinedToken(
new VirgilAccessTokenSigner(),
TimeSpan.FromDays(365),
out apiPublicKeyId,
out apiPublicKeyBase64);
data.Add("STC-29.jwt", token.ToString());
data.Add("STC-29.jwt_identity", token.BodyContent.Identity);
data.Add("STC-29.jwt_app_id", token.BodyContent.AppId);
data.Add("STC-29.jw_issuer", token.BodyContent.Issuer);
data.Add("STC-29.jwt_subject", token.BodyContent.Subject);
data.Add("STC-29.jwt_additional_data", Configuration.Serializer.Serialize(token.BodyContent.AdditionalData));
data.Add("STC-29.jwt_expires_at", Configuration.Serializer.Serialize(token.BodyContent.ExpiresAt));
data.Add("STC-29.jwt_issued_at", Configuration.Serializer.Serialize(token.BodyContent.IssuedAt));
data.Add("STC-29.jwt_algorithm", token.HeaderContent.Algorithm);
data.Add("STC-29.jwt_api_key_id", token.HeaderContent.KeyId);
data.Add("STC-29.jwt_content_type", token.HeaderContent.ContentType);
data.Add("STC-29.jwt_type", token.HeaderContent.Type);
data.Add("STC-29.jwt_signature_base64", Bytes.ToString(token.SignatureData, StringEncoding.BASE64));
// STC - 34
keyPair = crypto.GenerateKeys();
var rawCardContent = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = "test",
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0"
};
model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
signer.SelfSign(
model, keyPair.PrivateKey, new Dictionary <string, string>()
{
{ "info", "some_additional_info" }
}
);
data.Add("STC-34.private_key_base64", Bytes.ToString(
crypto.ExportPrivateKey(keyPair.PrivateKey), StringEncoding.BASE64));
data.Add("STC-34.public_key_base64", Bytes.ToString(
crypto.ExportPublicKey(keyPair.PublicKey), StringEncoding.BASE64));
data.Add("STC-34.self_signature_snapshot_base64",
Bytes.ToString(model.Signatures.First().Snapshot, StringEncoding.BASE64));
data.Add("STC-34.content_snapshot_base64",
Bytes.ToString(
SnapshotUtils.TakeSnapshot(rawCardContent), StringEncoding.BASE64));
data.Add("STC-34.as_string", model.ExportAsString());
System.IO.File.WriteAllText(AppSettings.OutputTestDataPath,
Configuration.Serializer.Serialize(data));
}
public AuthService(IAuthDbService authDbService, IUserDbService <TUserModel> userService, JwtGenerator jwtGenerator, IMapper mapper)
{
_authDbService = authDbService ?? throw new ProjectArgumentException(
GetType(),
nameof(AuthService <TUserModel>),
nameof(authDbService),
null);
_userDbService = userService ?? throw new ProjectArgumentException(
GetType(),
nameof(AuthService <TUserModel>),
nameof(userService),
null);
_jwtGenerator = jwtGenerator ?? throw new ProjectArgumentException(
GetType(),
nameof(AuthService <TUserModel>),
nameof(jwtGenerator),
null);
_mapper = mapper ?? throw new ProjectArgumentException(
GetType(),
nameof(AuthService <TUserModel>),
nameof(mapper),
null);
}
/// <summary>
/// creating a new account
/// </summary>
/// <param name="user"></param>
/// <returns> their username, JWT token and ID </returns>
public async Task <AuthenticatedUser> SignUp(Strength.DB.User user)
{
// checking if username exists
var checkUser = await _context.Users
.FirstOrDefaultAsync(u => u.Username.Equals(user.Username) || u.Email.Equals(user.Email));
if (checkUser != null)
{
if (checkUser.Username == user.Username)
{
throw new UsernameAlreadyExistsException("Username already exists");
}
else
{
throw new EmailAlreadyExistsException("Email already exists");
}
}
// checking if email is legitimate
bool isEmail = Regex.IsMatch(user.Email, @"\A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)\Z", RegexOptions.IgnoreCase);
if (!isEmail)
{
throw new Exception("Invalid email");
}
// checking if password is strong enough
var regexPasswordCheck = @"^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.{8,})";
Match match = Regex.Match(user.Password, regexPasswordCheck);
if (!match.Success)
{
throw new Exception("Password is too weak");
}
// hashing password
user.Password = _passwordHasher.HashPassword(user.Password);
// generating random ID
Random ran = new Random();
string id = ran.Next(100, 2048).ToString();
Int64 unixTimestamp = (Int64)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
id += unixTimestamp.ToString();
for (int i = 0; i < 2; i++)
{
id += ran.Next(1000, 3048).ToString();
}
byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(id);
// assigning generated ID
user.Id = Convert.ToBase64String(toEncodeAsBytes);
// save changes
await _context.AddAsync(user);
await _context.SaveChangesAsync();
return(new AuthenticatedUser
{
Username = user.Username,
Token = JwtGenerator.GenerateUserToken(user.Username),
Id = user.Id
});
}
public RegisterUserCommandHandler(ILogger <RegisterUserCommandHandler> logger, IUserRepository users, JwtGenerator jwtGenerator)
{
_jwtGenerator = jwtGenerator;
_users = users;
_logger = logger;
}
public UserController(UserManager <IdentityUser> userManager, IOptions <JwtConfig> jwtConfig, JwtGenerator jwtGenerator)
{
_userManager = userManager;
_jwtConfig = jwtConfig.Value;
_jwtGenerator = jwtGenerator;
}
public DifferencesQuery(
IUserService userService,
IQuestionService questionService,
ILikeRecordService likeRecordService,
IOptions <JwtConfig> options)
{
Name = "DifferencesQuery";
#region User
FieldAsync <ListGraphType <UserType> >(
"topUsers",
resolve: context => userService.GetTopReputationUsers(1));
FieldAsync <AuthResponseType>(
"auth",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <StringGraphType> > {
Name = "type"
},
new QueryArgument <NonNullGraphType <StringGraphType> > {
Name = "code"
}),
resolve: context =>
{
try
{
var type = context.GetArgument <string>("type");
var code = context.GetArgument <string>("code");
var user = userService.GetUser(type, code);
return(new UserWithTokenModel
{
User = user,
AccessToken = JwtGenerator.Generate(options.Value, user)
});
}
catch (DefinedException ex)
{
context.Errors.Add(ex);
return(null);
}
});
#endregion
#region Question
FieldAsync <ListGraphType <QuestionType> >(
"questions",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <CriteriaInputType> > {
Name = "criteria"
}
),
resolve: context =>
{
var criteria = context.GetArgument <CriteriaModel>("criteria");
return(questionService.GetQuestionsByCriteria(criteria));
});
FieldAsync <IntGraphType>(
"questionCount",
arguments: new QueryArguments(new QueryArgument <NonNullGraphType <CriteriaInputType> > {
Name = "criteria"
}),
resolve: context =>
{
var criteria = context.GetArgument <CriteriaModel>("criteria");
return(questionService.GetQuestionCountByCriteria(criteria));
});
FieldAsync <QuestionType>(
"question",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <IntGraphType> > {
Name = "id"
}
),
resolve: context =>
{
var questionId = context.GetArgument <int>("id");
return(questionService.GetQuestion(questionId));
});
FieldAsync <ListGraphType <AnswerType> >(
"questionAnswers",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <IntGraphType> > {
Name = "questionId"
}
),
resolve: context =>
{
var questionId = context.GetArgument <int>("questionId");
return(questionService.GetAnswersByQuestionId(questionId));
});
FieldAsync <ListGraphType <AnswerLikeType> >(
"answerLikedByQuestion",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <IntGraphType> > {
Name = "questionId"
}
),
resolve: context =>
{
var questionId = context.GetArgument <int>("questionId");
return(likeRecordService.GetRecordsByQuestion(questionId));
});
FieldAsync <AnswerLikeType>(
"answerLikedByAnswer",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <IntGraphType> > {
Name = "answerId"
}
),
resolve: context =>
{
var answerId = context.GetArgument <int>("answerId");
return(likeRecordService.GetRecordByAnswer(answerId));
});
#endregion
FieldAsync <ListGraphType <CategoryGroupType> >(
"categoryDefinition",
resolve: context => CategoryDefinition.CategoryGroups);
}
public void CardManager_Should_RaiseExceptionIfGetsCardWithDifferentId()
{
// STC-34
var verifier = Substitute.For <ICardVerifier>();
verifier.VerifyCard(Arg.Any <Card>()).Returns(true);
var crypto = new VirgilCrypto();
var keyPair = faker.PredefinedKeyPair();
var rawCardContent = new RawCardContent()
{
CreatedAt = DateTime.UtcNow,
Identity = "test",
PublicKey = crypto.ExportPublicKey(keyPair.PublicKey),
Version = "5.0"
};
var model = new RawSignedModel()
{
ContentSnapshot = SnapshotUtils.TakeSnapshot(rawCardContent)
};
var signer = new ModelSigner(new VirgilCardCrypto());
signer.SelfSign(
model, keyPair.PrivateKey, new Dictionary <string, string>()
{
{ "info", "some_additional_info" }
}
);
var signCallBack = Substitute.For <Func <RawSignedModel, Task <RawSignedModel> > >();
signCallBack.Invoke(Arg.Any <RawSignedModel>()).Returns(args => (RawSignedModel)args[0]);
var jwtGenerator = new JwtGenerator(
AppSettings.AppId,
IntegrationHelper.ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(10),
new VirgilAccessTokenSigner()
);
var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
var identity = faker.Random.AlphaNumeric(20);
var token = jwtGenerator.GenerateToken(identity);
accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
token
);
var cardId = faker.CardId();
var client = Substitute.For <ICardClient>();
Func <Task <Tuple <RawSignedModel, bool> > > stub = async() =>
{
return(new Tuple <RawSignedModel, bool>(model, false));
};
client.GetCardAsync(Arg.Any <string>(), Arg.Any <string>()).Returns(stub.Invoke());
var manager = new CardManager(new CardManagerParams()
{
CardCrypto = new VirgilCardCrypto(),
AccessTokenProvider = accessTokenProvider,
SignCallBack = signCallBack,
Verifier = verifier,
ApiUrl = AppSettings.CardsServiceAddress
}
)
{
Client = client
};
Assert.ThrowsAsync <CardVerificationException>(async() => await manager.GetCardAsync(cardId));
}
public async Task <Response <AuthResponseDto> > Login(AuthRequestDto authRequestDto)
{
AuthRequestEntities authRequest = _mapper.Map <AuthRequestEntities>(authRequestDto);
var response = new Response <AuthResponseDto>();
string todo = null;
try
{
if (authRequestDto == null)
{
response.IsSuccess = false;
response.IsWarning = true;
response.CodigoError = "0";
response.Message = "Envio de parametros inválido,intente denuevo.";
return(response);
}
else if (string.IsNullOrEmpty(authRequestDto.Username) ||
string.IsNullOrEmpty(authRequestDto.Password))
{
response.IsSuccess = false;
response.IsWarning = true;
response.CodigoError = "0";
response.Message = "Envio de parametros inválido,intente denuevo.";
return(response);
}
//valida el usuario y password
var responseData = await _usuarioDomain.Login(authRequest);
response.Data = _mapper.Map <AuthResponseDto>(responseData);
var ver = Convert.ToInt32(todo);
if (response.Data == null)
{
response.IsSuccess = false;
response.IsWarning = true;
response.CodigoError = "0";
response.Message = "Usuario y/o contraseña incorrecta.";
return(response);
}
else
{
response.Data.Token = JwtGenerator.CreateToken(_configuration,
response.Data.UserName);
response.Message = "Inicio de sesión correctamente.";
//guardar sesion de usuario
var sesion = new SesionUsuarioDto
{
IdUser = response.Data.Id,
Token = response.Data.Token,
DateStart = DateTime.Now,
Status = 1
};
var sesionUsuarioEntities = _mapper.Map <SesionUsuarioEntities>(sesion);
var responseSesion = await _usuarioDomain.GuardarSesion(sesionUsuarioEntities);
}
}
catch (Exception ex)
{
throw ex;
}
return(response);
}
public void CardManager_Should_RaiseExceptionIfGetsInvalidCard()
{
// STC-13
var verifier = Substitute.For <ICardVerifier>();
verifier.VerifyCard(Arg.Any <Card>()).Returns(false);
var signCallBack = Substitute.For <Func <RawSignedModel, Task <RawSignedModel> > >();
signCallBack.Invoke(Arg.Any <RawSignedModel>()).Returns(args => (RawSignedModel)args[0]);
var jwtGenerator = new JwtGenerator(
faker.AppId(),
IntegrationHelper.ApiPrivateKey(),
AppSettings.ApiPublicKeyId,
TimeSpan.FromMinutes(10),
new VirgilAccessTokenSigner()
);
var accessTokenProvider = Substitute.For <IAccessTokenProvider>();
var identity = faker.Random.AlphaNumeric(20);
var token = jwtGenerator.GenerateToken(identity);
accessTokenProvider.GetTokenAsync(Arg.Any <TokenContext>()).Returns(
token
);
var model = faker.PredefinedRawSignedModel(null, true, true, true);
var client = Substitute.For <ICardClient>();
Func <Task <Tuple <RawSignedModel, bool> > > getStub = async() =>
{
return(new Tuple <RawSignedModel, bool>(model, false));
};
Func <Task <RawSignedModel> > publishStub = async() =>
{
return(model);
};
Func <Task <IEnumerable <RawSignedModel> > > searchStub = async() =>
{
return(new List <RawSignedModel>()
{
model
});
};
client.GetCardAsync(Arg.Any <string>(), Arg.Any <string>()).Returns(getStub.Invoke());
client.PublishCardAsync(Arg.Any <RawSignedModel>(), Arg.Any <string>()).Returns(publishStub.Invoke());
client.SearchCardsAsync(Arg.Any <string>(), Arg.Any <string>()).Returns(searchStub.Invoke());
var cardId = faker.CardId();
var searchCardIdentity = faker.Random.AlphaNumeric(20);
var manager = new CardManager(new CardManagerParams()
{
CardCrypto = new VirgilCardCrypto(),
AccessTokenProvider = accessTokenProvider,
SignCallBack = signCallBack,
Verifier = verifier,
ApiUrl = AppSettings.CardsServiceAddress
}
)
{
Client = client
};
Assert.Throws <CardVerificationException>(() => manager.ImportCardFromJson(model.ExportAsJson()));
Assert.Throws <CardVerificationException>(() => manager.ImportCardFromString(model.ExportAsString()));
Assert.ThrowsAsync <CardVerificationException>(async() => await manager.GetCardAsync(cardId));
Assert.ThrowsAsync <CardVerificationException>(async() => await manager.PublishCardAsync(model));
Assert.ThrowsAsync <CardVerificationException>(async() => await manager.SearchCardsAsync(searchCardIdentity));
Assert.Throws <CardVerificationException>(() => manager.ImportCard(model));
}
