public IActionResult Refresh(ResponseTokens refreshCred) { JwtTokenHelper tokenHelper = new JwtTokenHelper(_connection); ResponseTokens token = tokenHelper.Refresh(refreshCred, _secret); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public async Task ReplyWithTokens( ITurnContext turnContext, string templateId, IDictionary <string, string> tokens, object data = null) { BotAssert.ContextNotNull(turnContext); // apply template var manager = new TellTimeResponses(); var activity = await manager.RenderTemplate(turnContext, turnContext.Activity?.AsMessageActivity()?.Locale, templateId, data). ConfigureAwait(false); activity.Text = ResponseTokens.ReplaceToken(activity.Text, tokens); activity.Speak = ResponseTokens.ReplaceToken(activity.Speak, tokens); await turnContext.SendActivityAsync(activity); }
public IActionResult Login([FromBody] LoginModel loginModel) { try { LoginDAO loginDAO = new LoginDAO(_connection); var user = loginDAO.Authenticate(loginModel.Email, loginModel.Password); if (user == null) { return(BadRequest(new ErrorMessageModel("Username ou password incorreto(s)"))); } JwtTokenHelper tokenHelper = new JwtTokenHelper(_connection); ResponseTokens response = tokenHelper.Authenticate(_secret, user); return(Ok(response)); } catch (Exception e) { return(BadRequest(new ErrorMessageModel(e.Message))); } }
/// <summary> /// Método que faz o refresh de um token. /// É utilizado o token antigo para validação e para ir buscar as claims /// </summary> /// <param name="tokens">Objeto ResponseTokens com o token antigo /// e token de resfresh</param> /// <param name="secret">Secret para criar um token de acesso novo</param> /// <returns>Retorna um objeto ResponseTokens com o token novo /// e token de resfresh novo</returns> public ResponseTokens Refresh(ResponseTokens tokens, string secret) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(secret); SecurityToken validatedToken; var principal = tokenHandler.ValidateToken(tokens.Token, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false }, out validatedToken); var jwtToken = validatedToken as JwtSecurityToken; if (jwtToken == null || !jwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new SecurityTokenException("Token Inválido!"); } string email = ClaimHelper.GetEmailFromClaimIdentity((ClaimsIdentity)principal.Identity); RefreshTokenDAO refreshTokenDAO = new RefreshTokenDAO(_connection); EncryptedRefreshTokenModel encToken = refreshTokenDAO.GetEncryptedRefreshTokenModel(email); if (encToken == null) { throw new Exception("O token nao existe para o email pretendido!"); } if (PasswordOperations.VerifyHash(tokens.RefreshToken, encToken.Hash, encToken.Salt) == false) { throw new SecurityTokenException("Token Inválido!"); } return(Authenticate(email, secret, principal.Claims.ToArray())); }