public async Task <GetAccessTokenResponse> Handle(ValidateCredentialsAndCreateAccessTokenRequest request, CancellationToken cancellationToken) { var credentialBytes = Convert.FromBase64String(request.Credentials); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':', 2); if (credentials.Length != 2) { _logger.LogInformation($"Invalid auth header [{request.Credentials}] - expected 'Basic appkey:appsecret'"); return(null); } var apiClient = await _apiClientRepository.GetAsync(credentials[0]); if (apiClient == null) { _logger.LogInformation($"Could not find api client for appkey [{credentials[0]}]"); return(null); } if (SaltHashHelper.CreateHash(credentials[1], apiClient.AppSecretSalt) != apiClient.AppSecretHash) { _logger.LogInformation($"Invalid login attempt"); return(null); } var userAccountApiAccess = await _userAccountApiAccessRepository.GetByRefreshTokenAsync(request.RefreshToken); if (userAccountApiAccess == null) { _logger.LogInformation($"Unknown refresh token: {request.RefreshToken}"); return(null); } if (userAccountApiAccess.RevokedDateTime != null) { _logger.LogInformation($"API Access has been revoked"); return(new GetAccessTokenResponse("user_revoked", null)); } var tokenData = GuidString.NewGuidString(); var tokenExpiry = DateTime.UtcNow.AddMinutes(30); await _userAccountTokenRepository.CreateAsync(userAccountApiAccess, tokenData, tokenExpiry); var tokenOptions = _configuration.GetSection("SmallListerApiJwt"); var signingKey = tokenOptions.GetValue("SigningKey", ""); var issuer = tokenOptions.GetValue("Issuer", ""); var audience = tokenOptions.GetValue("Audience", ""); var tokenHandler = new JwtSecurityTokenHandler(); var securityTokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, tokenData) }), Audience = audience, Issuer = issuer, Expires = tokenExpiry, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingKey)), SecurityAlgorithms.HmacSha256Signature) }; return(new GetAccessTokenResponse(null, tokenHandler.WriteToken(tokenHandler.CreateToken(securityTokenDescriptor)))); }
public void CreateSaltHash() { var password = "******"; var(salt, hash) = SaltHashHelper.CreateHash(password); salt.Should().NotBeNullOrEmpty(); hash.Should().NotBeNullOrEmpty(); }
public void VerifyHash() { var password = "******"; var(salt, hash) = SaltHashHelper.CreateHash(password); var verify = SaltHashHelper.CreateHash(password, salt); verify.Should().Be(hash); }
public async Task <CreateExternalClientResponse> Handle(CreateExternalClientRequest request, CancellationToken cancellationToken) { var user = await _userAccountRepository.GetUserAccountAsync(request.User); var appKey = GuidString.NewGuidString(); var appSecret = GuidString.NewGuidString(); var(appSecretSalt, appSecretHash) = SaltHashHelper.CreateHash(appSecret); await _apiClientRepository.CreateAsync(request.Model.Name, request.Model.Uri, appKey, appSecretHash, appSecretSalt, user); return(new CreateExternalClientResponse(request.Model.Name, request.Model.Uri, appKey, appSecret)); }
/// <summary> /// Legt einen neuen User in der Datenbank an /// </summary> /// <param name="name">User Name</param> /// <param name="password">User Password</param> /// <returns>Einen HttpStatusCode OK bei Erfolg InternalServerError bei Fehlschlag</returns> public HttpStatusCode Anlegen(string name, string password) { var con = DbHelper.GetDbConnection(); con.Open(); if (string.IsNullOrWhiteSpace(UserAccess.GetName(con, name))) { var HashnSalt = SaltHashHelper.CreateHash(password); UserAccess.AddUser(con, name, HashnSalt.Item1); UserAccess.AddSalt(con, UserAccess.GetIdByName(con, name), HashnSalt.Item2); return(HttpStatusCode.OK); } else { return(HttpStatusCode.InternalServerError); } }
public void UserAnlegen() { var con = DbHelper.GetDbConnection(); con.Open(); if (string.IsNullOrEmpty(UserAccess.GetName(con, "Test"))) { var SaltnHash = SaltHashHelper.CreateHash("Test"); UserAccess.AddUser(con, "Test", SaltnHash.Item1); var ID = UserAccess.GetIdByName(con, "Test"); UserAccess.AddSalt(con, ID, SaltnHash.Item2); } else { Console.Write("Error"); } con.Close(); }
/// <summary> /// Ändert das Passwort eines Users /// </summary> /// <param name="name">User Name</param> /// <param name="password">Aktuelles User Password</param> /// <param name="newPassword">Neues User Password</param> /// <returns>Einen HttpStatusCode OK bei Erfolg InternalServerError bei Fehlschlag</returns> public HttpStatusCode ChangePassword(string name, string password, string newPassword) { //Validierung des Users var User = Login(name, password); if (User != null) { var con = DbHelper.GetDbConnection(); con.Open(); //Erstellt einen neuen Hash und Updated diesen und den Salt des Users var HashnSalt = SaltHashHelper.CreateHash(newPassword); UserAccess.ChangeHash(con, name, HashnSalt.Item1); UserAccess.ChangeSalt(con, name, HashnSalt.Item2); con.Close(); return(HttpStatusCode.OK); } else { return(HttpStatusCode.BadRequest); } }
public async Task InitializeAsync() { using var serviceScope = _factory.Services.CreateScope(); using var context = serviceScope.ServiceProvider.GetRequiredService <SqliteDataContext>(); context.Migrate(); var userAccount = await context.UserAccounts.AddAsync(new UserAccount { AuthenticationUri = "http://test/user/1" }); var userList = await context.UserLists.AddAsync(new UserList { Name = "Test list", UserAccount = userAccount.Entity }); await context.UserItems.AddRangeAsync( new UserItem { Description = "Test item 1", UserAccount = userAccount.Entity }, new UserItem { Description = "Test item 2", UserAccount = userAccount.Entity, UserList = userList.Entity, NextDueDate = DateTime.Today }, new UserItem { Description = "Test item 3", UserAccount = userAccount.Entity, UserList = userList.Entity, NextDueDate = DateTime.Today.AddDays(-1), Repeat = ItemRepeat.Daily } ); var(appSecretSalt, appSecretHash) = SaltHashHelper.CreateHash(appSecret); await context.ApiClients.AddAsync(new ApiClient { AppKey = appKey, AppSecretSalt = appSecretSalt, AppSecretHash = appSecretHash, RedirectUri = redirectUri, CreatedBy = userAccount.Entity, DisplayName = "test-api-client" }); await context.SaveChangesAsync(); }
public void ChangePassword() { var con = DbHelper.GetDbConnection(); con.Open(); var name = "Justin_Vazquez"; var password = "******"; var newPassword = "******"; if (!string.IsNullOrWhiteSpace(UserAccess.GetName(con, name))) { var userID = UserAccess.GetIdByName(con, name); var hash = UserAccess.GetHash(con, userID); var salt = UserAccess.GetSalt(con, userID); try { if (SaltHashHelper.ValidatePassword(password, hash, salt)) { var HashnSalt = SaltHashHelper.CreateHash(newPassword); UserAccess.ChangeHash(con, name, HashnSalt.Item1); UserAccess.ChangeSalt(con, name, HashnSalt.Item2); con.Close(); } else { Console.Write("Error"); } } catch (Exception error) { Console.Write(error); } finally { con.Close(); } } }