public AccountController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
TokenDescriptor tokenDescriptor,
INotificationHandler notifications,
IUser user,
IEmailSender emailSender,
IHostEnvironment hostingEnviroment,
IConfiguration config,
IMapper mapper,
HttpClient httpClient,
IOptions <ExternalAuthFacebookOptions> optionsAccessor,
IRefreshTokenRepository <RefreshTokenData> refreshTokenRepository) : base(notifications, user)
{
_userManager = userManager;
_signInManager = signInManager;
_tokenDescriptor = tokenDescriptor;
_notifications = notifications;
_emailSender = emailSender;
_hostingEnviroment = hostingEnviroment;
_config = config;
_mapper = mapper;
_httpClient = httpClient;
Options = optionsAccessor.Value;
_refreshTokenRepository = refreshTokenRepository;
}
public UsuarioController(
IUnitOfWork uow,
IUser user,
UsuarioHandler usuarioHandler,
IUsuarioRepository usuarioRepository,
IClaimValueRepository claimValueRepository,
UserManager <Usuario> userManager,
SignInManager <Usuario> signInManager,
ILoggerFactory loggerFactory,
TokenDescriptor tokenDescriptor
) : base(uow, user)
{
_usuarioHandler = usuarioHandler;
_usuarioRepository = usuarioRepository;
_claimValueRepository = claimValueRepository;
_userManager = userManager;
_signInManager = signInManager;
_logger = loggerFactory.CreateLogger <UsuarioController>();
_tokenDescriptor = tokenDescriptor;
}
public JwtTokenGenerate(
TokenDescriptor tokenDescriptor,
IDistributedCache cache)
{
_tokenDescriptor = tokenDescriptor;
_cache = cache;
}
private TdsToken CreateEnvChange(TokenDescriptor tokenDesc, TdsResponseStream stream, Encoding encoder, FormatToken lastFormat)
{
int len = stream.ReadShort();
int read = 0;
var changes = new List <EnvChangeToken.Change>();
while (read < len)
{
var change = new EnvChangeToken.Change();
change.Type = (EnvChangeToken.EnvType)stream.Read();
int newValLen = stream.Read();
change.NewValue = stream.ReadString(newValLen);
int oldValLen = stream.Read();
change.OldValue = stream.ReadString(oldValLen);
read += 3 + newValLen + oldValLen;
changes.Add(change);
}
return(new EnvChangeToken(tokenDesc.TokenType)
{
Changes = changes
});
}
public async Task <bool> AddOrUpdateAsync(string issuer, string audience, TokenDescriptor value, CancellationToken cancellationToken = default)
{
try
{
var dbModel = _mapper.Map <TokenDbModel>(value);
UpdateDefaultProperties(dbModel);
dbModel.Audience = audience;
dbModel.Issuer = issuer;
var commandDefinition = new CommandDefinition(_tokenTableUpdateScript,
parameters: new
{
issuerKey = dbModel.Issuer,
audienceKey = dbModel.Audience,
issuer = dbModel.Issuer,
audience = dbModel.Audience,
private_key = dbModel.PrivateKey,
ttl = dbModel.Ttl,
expiration_time = dbModel.ExpirationDate,
is_active = dbModel.IsActive,
payload = dbModel.PayLoad,
creator = dbModel.Creator,
created_time = dbModel.CreatedTime,
updated_time = DateTimeOffset.UtcNow,
updater = dbModel.Updater,
},
cancellationToken: cancellationToken);
return(await _dataSource.Connection.ExecuteAsync(commandDefinition) > 0);
}
catch (Exception ex)
{
throw new RepositoryException(I18n.AddOrUpdateOperationException, ex);
}
}
public SecurityController(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, TokenDescriptor tokenDescriptor, IUser user, IMediatorBus mediator, INotificationHandler <DomainNotification> notifications, ILoggerFactory loggerFactory, IUnitOfWork unitOfWork) : base(mediator, notifications, loggerFactory, user)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = loggerFactory.CreateLogger <SecurityController>();
_tokenDescriptor = tokenDescriptor;
}
private TdsToken CreateReturnStatus(TokenDescriptor tokenDesc, TdsResponseStream stream, Encoding encoder, FormatToken lastFormat)
{
int value = stream.ReadInt();
return(new ReturnStatusToken(tokenDesc.TokenType)
{
Value = value,
});
}
public AccountController(INotificationHandler <DomainNotification> notifications,
IMediatorHandler mediator,
TokenDescriptor tokenDescriptor,
IUsuarioRepository usuarioRepository) : base(notifications, mediator)
{
_usuarioRepository = usuarioRepository;
_mediatorHandler = mediator;
_tokenDescriptor = tokenDescriptor;
}
internal static bool IsNot(this Token token, TokenDescriptor descriptor)
{
if (descriptor == null)
{
throw new ArgumentNullException(nameof(descriptor));
}
return(token.Descriptor != descriptor);
}
public static void AddMvcSecurity(this IServiceCollection services, IConfigurationRoot configuration)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
var tokenConfigurations = new TokenDescriptor();
new ConfigureFromConfigurationOptions <TokenDescriptor>(
configuration.GetSection("JwtTokenOptions"))
.Configure(tokenConfigurations);
services.AddSingleton(tokenConfigurations);
services.AddIdentity <ApplicationUser, IdentityRole>(
opts =>
{
opts.Password.RequireDigit = true;
opts.Password.RequireLowercase = true;
opts.Password.RequireUppercase = true;
opts.Password.RequireNonAlphanumeric = false;
opts.Password.RequiredLength = 8;
}
)
.AddEntityFrameworkStores <SecurityContext>()
.AddDefaultTokenProviders();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(bearerOptions =>
{
bearerOptions.RequireHttpsMetadata = false;
bearerOptions.SaveToken = true;
var paramsValidation = bearerOptions.TokenValidationParameters;
paramsValidation.IssuerSigningKey = SigningCredentialsConfiguration.Key;
paramsValidation.ValidAudience = tokenConfigurations.Audience;
paramsValidation.ValidIssuer = tokenConfigurations.Issuer;
paramsValidation.ValidateIssuerSigningKey = true;
paramsValidation.ValidateLifetime = true;
paramsValidation.ClockSkew = TimeSpan.Zero;
});
services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdminRole", policy => policy.RequireRole(Roles.ADMIN));
options.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
}
public UsuariosController(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, ILoggerFactory loggerFactory, TokenDescriptor tokenDescriptor, INotificationHandler <DomainNotification> notifications, IUser user, IUsuarioRepository usuarioRepository, IMediatorHandler mediator, IMapper mapper) : base(notifications, user, mediator)
{
_userManager = userManager;
_signInManager = signInManager;
_usuarioRepository = usuarioRepository;
_mediator = mediator;
_logger = loggerFactory.CreateLogger <UsuariosController>();
_tokenDescriptor = tokenDescriptor;
_mapper = mapper;
}
public AccountController(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, TokenDescriptor tokenDescriptor, IUser user, IMediatorHandler mediator, IAdopterRepository adopterRepository, INotificationHandler <DomainNotification> notifications, ILoggerFactory loggerFactory, IUnitOfWork unitOfWork) : base(mediator, notifications, loggerFactory, user)
{
_unitOfWork = unitOfWork;
_userManager = userManager;
_signInManager = signInManager;
_mediator = mediator;
_logger = loggerFactory.CreateLogger <AccountController>();
_tokenDescriptor = tokenDescriptor;
_adopterRepository = adopterRepository;
}
public AccountController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
ILoggerFactory loggerFactory,
TokenDescriptor tokenDescriptor)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = loggerFactory.CreateLogger <AccountController>();
_tokenDescriptor = tokenDescriptor;
}
public UserAdapter(IOptions <UserApi> userApiOption,
UserManager <IdentityUser> userManager,
IOptions <TokenDescriptor> tokenDescriptorOption,
ILogger <UserAdapter> logger)
{
Errors = new List <string>();
_userApi = userApiOption.Value;
_userManager = userManager;
_tokenDescriptor = tokenDescriptorOption.Value;
_logger = logger;
}
public UserService(
UserManager <ApplicationUser> userManager,
RoleManager <IdentityRole> roleManager,
SignInManager <ApplicationUser> signInManager,
TokenDescriptor tokenDescriptor)
{
_userManager = userManager;
_roleManager = roleManager;
_signInManager = signInManager;
_tokenDescriptor = tokenDescriptor;
}
public AccountController(UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
IEmailSender emailSender,
TokenDescriptor tokenDescriptor,
IUser user,
IAppNotificationHandler <DomainNotification> notification) : base(user, notification)
{
_userManager = userManager;
_signInManager = signInManager;
_emailSender = emailSender;
_tokenDescriptor = tokenDescriptor;
}
public ContaController(
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
RoleManager <IdentityRole> roleManager,
TokenDescriptor tokenDescriptor,
IUser user) : base(user)
{
_userManager = userManager;
_signInManager = signInManager;
_roleManager = roleManager;
_tokenDescriptor = tokenDescriptor;
}
public AutenticacaoController(
IHandler <DomainNotification> domainNotificationHandler,
TokenDescriptor tokenDescriptor,
IUsuarioService usuarioService,
IMapper mapper
)
: base(domainNotificationHandler)
{
_usuarioService = usuarioService;
_tokenDescriptor = tokenDescriptor;
_mapper = mapper;
}
public async Task AddOrUpdateTokenAsync(TokenDescriptor tokenDescriptor, CancellationToken cancellationToken = default)
{
if (string.IsNullOrWhiteSpace(tokenDescriptor.PrivateKey))
{
tokenDescriptor.PrivateKey = _passwordProvider.GetNextStringPassword(ValidationConstants.MaxPasswordLength);
}
_tokenDescriptorModelValidator.EnsureValidation(tokenDescriptor);
await _tokenRepository.AddOrUpdateAsync(tokenDescriptor.Issuer, tokenDescriptor.Audience, tokenDescriptor, cancellationToken);
_notifier.Notify(new TokenUpdatedNotifyMessage(tokenDescriptor.Issuer, tokenDescriptor.Audience, tokenDescriptor.Ttl, tokenDescriptor.ExpirationDate, tokenDescriptor.IsActive));
}
internal static void ExpectedToBe(this Token token, TokenDescriptor descriptor)
{
if (descriptor == null)
{
throw new ArgumentNullException(nameof(descriptor));
}
if (!token.Is(descriptor))
{
throw new CaliParseException($"Unexpected input '{token.Value}' but was expecting '{descriptor.ReportableName}'",
token.Line, token.Column);
}
}
public ChallengeController(ILoggerFactory loggerFactory,
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
IPersonagemService personagemService,
IEspecieService especieService,
TokenDescriptor tokenDescriptor)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = loggerFactory.CreateLogger <AccountController>();
_personagemService = personagemService;
_especieService = especieService;
_tokenDescriptor = tokenDescriptor;
}
public async Task <bool> AddOrUpdateAsync(string issuer, string audience, TokenDescriptor value,
CancellationToken cancellationToken = default)
{
using (var dbContext = _dbContextFactory.CreateDbContext())
{
try
{
var dbModel = _mapper.Map <TokenDbModel>(value);
dbModel.Issuer = issuer;
dbModel.Audience = audience;
UpdateDefaultProperties(dbModel, dbContext);
await using (var sqlCommand = new NpgsqlCommand(_tokenTableUpdateScript))
{
await using var connection = (NpgsqlConnection)dbContext.Database.GetDbConnection();
await connection.OpenAsync(cancellationToken);
sqlCommand.Connection = connection;
sqlCommand.Parameters.AddWithValue("@issuer", NpgsqlDbType.Varchar, dbModel.Issuer);
sqlCommand.Parameters.AddWithValue("@audience", NpgsqlDbType.Varchar, dbModel.Audience);
sqlCommand.Parameters.AddWithValue("@private_key", NpgsqlDbType.Varchar, dbModel.PrivateKey);
sqlCommand.Parameters.AddWithValue("@ttl", NpgsqlDbType.Integer, dbModel.Ttl);
sqlCommand.Parameters.AddWithValue("@expiration_time", NpgsqlDbType.TimestampTz, dbModel.ExpirationDate);
sqlCommand.Parameters.AddWithValue("@is_active", NpgsqlDbType.Boolean, dbModel.IsActive);
if (value.PayLoad != null)
{
sqlCommand.Parameters.AddWithValue("@payload", NpgsqlDbType.Jsonb, dbModel.PayLoad);
}
else
{
sqlCommand.Parameters.AddWithValue("@payload", NpgsqlDbType.Jsonb, DBNull.Value);
}
sqlCommand.Parameters.AddWithValue("@created_time", NpgsqlDbType.TimestampTz, dbModel.CreatedTime);
sqlCommand.Parameters.AddWithValue("@creator", NpgsqlDbType.Varchar, dbModel.Creator);
sqlCommand.Parameters.AddWithValue("@updated_time", NpgsqlDbType.TimestampTz, dbModel.UpdatedTime);
sqlCommand.Parameters.AddWithValue("@updater", NpgsqlDbType.Varchar, dbModel.Updater);
return(await sqlCommand.ExecuteNonQueryAsync(cancellationToken) > 0);
}
}
catch (Exception ex)
{
throw new RepositoryException(I18n.AddOrUpdateOperationException, ex);
}
}
}
public static void AddMvcSecurity(this IServiceCollection services, IConfigurationRoot configuration)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
var tokenConfigurations = new TokenDescriptor();
new ConfigureFromConfigurationOptions <TokenDescriptor>(configuration.GetSection("JwtOptions")).Configure(tokenConfigurations);
services.AddSingleton(tokenConfigurations);
services.AddIdentity <ApplicationUser, IdentityRole>().AddEntityFrameworkStores <ApplicationDbContext>().AddDefaultTokenProviders();
services.AddCors();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(bearerOptions =>
{
bearerOptions.RequireHttpsMetadata = false;
bearerOptions.SaveToken = true;
var paramsValidation = bearerOptions.TokenValidationParameters;
paramsValidation.IssuerSigningKey = SigningCredentialsConfiguration.Key;
paramsValidation.ValidAudience = tokenConfigurations.Audience;
paramsValidation.ValidIssuer = tokenConfigurations.Issuer;
paramsValidation.ValidateIssuer = true;
paramsValidation.ValidateAudience = true;
paramsValidation.ValidateIssuerSigningKey = true;
paramsValidation.ValidateLifetime = true;
paramsValidation.ClockSkew = TimeSpan.Zero;
});
services.AddAuthorization(options =>
{
options.AddPolicy("PodeVisualizar", policy => policy.RequireClaim("Contas", "Visualizar"));
options.AddPolicy("PodeAlterar", policy => policy.RequireClaim("Contas", "Alterar"));
options.AddPolicy("Bearer", new AuthorizationPolicyBuilder().AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme).RequireAuthenticatedUser().Build());
});
services.AddElmahIo(opt =>
{
opt.ApiKey = configuration.GetValue <string>("ElmahConfiguration:ApiKey");
opt.LogId = new Guid(configuration.GetValue <string>("ElmahConfiguration:LogId"));
});
}
public AccountController(INotificationHandler <DomainNotification> notifications,
IUser user,
IMediatorHandler mediator,
UserManager <ApplicationUser> userManager,
SignInManager <ApplicationUser> signInManager,
ILoggerFactory loggerFactory,
TokenDescriptor tokenDescriptor) : base(notifications, user, mediator)
{
_mediator = mediator;
_userManager = userManager;
_signInManager = signInManager;
_tokenDescriptor = tokenDescriptor;
_logger = loggerFactory.CreateLogger <AccountController>();
}
public static void AddMvcSecurity(this IServiceCollection services, IConfigurationRoot configuration)
{
if (services == null)
{
throw new ArgumentNullException(nameof(services));
}
var tokenConfigurations = new TokenDescriptor();
new ConfigureFromConfigurationOptions <TokenDescriptor>(configuration.GetSection("JwtTokenOptions")).Configure(tokenConfigurations);
services.AddSingleton(tokenConfigurations);
services.AddIdentity <ApplicationUser, IdentityRole <Guid> >(o =>
{
o.Password.RequiredLength = 8;
o.User.RequireUniqueEmail = true;
o.SignIn.RequireConfirmedEmail = true;
}).AddEntityFrameworkStores <ApplicationDbContext>().AddDefaultTokenProviders();
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(bearerOptions =>
{
bearerOptions.RequireHttpsMetadata = false;
bearerOptions.SaveToken = true;
var paramsValidation = bearerOptions.TokenValidationParameters;
paramsValidation.IssuerSigningKey = SigningCredentialsConfiguration.Key;
paramsValidation.ValidAudience = tokenConfigurations.Audience;
paramsValidation.ValidIssuer = tokenConfigurations.Issuer;
paramsValidation.ValidateIssuerSigningKey = true;
paramsValidation.ValidateLifetime = true;
paramsValidation.ClockSkew = TimeSpan.Zero;
});
services.AddAuthorization(options =>
{
//options.AddPolicy("PodeLerEventos", policy => policy.RequireClaim("Eventos", "Ler"));
//options.AddPolicy("PodeGravar", policy => policy.RequireClaim("Eventos", "Gravar"));
options.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
}
private TdsToken CreateNotImplementedToken(TokenDescriptor tokenDesc, TdsResponseStream stream)
{
int len = 0;
switch (tokenDesc.Len)
{
case TokenLength.OneByteLen:
len = stream.Read();
stream.SkipRead(len);
len += 1;
break;
case TokenLength.TwoByteLen:
len = stream.ReadShort();
stream.SkipRead(len);
len += 2;
break;
case TokenLength.FourByteLen:
len = stream.ReadInt();
stream.SkipRead(len);
len += 4;
break;
case TokenLength.OneByte:
len = 1;
stream.SkipRead(len);
break;
case TokenLength.FourBytes:
len = 4;
stream.SkipRead(len);
break;
case TokenLength.EigthBytes:
len = 8;
stream.SkipRead(len);
break;
case TokenLength.Dependent:
default:
_logger?.LogError($"Unknown length of token of type {tokenDesc.TokenType}");
throw new Exception($"Unknown length of token of type {tokenDesc.TokenType}");
}
_logger?.LogWarning($"Not implemented token {tokenDesc.TokenType} of len {len}");
return(new UnknownToken(tokenDesc.TokenType, len));
}
public AccountController(IDomainNotificationHandler <DomainNotification> notifications,
IUser user,
UserManager <IdentityUser> userManager,
SignInManager <IdentityUser> signanager,
ILoggerFactory logger,
IBus bus,
TokenDescriptor tokenDescriptor,
IOrganizadorRepository organizadorRepository) : base(notifications, user, bus)
{
_userManager = userManager;
_signanager = signanager;
_bus = bus;
_logger = logger.CreateLogger <AccountController>();
_tokenDescriptor = tokenDescriptor;
_organizadorRepository = organizadorRepository;
}
public void EnsureValidation(TokenDescriptor tokenDescriptor)
{
EnsureAudienceValidation(tokenDescriptor.Audience);
EnsureIssuerValidation(tokenDescriptor.Issuer);
if (tokenDescriptor.PrivateKey.Length < ValidationConstants.MinPasswordLength ||
tokenDescriptor.PrivateKey.Length > ValidationConstants.MaxPasswordLength)
{
throw new TokenManagementException(String.Format(I18n.IncorrectPrivateKeyLength, ValidationConstants.MinPasswordLength, ValidationConstants.MaxPasswordLength));
}
if (tokenDescriptor.Ttl < ValidationConstants.MinTtlValue || tokenDescriptor.Ttl > ValidationConstants.MaxTtlValue)
{
throw new TokenManagementException(String.Format(I18n.IncorrectTtlValue, ValidationConstants.MinTtlValue, ValidationConstants.MaxTtlValue));
}
}
public async Task <bool> AddAsync(TokenDescriptor value, CancellationToken cancellationToken = default)
{
try
{
var dbModel = _mapper.Map <TokenDbModel>(value);
UpdateDefaultProperties(dbModel);
dbModel.CreatedTime = DateTimeOffset.UtcNow;
dbModel.Creator = _dataSource.InstanceId;
var key = await _dataSource.Connection.InsertAsync(dbModel);
return(key != null);
}
catch (Exception ex)
{
throw new RepositoryException(I18n.AddOperationException, ex);
}
}
private TdsToken CreateLoginAck(TokenDescriptor tokenDesc, TdsResponseStream stream, Encoding encoder, FormatToken lastFormat)
{
int len = stream.ReadShort();
int status = stream.Read();
var version = stream.ReadBytes(4);
int nameLen = stream.Read();
var name = stream.ReadString(nameLen);
var progVersion = stream.ReadBytes(4);
return(new LoginAckToken(tokenDesc.TokenType)
{
Succeed = status == 5,
Fail = status == 6,
Negotiate = status == 7,
TdsVersion = $"{version[0]}.{version[1]}.{version[2]}.{version[3]}",
ServerProgram = name,
ServerVersion = $"{progVersion[0]}.{progVersion[1]}.{progVersion[2]}.{progVersion[3]}",
});
}
