public async Task <IActionResult> Post([FromBody] TokenInput model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByNameAsync(model.Email).ConfigureAwait(false);
if (user == null)
{
return(NotFound());
}
if (!await _userManager.CheckPasswordAsync(user, model.Password).ConfigureAwait(false))
{
return(Unauthorized());
}
var token = await GetJwtSecurityToken(user).ConfigureAwait(false);
var response = new TokenResult
{
AccessToken = _tokenHandler.WriteToken(token),
TokenType = JwtBearerDefaults.AuthenticationScheme,
ExpiresAt = token.Payload.ValidTo
};
return(new OkObjectResult(response));
}
public IActionResult VerifyOtp(TokenInput input)
{
if (string.IsNullOrWhiteSpace(input.Token) || string.IsNullOrWhiteSpace(input.Data))
{
_logger.LogInformation("Token or OTP is null or empty");
return(BadRequest());
}
if (Guid.TryParse(input.Token, out _) && _memoryCache.TryGetValue("L1" + input.Token, out User cachedUser))
{
var token = _authHandler.VerifyOtp(cachedUser, input.Data);
if (token != null)
{
_activityLogger.LogLogin(Request.HttpContext.Connection.RemoteIpAddress, cachedUser);
return(Ok(token));
}
_logger.LogInformation("Auth handler rejected OTP.");
return(BadRequest());
}
_logger.LogInformation("Token is invalid.");
return(BadRequest());
}
public async Task <IActionResult> Create([FromBody] TokenInput tokenInput) //string username, string password, string grant_type)
{
bool IsValid = await IsValidUserNameAndPassword(tokenInput.UserName, tokenInput.Password);
var output = IsValid ? new ObjectResult(await GenerateToken(tokenInput.UserName)) : (IActionResult)BadRequest();
return(output);
}
public IActionResult GetToken(TokenInput tokenInput)
{
var jsonString = JsonConvert.SerializeObject(tokenInput);
var request = new HttpClient().PostAsync("https://dev-uslrkkz5.au.auth0.com/oauth/token",
new StringContent(jsonString, Encoding.UTF8, "application/json"));
var response = request.Result.Content.ReadAsStringAsync();
var deserialisedOutput = JsonConvert.DeserializeObject <TokenInputResponseModel>(response.Result);
return(Ok(deserialisedOutput));
}
public IActionResult GenerateOtp(TokenInput input)
{
if (Guid.TryParse(input.Token, out _) &&
_memoryCache.TryGetValue("R1" + input.Token, out User cachedUser))
{
var qrCode = _authHandler.GenerateTotp(ref cachedUser);
var response = new MessageResponse
{
Message = qrCode,
Status = "Ok"
};
return(Ok(response));
}
_logger.LogInformation("Token is invalid.");
return(BadRequest());
}
public async Task <IActionResult> GetAccessToken([FromBody] TokenInput input)
{
if (!string.IsNullOrWhiteSpace(input.Code) && !string.IsNullOrWhiteSpace(input.RefreshToken))
{
return(BadRequest($"Only {nameof(input.Code)} or {nameof(input.RefreshToken)} can be specified"));
}
if (string.IsNullOrWhiteSpace(input.Code) && string.IsNullOrWhiteSpace(input.RefreshToken))
{
return(BadRequest($"Either {nameof(input.Code)} or {nameof(input.RefreshToken)} has be specified"));
}
var result = input.Code.IsSet()
? await _aiiaService.ExchangeCodeForAccessToken(input.Code)
: await _aiiaService.RefreshAccessToken(input.RefreshToken);
return(Ok(new { accessToken = result.AccessToken, refreshToken = result.RefreshToken }));
}
public async Task <IActionResult> Create(string username, string password, string grant_type)
{
using var reader = new StreamReader(Request.Body);
try
{
var body = await reader.ReadToEndAsync();
TokenInput o = JsonSerializer.Deserialize <TokenInput>(body);
var output = await IsValidUserNameAndPassword(o.UserName, o.Password) ?
new ObjectResult(await GenerateToken(o.UserName))
: (IActionResult)BadRequest();
return(output);
}
catch (Exception)
{
throw new NotImplementedException();
}
}
public IActionResult CheckPassword(TokenInput tokenInput)
{
if (Guid.TryParse(tokenInput.Token, out _) &&
_memoryCache.TryGetValue("R1" + tokenInput.Token, out User user))
{
if (_memoryCache.TryGetValue("CHKPASS" + user.Email, out string _))
{
return(new ContentResult
{
StatusCode = (int?)HttpStatusCode.TooManyRequests
});
}
var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(TimeSpan.FromSeconds(1));
_memoryCache.Set("CHKPASS" + user.Email, "null", cacheEntryOptions);
return(Ok(new { status = _authHandler.VerifyPassword(tokenInput.Data) }));
}
_logger.LogInformation("Token is invalid.");
return(BadRequest());
}
public IActionResult CheckUsername(TokenInput tokenInput)
{
if (string.IsNullOrWhiteSpace(tokenInput.Data) || string.IsNullOrWhiteSpace(tokenInput.Captcha) ||
string.IsNullOrWhiteSpace(tokenInput.Token))
{
_logger.LogInformation("Token or data or captcha is empty or null.");
return(BadRequest());
}
if (!_captcha.VerifyCaptcha(tokenInput.Captcha, HttpContext.Connection.RemoteIpAddress,
"checkUsername"))
{
_logger.LogInformation("Invalid Captcha.");
return(BadRequest());
}
if (Guid.TryParse(tokenInput.Token, out _) &&
_memoryCache.TryGetValue("R1" + tokenInput.Token, out User user))
{
if (_memoryCache.TryGetValue("CHKUSRN" + user.Email, out string _))
{
return(new ContentResult
{
StatusCode = (int?)HttpStatusCode.TooManyRequests
});
}
var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(TimeSpan.FromSeconds(5));
_memoryCache.Set("CHKUSRN" + user.Email, "null", cacheEntryOptions);
return(Ok(new { status = _authHandler.VerifyUsername(tokenInput.Data.ToLower()) }));
}
_logger.LogInformation("Token is invalid.");
return(BadRequest());
}
public IActionResult VerifyAzureAdCode(TokenInput tokenInput)
{
if (string.IsNullOrWhiteSpace(tokenInput.Token))
{
_logger.LogInformation("Token is empty.");
return(BadRequest());
}
var user = _authHandler.VerifyOauthForRegister(tokenInput.Token);
if (user == null)
{
_logger.LogInformation("Auth handler rejected oauth token.");
return(BadRequest());
}
if (_memoryCache.TryGetValue("R1" + user.Email, out string stringUuid))
{
_memoryCache.Remove("R1" + stringUuid);
}
var registerGuid = SecureGuid.CreateSecureRfc4122Guid();
var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(TimeSpan.FromMinutes(5));
_memoryCache.Set("R1" + registerGuid, user, cacheEntryOptions);
_memoryCache.Set("R1" + user.Email, registerGuid.ToString(), cacheEntryOptions);
var response = new OauthSuccessResponse
{
Name = user.Name,
Email = user.Email,
RegisterCode = registerGuid.ToString()
};
return(Ok(response));
}
internal ShuntingYardParser(List <Token> tokens)
{
this.input = new TokenInput(tokens);
}
internal Parser(List <Token> tokens)
{
this.input = new TokenInput(tokens);
}
