public static void ValidateCertificate(HttpContext httpContext, UserJwtModel currentUser)
{
var cert = httpContext.Connection.ClientCertificate;
if (cert == null)
{
throw new ValidationException("Certificate not provided!");
}
var certNumber = cert.SerialNumber;
if (cert.Archived)
{
throw new ValidationException("Certificate has been disabled, please contact support!");
}
if (!cert.Verify())
{
throw new ValidationException("Invalid certificate, please contact support!");
}
using (var uow = new UnitOfWork())
{
var user = uow.UserRepository.Get(currentUser.Id);
if (user.Cert.All(a => a.CertNumber != certNumber))
{
throw new ValidationException("Invalid certificate, please contact support!");
}
}
}
private string CreateLoginToken(Users user)
{
UserJwtModel userModel = Mapper.Map <UserJwtModel>(user);
userModel.ExpirationDate = DateTime.UtcNow.AddDays(1);
string secretKey = "Helena123431286SecretCode";
string token = JWT.JsonWebToken.Encode(userModel, secretKey, JWT.JwtHashAlgorithm.HS256);
return(token);
}
private string CreateLoginToken(UserModel user)
{
UserJwtModel userModel = new UserJwtModel();
userModel.ExpirationDate = DateTime.UtcNow.AddDays(1);
userModel.Email = user.Email;
userModel.Id = user.Id;
string secretKey = WebConfigurationManager.AppSettings["JwtSecret"];
string token = JWT.JsonWebToken.Encode(userModel, secretKey, JWT.JwtHashAlgorithm.HS256);
return(token);
}
public static string CreateLoginToken(User user)
{
var userJwtModel = new UserJwtModel
{
Id = user.Id,
Role = Mapper.AutoMap <Role, RoleModel>(user.Role),
RoleId = user.RoleId,
ExpirationDate = DateTime.UtcNow.AddDays(1)
};
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder);
return(encoder.Encode(userJwtModel, SecretKey));
}
public static string CreateLoginToken(User user)
{
UserJwtModel userModel = new UserJwtModel
{
Email = user.Email,
Id = user.Id,
Role = user.Role,
ExpirationDate = DateTime.UtcNow.AddDays(1),
};
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder);
string token = encoder.Encode(userModel, SecretKey);
return(token);
}
public static UserJwtModel CreateLoginToken(UserModel user)
{
var userJwtModel = new UserJwtModel
{
Id = user.Id,
ExpirationTime = DateTime.Now.AddMinutes(200), // token vazi 200 min
Name = user.Name,
Surname = user.Surname,
Mail = user.Email
};
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(new HMACSHA256Algorithm(), serializer, urlEncoder);
userJwtModel.Token = encoder.Encode(userJwtModel, SecretKey);
return(userJwtModel);
}
public string Token(UserJwtModel jwtUsuarioModel)
{
var secret = Encoding.ASCII.GetBytes(_configuration.GetSection("JwtConfigurations:Secret").Value);
var symmertricSecurityKey = new SymmetricSecurityKey(secret);
var securityTokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, jwtUsuarioModel.UserId.ToString()),
new Claim(ClaimTypes.Name, jwtUsuarioModel.UserName.ToString()),
new Claim(ClaimTypes.Email, jwtUsuarioModel.UserEmail.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(symmertricSecurityKey, SecurityAlgorithms.HmacSha256Signature)
};
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
var tokenGenerated = jwtSecurityTokenHandler.CreateToken(securityTokenDescriptor);
var token = jwtSecurityTokenHandler.WriteToken(tokenGenerated);
return(token);
}
/// <summary>
/// Ensure that the module requires authentication.
/// </summary>
/// <param name="context">Current context</param>
/// <returns>Unauthorized response if not logged in, null otherwise</returns>
public static Response RequiresAuthentication(NancyContext context)
{
try
{
var token = context.Request.Headers.Authorization;
var decodedtoken = JsonWebToken.DecodeToObject(token, ConfigurationManager.AppSettings["jwt:cryptkey"]) as Dictionary <string, object>;
if (decodedtoken != null)
{
var jwt = new UserJwtModel();
jwt.HydrateFromJwt(decodedtoken);
context.Items.Add("User", jwt);
}
}
catch (Exception exc)
{
Console.Out.WriteLine("Exception! " + exc.Message);
throw new RequestUnauthorizedException("Invalid Authorization Token");
}
return(null);
}
