internal VerifyResultModel Verify(string token, bool skipLifetimeValidation)
{
var handler = new JwtSecurityTokenHandler();
TokenValidationParameters parameters = GetParameters(skipLifetimeValidation);
var result = new VerifyResultModel()
{
IsValid = false
};
// Catch invalid token
try
{
SecurityToken validatedToken;
handler.ValidateToken(token, parameters, out validatedToken);
}
catch (Exception)
{
return(result);
}
var jwt = handler.ReadToken(token) as JwtSecurityToken;
if (jwt != null)
{
result.ExpiryDate = jwt.ValidTo;
result.Email = GetClaim(jwt, ClaimEmail);
result.AppId = Convert.ToInt32(GetClaim(jwt, ClaimAppId));
result.IsValid = true;
}
return(result);
}
public void Verify_ForExpiredToken_ReturnsError()
{
var parser = new JwtParser();
string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InJhZmFsLmdyYWR6aWVAZmluZ28ucGwiLCJpc3MiOiJMZWduaWNhSVQiLCJBcHBJZCI6IjEiLCJuYmYiOjE0ODE3MTc0MTcsImV4cCI6MTQ4MTcyMTAxNywiaWF0IjoxNDgxNzE3NDE3fQ.ZPzu-eaoaY7CxyQmJwvfk18vd9sO5guOwbfjsKK1Qcg";
VerifyResultModel result = parser.Verify(token);
Assert.Equal(false, result.IsValid);
Assert.Equal(null, result.ExpiryDate);
}
public void Verify_ForFreshToken_ReturnsOk()
{
var parser = new JwtParser();
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
VerifyResultModel result = parser.Verify(tokenModel.Token);
Assert.Equal(true, result.IsValid);
Assert.NotNull(result.ExpiryDate);
}
public void Verify_ForTokenParametersData()
{
var parser = new JwtParser();
string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IjEyM0B0ZXN0LnBsIiwiaXNzIjoiTGVnbmljYUlUIiwiYXBwSWQiOiIxIiwicm9sZSI6IlVzZXIiLCJuYmYiOjE0ODQxNDAwMjgsImV4cCI6MTQ4NDE0MDA4OCwiaWF0IjoxNDg0MTQwMDI4fQ.fZXSj3jZIQ8u2aoAzv6fDW0_c7BBb5oVr2oVDytnTek";
VerifyResultModel result = parser.Verify(token, true);
var email = result.Email;
var appId = result.AppId;
Assert.Equal("*****@*****.**", email);
Assert.Equal(1, appId);
}
public void Verify_ForFreshToken_ReturnsCorrectExpiryDate()
{
var mockedDateTimeProvider = new Mock <IDateTimeProvider>();
var dateFormat = "yyyy-MM-dd HH:mm";
var dateNow = DateTime.UtcNow;
// we are using mocked IDateTimeProvider to make sure we are refering to same "now"
mockedDateTimeProvider.Setup(p => p.GetNow()).Returns(dateNow);
var parser = new JwtParser(mockedDateTimeProvider.Object);
var dateNowFutureString = dateNow.AddDays(parser.GetExpiredDays()).ToString(dateFormat);
AcquireTokenModel tokenModel = parser.AcquireToken("*****@*****.**", 1);
VerifyResultModel result = parser.Verify(tokenModel.Token);
string expiryDateString = null;
if (result.ExpiryDate != null)
{
expiryDateString = result.ExpiryDate.Value.ToString(dateFormat);
}
Assert.Equal(dateNowFutureString, expiryDateString);
}
public JsonResult Verify(string accEmail, string data, string type, string name, string contentType)
{
byte[] dataArray = null;
try
{
dataArray = Convert.FromBase64String(data);
}
catch (Exception)
{
return(Json(new ResponseMessage
{
ResponseCode = 3,
ResponseContent = "Chọn tệp cần kiểm tra để tiếp tục"
}));
}
List <string> allowedTypes = new List <string>()
{
"xml", "docx", "xlsx", "pptx", "pdf", "p7b", "txt"
};
if (string.IsNullOrEmpty(type) || !allowedTypes.Contains(type))
{
return(Json(new ResponseMessage
{
ResponseCode = 3,
ResponseContent = "Định dạng chưa được hỗ trợ"
}));
}
if (type.Equals("txt") || type.Equals("p7b"))
{
dataArray = Encoding.ASCII.GetBytes(data);
}
var accessToken = Session["access_token"] as string;
if (string.IsNullOrEmpty(accessToken))
{
return(null);
}
try
{
var req = new RequestMessage
{
RequestID = Guid.NewGuid().ToString(),
ServiceID = "SignServer",
FunctionName = "Verify",
Parameter = new SignParameter
{
AccountEmail = accEmail,
Type = type,
ContentType = contentType,
FileName = name,
DataBase64 = data
}
};
var resp = CoreServiceClient.Query(req, accessToken);
if (resp == null)
{
return(Json(new ResponseMessage
{
ResponseCode = 2,
ResponseContent = "Dịch vụ không phản hồi"
}));
}
if (resp.ResponseCode != 1)
{
return(Json(resp));
}
var res = new VerifyResultModel();
try
{
res = JsonConvert.DeserializeObject <VerifyResultModel>(JsonConvert.SerializeObject(resp.Content));
}
catch (Exception)
{
}
if (res != null && res.status)
{
var parsedList = new List <SignServerVerifyResultModel>();
foreach (var sig in res.signatures)
{
parsedList.Add(ParseSignature(sig));
}
res.signatures = parsedList;
resp.Content = res;
return(Json(resp));
}
else
{
return(Json(new ResponseMessage
{
ResponseCode = 3,
ResponseContent = "Dịch vụ không phản hồi"
}));
}
}
catch (Exception)
{
return(Json(new ResponseMessage
{
ResponseCode = 3,
ResponseContent = "Lỗi ngoại lệ"
}));
}
}
