public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
if (context.ActionArguments["query"] is RefreshToken.Query refreshTokenQuery)
{
TokenValidationParameters tokenValidationParameters = JWTTokenHelper.InitTokenValidationParameters(_configuration, false);
var tokenHandler = new JwtSecurityTokenHandler();
ClaimsPrincipal principal = tokenHandler.ValidateToken(refreshTokenQuery.Token, tokenValidationParameters, out var securityToken);
if (securityToken is JwtSecurityToken jwtSecurityToken &&
jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha512, StringComparison.InvariantCultureIgnoreCase))
{
string encryptedUserName = principal.Claims.FirstOrDefault(c => c.Type == Constants.CLAIM_UNAME)?.Value;
refreshTokenQuery.UserName = _cryptoHelper.Decrypt <string>(_configSettings.DataProtectionKey, encryptedUserName);
await next();
return;
}
throw new SecurityTokenException("Invalid Token");
}
_logger.LogError("Missing query parameter!");
throw new CustomException(HttpStatusCode.NotFound, new { MissingParameter = "Missing query parameter!" });
}
private static void InitAuthSettings(IServiceCollection services, IConfiguration configuration)
{
//Authentication
services.AddAuthentication(opt =>
{
opt.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
opt.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(opt =>
{
opt.TokenValidationParameters = JWTTokenHelper.InitTokenValidationParameters(configuration, true);
opt.Events = JWTTokenHelper.InitJwtBearerEvents();
});
//Host Authorization
services.AddAuthorization(opt =>
{
opt.AddPolicy(Constants.ACTIVITY_HOST_POLICY_NAME, policy =>
{
policy.Requirements.Add(new IsHostRequirement());
});
});
services.AddTransient <IAuthorizationHandler, IsHostRequirementHandler>();
}
