robin.thoni
/
nuget-3ie
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 Commity
5 Gałęzie
Drzewo: 084b8b8277
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '084b8b8277'
${ noResults }
nuget-3ie/Authentication/Business/JWT/TokenValidationHandler.cs

TokenValidationHandler.cs 4.2KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106 
  1. using System;

  2. using System.IdentityModel.Tokens;

  3. using System.Linq;

  4. using System.Net;

  5. using System.Net.Http;

  6. using System.Security.Claims;

  7. using System.ServiceModel.Security.Tokens;

  8. using System.Threading;

  9. using System.Threading.Tasks;

  10. using iiie.Authentication.DBO;

  11. 

  12. namespace iiie.Authentication.Business.JWT

  13. {

  14.     /// <summary>

  15.     /// Handler for token authentication

  16.     /// </summary>

  17.     public class TokenValidationHandler : DelegatingHandler

  18.     {

  19.         /// <summary>

  20.         /// Gets the token from the HTTP AUthorization header

  21.         /// </summary>

  22.         /// <param name="request">The HTTP request</param>

  23.         /// <param name="token">The variable to store the token</param>

  24.         /// <returns>True if the token has been found, false otherwise</returns>

  25.         private static bool TryRetrieveToken(HttpRequestMessage request, out string token)

  26.         {

  27.             token = null;

  28.             var auth = request.Headers.Authorization;

  29.             if (auth == null || auth.Scheme != "Bearer")

  30.                 return false;

  31.             token = auth.Parameter;

  32.             return true;

  33.         }

  34. 

  35.         /// <summary>

  36.         /// Contructs a user dbo from the specified username and salt

  37.         /// </summary>

  38.         /// <param name="username">The username of the verified token</param>

  39.         /// <param name="salt">The salt in the token</param>

  40.         /// <returns>The user dbo, or null if user is not valid</returns>

  41.         protected abstract UserDboAuth GetUserDbo(string username, string salt);

  42. 

  43.         /// <summary>

  44.         /// Attempts to verify user token

  45.         /// </summary>

  46.         /// <param name="request">The HTTP request</param>

  47.         /// <param name="cancellationToken">Token used for cancelation</param>

  48.         /// <returns>The HTTP response</returns>

  49.         protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)

  50.         {

  51.             HttpStatusCode statusCode;

  52.             string token;

  53. 

  54.             if (!TryRetrieveToken(request, out token))

  55.             {

  56.                 return base.SendAsync(request, cancellationToken);

  57.             }

  58. 

  59.             try

  60.             {

  61.                 JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler

  62.                 {

  63.                     Configuration = new SecurityTokenHandlerConfiguration()

  64.                     {

  65.                         MaxClockSkew = new TimeSpan(0, 1, 0)

  66.                     }

  67.                 };

  68. 

  69.                 var stringValidator = AuthProvider.Instance.GetValidatorString();

  70.                 TokenValidationParameters validationParameters = new TokenValidationParameters()

  71.                 {

  72.                     RequireSignedTokens = true,

  73.                     RequireExpirationTime = true,

  74.                     ValidAudience = stringValidator,

  75.                     ValidateIssuerSigningKey = true,

  76.                     ValidIssuer = "urn:" + stringValidator,

  77.                     IssuerSigningToken = new BinarySecretSecurityToken(Convert.FromBase64String(AuthProvider.Instance.GetCredentialKey()))

  78.                 };

  79. 

  80.                 SecurityToken validateToken;

  81.                 ClaimsPrincipal claim = tokenHandler.ValidateToken(token, validationParameters, out validateToken);

  82.                 Thread.CurrentPrincipal = claim;

  83. 

  84.                 var name = ((ClaimsIdentity)claim.Identity).Claims.FirstOrDefault(x => x.Type == ClaimTypes.Name);

  85.                 var salt = ((ClaimsIdentity)claim.Identity).Claims.FirstOrDefault(x => x.Type == ClaimTypes.Authentication);

  86. 

  87.                 if (name == null || salt == null)

  88.                     statusCode = HttpStatusCode.Unauthorized;

  89.                 else

  90.                 {

  91.                     var user = GetUserDbo(name.Value, salt.Value);

  92.                     if (user == null)

  93.                         statusCode = HttpStatusCode.Unauthorized;

  94.                     else

  95.                         return base.SendAsync(request, cancellationToken);

  96.                 }

  97.             }

  98.             catch (Exception e)

  99.             {

  100.                 statusCode = HttpStatusCode.Unauthorized;

  101.             }

  102.             return Task<HttpResponseMessage>.Factory.StartNew(() =>

  103.                new HttpResponseMessage(statusCode), cancellationToken);

  104.         }

  105.     }

  106. }