Saving changes
Using asymmetric validation
This commit is contained in:
@@ -0,0 +1,31 @@
|
||||
// using JwtAuthentication.Shared.Models;
|
||||
// using JwtAuthentication.Shared.Services;
|
||||
using Icarus;
|
||||
using Icarus.Repositories;
|
||||
using Icarus.Models.Shared;
|
||||
using Icarus.Services;
|
||||
|
||||
namespace Icarus.Services
|
||||
{
|
||||
public class AuthenticationService
|
||||
{
|
||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
||||
private readonly UserService userService;
|
||||
private readonly TokenService tokenService;
|
||||
|
||||
public AuthenticationService(UserService userService, TokenService tokenService, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
||||
{
|
||||
this.userService = userService;
|
||||
this.tokenService = tokenService;
|
||||
this._configuration = configuration;
|
||||
}
|
||||
|
||||
public string Authenticate(UserCredentials userCredentials)
|
||||
{
|
||||
userService.ValidateCredentials(userCredentials);
|
||||
string securityToken = tokenService.GetToken(userCredentials.Username);
|
||||
|
||||
return securityToken;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
// using JwtAuthentication.AsymmetricEncryption.Certificates;
|
||||
using Icarus;
|
||||
using Icarus.Repositories;
|
||||
using Icarus.Models.Shared;
|
||||
// using JwtAuthentication.Shared;
|
||||
// using JwtAuthentication.Shared.Models;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
|
||||
namespace Icarus.Services
|
||||
{
|
||||
public class TokenService
|
||||
{
|
||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
||||
private readonly UserRepository userRepository;
|
||||
private readonly SigningAudienceCertificate signingAudienceCertificate;
|
||||
private string _publickKeyPath = string.Empty;
|
||||
|
||||
/**
|
||||
public TokenService(UserRepository userRepository)
|
||||
{
|
||||
this.userRepository = userRepository;
|
||||
signingAudienceCertificate = new SigningAudienceCertificate();
|
||||
}
|
||||
*/
|
||||
|
||||
public TokenService(UserRepository userRepository, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
||||
{
|
||||
this._configuration = configuration;
|
||||
this.userRepository = userRepository;
|
||||
signingAudienceCertificate = new SigningAudienceCertificate();
|
||||
_publickKeyPath = configuration["RSAKeys:PublicKeyPath"];
|
||||
}
|
||||
|
||||
public string GetToken(string username)
|
||||
{
|
||||
var user = userRepository.GetUser(username);
|
||||
SecurityTokenDescriptor tokenDescriptor = GetTokenDescriptor(user);
|
||||
|
||||
var tokenHandler = new JwtSecurityTokenHandler();
|
||||
SecurityToken securityToken = tokenHandler.CreateToken(tokenDescriptor);
|
||||
string token = tokenHandler.WriteToken(securityToken);
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
private SecurityTokenDescriptor GetTokenDescriptor(Icarus.Models.User user)
|
||||
{
|
||||
const int expiringDays = 7;
|
||||
|
||||
var tokenDescriptor = new SecurityTokenDescriptor
|
||||
{
|
||||
Subject = new ClaimsIdentity(user.Claims()),
|
||||
Expires = DateTime.UtcNow.AddDays(expiringDays),
|
||||
SigningCredentials = signingAudienceCertificate.GetAudienceSigningKey(_publickKeyPath)
|
||||
};
|
||||
|
||||
return tokenDescriptor;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,38 @@
|
||||
// using JwtAuthentication.Shared.Exceptions;
|
||||
// using JwtAuthentication.Shared.Models;
|
||||
using Icarus.Exceptions;
|
||||
using Icarus.Models.Shared;
|
||||
using Icarus.Services;
|
||||
using Icarus.Repositories;
|
||||
|
||||
namespace Icarus.Services
|
||||
{
|
||||
public class UserService
|
||||
{
|
||||
private Microsoft.Extensions.Configuration.IConfiguration _configuration;
|
||||
private readonly UserRepository userRepository;
|
||||
|
||||
public UserService(UserRepository userRepository, Microsoft.Extensions.Configuration.IConfiguration configuration)
|
||||
{
|
||||
this._configuration = configuration;
|
||||
this.userRepository = userRepository;
|
||||
}
|
||||
|
||||
public void ValidateCredentials(UserCredentials userCredentials)
|
||||
{
|
||||
Icarus.Models.User user = userRepository.GetUser(userCredentials.Username);
|
||||
bool isValid = user != null && AreValidCredentials(userCredentials, user);
|
||||
|
||||
if (!isValid)
|
||||
{
|
||||
throw new InvalidCredentialsException();
|
||||
}
|
||||
}
|
||||
|
||||
private static bool AreValidCredentials(UserCredentials userCredentials, Icarus.Models.User user)
|
||||
{
|
||||
return user.Username == userCredentials.Username &&
|
||||
user.Password == userCredentials.Password;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user