Symmetric keys with jwt has been implemented
This commit is contained in:
@@ -4,10 +4,14 @@ using System.Linq;
|
|||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using System.IdentityModel.Tokens.Jwt;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Text;
|
||||||
|
|
||||||
using JWT;
|
using JWT;
|
||||||
using JWT.Serializers;
|
using JWT.Serializers;
|
||||||
using Microsoft.Extensions.Configuration;
|
using Microsoft.Extensions.Configuration;
|
||||||
|
using Microsoft.IdentityModel.Tokens;
|
||||||
using Newtonsoft.Json;
|
using Newtonsoft.Json;
|
||||||
using Org.BouncyCastle.Crypto;
|
using Org.BouncyCastle.Crypto;
|
||||||
using Org.BouncyCastle.Crypto.Parameters;
|
using Org.BouncyCastle.Crypto.Parameters;
|
||||||
@@ -113,6 +117,40 @@ namespace Icarus.Controllers.Managers
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public LoginResult LoginSymmetric(User user)
|
||||||
|
{
|
||||||
|
var tokenResult = new TokenTierOne();
|
||||||
|
tokenResult.TokenType = "Jwt";
|
||||||
|
|
||||||
|
var payload = Payload();
|
||||||
|
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["JWT:Secret"]));
|
||||||
|
var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||||
|
var token = new JwtSecurityToken(
|
||||||
|
_config["JWT:Issuer"],
|
||||||
|
_config["JWT:Audience"],
|
||||||
|
payload,
|
||||||
|
expires: DateTime.UtcNow.AddMinutes(30),
|
||||||
|
signingCredentials: signIn);
|
||||||
|
|
||||||
|
tokenResult.AccessToken = new JwtSecurityTokenHandler().WriteToken(token);
|
||||||
|
|
||||||
|
var expClaim = payload.FirstOrDefault(cl =>
|
||||||
|
{
|
||||||
|
return cl.Type.Equals("exp");
|
||||||
|
});
|
||||||
|
|
||||||
|
var expiredDate = DateTime.Parse(expClaim.Value);
|
||||||
|
var exp = Math.Floor((expiredDate - DateTime.UnixEpoch).TotalSeconds);
|
||||||
|
tokenResult.Expiration = Convert.ToInt32(exp);
|
||||||
|
|
||||||
|
return new LoginResult
|
||||||
|
{
|
||||||
|
UserID = user.UserID, Username = user.Username, Token = tokenResult.AccessToken,
|
||||||
|
TokenType = tokenResult.TokenType, Expiration = tokenResult.Expiration,
|
||||||
|
Message = "Successfully retrieved token"
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
public bool IsTokenValid(string scope, string accessToken)
|
public bool IsTokenValid(string scope, string accessToken)
|
||||||
{
|
{
|
||||||
var result = false;
|
var result = false;
|
||||||
@@ -201,23 +239,28 @@ namespace Icarus.Controllers.Managers
|
|||||||
|
|
||||||
private List<Claim> Payload()
|
private List<Claim> Payload()
|
||||||
{
|
{
|
||||||
const int expLimit = 24;
|
var expLimit = 30;
|
||||||
var currentDate = DateTime.Now;
|
var currentDate = DateTime.Now;
|
||||||
var expiredDate = currentDate.AddHours(expLimit);
|
var expiredDate = currentDate.AddMinutes(expLimit);
|
||||||
var issued = Math.Floor((currentDate - DateTime.UnixEpoch).TotalSeconds);
|
var issued = Math.Floor((currentDate - DateTime.UnixEpoch).TotalSeconds);
|
||||||
var expires = Math.Floor((expiredDate - DateTime.UnixEpoch).TotalSeconds);
|
var expires = Math.Floor((expiredDate - DateTime.UnixEpoch).TotalSeconds);
|
||||||
var issuer = "https://soaricarus.auth0.com";
|
var issuer = "https://soaricarus.auth0.com";
|
||||||
issuer = "http://localhost:5002";
|
issuer = "http://localhost:5002";
|
||||||
var audience = "https://icarus/api";
|
var audience = "https://icarus/api";
|
||||||
audience = "http://localhost:5002";
|
audience = "http://localhost:5002";
|
||||||
|
var subject = _config["JWT:Subject"];
|
||||||
|
|
||||||
var claim = new List<System.Security.Claims.Claim>()
|
var claim = new List<System.Security.Claims.Claim>()
|
||||||
{
|
{
|
||||||
new System.Security.Claims.Claim("scope", AllScopes(), "string"),
|
new System.Security.Claims.Claim("scope", AllScopes(), "string"),
|
||||||
new System.Security.Claims.Claim("exp", $"{expires}", "integer"),
|
// new System.Security.Claims.Claim("exp", $"{expires}", "integer"),
|
||||||
new System.Security.Claims.Claim("aud", $"{audience}", "string"),
|
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Exp, expiredDate.ToString()),
|
||||||
new System.Security.Claims.Claim("iss", $"{issuer}", "string"),
|
// new System.Security.Claims.Claim("aud", $"{audience}", "string"),
|
||||||
new System.Security.Claims.Claim("iat", $"{issued}", "integer")
|
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Aud, audience),
|
||||||
|
// new System.Security.Claims.Claim("iss", $"{issuer}", "string"),
|
||||||
|
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Iss, issuer),
|
||||||
|
new Claim(JwtRegisteredClaimNames.Sub, subject),
|
||||||
|
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Iat, currentDate.ToString())
|
||||||
};
|
};
|
||||||
|
|
||||||
return claim;
|
return claim;
|
||||||
|
|||||||
@@ -55,6 +55,8 @@ namespace Icarus.Controllers.V1
|
|||||||
Username = user.Username
|
Username = user.Username
|
||||||
};
|
};
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
if (context.Users.FirstOrDefault(usr => usr.Username.Equals(user.Username)) != null)
|
if (context.Users.FirstOrDefault(usr => usr.Username.Equals(user.Username)) != null)
|
||||||
{
|
{
|
||||||
user = context.Users.FirstOrDefault(usr => usr.Username.Equals(user.Username));
|
user = context.Users.FirstOrDefault(usr => usr.Username.Equals(user.Username));
|
||||||
@@ -73,7 +75,8 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
TokenManager tk = new TokenManager(_config);
|
TokenManager tk = new TokenManager(_config);
|
||||||
|
|
||||||
loginRes = tk.LogIn(user);
|
// loginRes = tk.LogIn(user);
|
||||||
|
loginRes = tk.LoginSymmetric(user);
|
||||||
|
|
||||||
return Ok(loginRes);
|
return Ok(loginRes);
|
||||||
}
|
}
|
||||||
@@ -84,6 +87,14 @@ namespace Icarus.Controllers.V1
|
|||||||
return NotFound(loginRes);
|
return NotFound(loginRes);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
_logger.LogError("An error occurred: {0}", ex.Message);
|
||||||
|
_logger.LogError("Inner Exception: {0}", ex.InnerException.Message);
|
||||||
|
}
|
||||||
|
|
||||||
|
return NotFound(loginRes);
|
||||||
|
}
|
||||||
#endregion
|
#endregion
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -20,6 +20,7 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/song/stream")]
|
[Route("api/v1/song/stream")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
|
[Authorize]
|
||||||
public class SongStreamController : BaseController
|
public class SongStreamController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
@@ -46,10 +47,12 @@ namespace Icarus.Controllers.V1
|
|||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
public async Task<IActionResult> Get(int id)
|
public async Task<IActionResult> Get(int id)
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
if (!IsTokenValid("stream:songs"))
|
if (!IsTokenValid("stream:songs"))
|
||||||
{
|
{
|
||||||
return StatusCode(401, "Not allowed");
|
return StatusCode(401, "Not allowed");
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
var context = new SongContext(_config.GetConnectionString("DefaultConnection"));
|
var context = new SongContext(_config.GetConnectionString("DefaultConnection"));
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -95,7 +95,7 @@ namespace Icarus
|
|||||||
services.AddDbContext<GenreContext>(options => options.UseMySQL(connString));
|
services.AddDbContext<GenreContext>(options => options.UseMySQL(connString));
|
||||||
services.AddDbContext<CoverArtContext>(options => options.UseMySQL(connString));
|
services.AddDbContext<CoverArtContext>(options => options.UseMySQL(connString));
|
||||||
|
|
||||||
services.AddAsymmetricAuthentication(Configuration);
|
// services.AddAsymmetricAuthentication(Configuration);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
services.AddTransient<AuthenticationService>(au => new AuthenticationService(new UserService(Configuration), new TokenService(Configuration), Configuration));
|
services.AddTransient<AuthenticationService>(au => new AuthenticationService(new UserService(Configuration), new TokenService(Configuration), Configuration));
|
||||||
|
|||||||
Reference in New Issue
Block a user