IME-LONDON
/
MOBILE_API
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 Commits
3 Branches
0 Tags
4.7 MiB
Tree: cbf186c293
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cbf186c293'
${ noResults }
MOBILE_API/JsonRx/Helper/JwtValidationHandler.cs

83 lines
3.5 KiB
Raw Normal View History

First commit
1 year ago
  1. using Microsoft.IdentityModel.Tokens;
  2. using System;
  3. using System.Collections.Generic;
  4. using System.IdentityModel.Tokens.Jwt;
  5. using System.Linq;
  6. using System.Net;
  7. using System.Net.Http;
  8. using System.Threading;
  9. using System.Threading.Tasks;
  10. using System.Web;
  12. namespace JsonRx.Helper
  13. {
  14. internal class JwtValidationHandler : DelegatingHandler
  15. {
  16. private static bool TryRetrieveToken(HttpRequestMessage request, out string token)
  17. {
  18. token = null;
  19. IEnumerable<string> authzHeaders;
  20. if (!request.Headers.TryGetValues("Authorization", out authzHeaders) || authzHeaders.Count() > 1)
  21. {
  22. return false;
  23. }
  24. var bearerToken = authzHeaders.ElementAt(0);
  25. token = bearerToken.StartsWith("Bearer ") ? bearerToken.Substring(7) : bearerToken;
  26. return true;
  27. }
  29. protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
  30. {
  31. HttpStatusCode statusCode;
  32. string token;
  33. //determine whether a jwt exists or not
  34. if (!TryRetrieveToken(request, out token))
  35. {
  36. statusCode = HttpStatusCode.Unauthorized;
  37. //allow requests with no token - whether a action method needs an authentication can be set with the claimsauthorization attribute
  38. return base.SendAsync(request, cancellationToken);
  39. }
  41. try
  42. {
  43. const string sec = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
  44. var now = DateTime.UtcNow;
  45. var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
  47. SecurityToken securityToken;
  48. JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
  49. TokenValidationParameters validationParameters = new TokenValidationParameters()
  50. {
  51. ValidAudience = "http://localhost:50191",
  52. ValidIssuer = "http://localhost:50191",
  53. ValidateLifetime = true,
  54. ValidateIssuerSigningKey = true,
  55. LifetimeValidator = this.LifetimeValidator,
  56. IssuerSigningKey = securityKey
  57. };
  58. //extract and assign the user of the jwt
  59. Thread.CurrentPrincipal = handler.ValidateToken(token, validationParameters, out securityToken);
  60. HttpContext.Current.User = handler.ValidateToken(token, validationParameters, out securityToken);
  62. return base.SendAsync(request, cancellationToken);
  63. }
  64. catch (SecurityTokenValidationException e)
  65. {
  66. statusCode = HttpStatusCode.Unauthorized;
  67. }
  68. catch (Exception ex)
  69. {
  70. statusCode = HttpStatusCode.InternalServerError;
  71. }
  72. return Task<HttpResponseMessage>.Factory.StartNew(() => new HttpResponseMessage(statusCode) { });
  73. }
  75. public bool LifetimeValidator(DateTime? notBefore, DateTime? expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
  76. {
  77. if (expires != null)
  78. {
  79. if (DateTime.UtcNow < expires) return true;
  80. }
  81. return false;
  82. }
  83. }
  84. }