-
Notifications
You must be signed in to change notification settings - Fork 28
Expand file tree
/
Copy pathIdentityController.cs
More file actions
106 lines (87 loc) · 3.19 KB
/
IdentityController.cs
File metadata and controls
106 lines (87 loc) · 3.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
using System.Net.Mime;
using System.Security.Claims;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using SimpleAuthentication.Auth0;
using SimpleAuthentication.JwtBearer;
namespace SimpleAuthentication.WebApi.Controllers;
[ApiController]
[Route("api/[controller]")]
[Produces(MediaTypeNames.Application.Json)]
public class AuthController : ControllerBase
{
private readonly IJwtBearerService jwtBearerService;
public AuthController(IJwtBearerService jwtBearerService)
{
this.jwtBearerService = jwtBearerService;
}
[HttpPost("login")]
[ProducesResponseType(typeof(LoginResponse), StatusCodes.Status200OK)]
[ProducesDefaultResponseType]
public ActionResult<LoginResponse> Login(LoginRequest loginRequest, DateTime? expiration = null)
{
// Check for login rights...
// Add custom claims (optional).
var claims = new List<Claim>
{
new(ClaimTypes.GivenName, "Marco"),
new(ClaimTypes.Surname, "Minerva")
};
var token = jwtBearerService.CreateToken(loginRequest.UserName, claims, absoluteExpiration: expiration);
return new LoginResponse(token);
}
[HttpPost("validate")]
[ProducesResponseType(typeof(User), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesDefaultResponseType]
public ActionResult<User> Validate(string token, bool validateLifetime = true)
{
var isValid = jwtBearerService.TryValidateToken(token, validateLifetime, out var claimsPrincipal);
if (!isValid)
{
return BadRequest();
}
return new User(claimsPrincipal!.Identity!.Name);
}
[HttpPost("refresh")]
[ProducesResponseType(typeof(LoginResponse), StatusCodes.Status200OK)]
[ProducesDefaultResponseType]
public ActionResult<LoginResponse> Refresh(string token, bool validateLifetime = true, DateTime? expiration = null)
{
var newToken = jwtBearerService.RefreshToken(token, validateLifetime, expiration);
return new LoginResponse(newToken);
}
[HttpPost]
[Route("auth0")]
public LoginResponseAuth0? LoginAuth0([FromServices] IAuth0Service auth0Service)
{
// Check for login rights...
// Add custom claims (optional).
var claims = new List<Claim>
{
new(ClaimTypes.GivenName, "Marco"),
new(ClaimTypes.Surname, "Minerva")
};
var token = auth0Service.ObtainTokenAsync(claims);
return JsonConvert.DeserializeObject<LoginResponseAuth0>(token.Result);
}
}
public record class LoginRequest(string UserName, string Password);
public record class LoginResponse(string Token);
public record class ValidationResponse(bool IsValid, User? User);
public record class LoginResponseAuth0
{
[JsonProperty("access_token")]
public string Token { get; set; }
[JsonProperty("expires_in")]
public int ExpiresIn { get; set; }
[JsonProperty("token_type")]
public string Type { get; set; }
public LoginResponseAuth0(string token, int expiresIn, string type)
{
this.Token = token;
this.ExpiresIn = expiresIn;
this.Type = type;
}
}