Auth optimization
This commit is contained in:
Andre Beging
@@ -1,133 +0,0 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
namespace FoodsharingSiegen.Server.Auth
|
||||
{
|
||||
/// <summary>
|
||||
/// The auth helper class (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
public static class AuthHelper
|
||||
{
|
||||
#region Public Method Decrypt
|
||||
|
||||
/// <summary>
|
||||
/// Decrypts the crypted text (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
/// <param name="cryptedText">The crypted text</param>
|
||||
/// <returns>The string</returns>
|
||||
public static string Decrypt(string cryptedText)
|
||||
{
|
||||
CreateAlgorithm(out var tripleDes);
|
||||
|
||||
var toEncryptArray = Convert.FromBase64String(cryptedText);
|
||||
|
||||
|
||||
|
||||
var cTransform = tripleDes.CreateDecryptor();
|
||||
var resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
|
||||
|
||||
tripleDes.Clear();
|
||||
|
||||
return Encoding.UTF8.GetString(resultArray);
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Public Method Encrypt
|
||||
|
||||
/// <summary>
|
||||
/// Encrypts the plain text (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
/// <param name="plainText">The plain text</param>
|
||||
/// <returns>The string</returns>
|
||||
public static string Encrypt(string plainText)
|
||||
{
|
||||
CreateAlgorithm(out var tripleDes);
|
||||
|
||||
var toEncryptArray = Encoding.UTF8.GetBytes(plainText );
|
||||
|
||||
|
||||
|
||||
var cTransform = tripleDes.CreateEncryptor();
|
||||
|
||||
var resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
|
||||
|
||||
tripleDes.Clear();
|
||||
|
||||
return Convert.ToBase64String(resultArray, 0, resultArray.Length);
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Public Method GetSigningKey
|
||||
|
||||
/// <summary>
|
||||
/// Gets the signing key (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
/// <returns>The security key</returns>
|
||||
public static SecurityKey GetSigningKey() => new SymmetricSecurityKey(Encoding.ASCII.GetBytes(SigningKey));
|
||||
|
||||
#endregion
|
||||
|
||||
#region Public Method ValidateToken
|
||||
|
||||
/// <summary>
|
||||
/// Validates the token using the specified token (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
/// <param name="token">The token</param>
|
||||
/// <returns>A task containing the bool</returns>
|
||||
public static async Task<bool> ValidateToken(string? token)
|
||||
{
|
||||
try
|
||||
{
|
||||
var tokenHandler = new JwtSecurityTokenHandler();
|
||||
var result = await tokenHandler.ValidateTokenAsync(token, new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = GetSigningKey(),
|
||||
|
||||
ValidateAudience = true,
|
||||
ValidAudience = "FS-Siegen",
|
||||
|
||||
ValidateIssuer = true,
|
||||
ValidIssuer = "FS-Siegen"
|
||||
});
|
||||
|
||||
return result.IsValid;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Private Method CreateAlgorithm
|
||||
|
||||
/// <summary>
|
||||
/// Creates the algorithm using the specified triple des (a. beging, 04.04.2022)
|
||||
/// </summary>
|
||||
/// <param name="tripleDes">The triple des</param>
|
||||
private static void CreateAlgorithm(out TripleDES tripleDes)
|
||||
{
|
||||
var md5 = MD5.Create();
|
||||
var keyArray = md5.ComputeHash(Encoding.UTF8.GetBytes(SigningKey));
|
||||
md5.Clear();
|
||||
|
||||
tripleDes = TripleDES.Create();
|
||||
tripleDes.Key = keyArray;
|
||||
tripleDes.Mode = CipherMode.ECB;
|
||||
tripleDes.Padding = PaddingMode.PKCS7;
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
/// <summary>
|
||||
/// The signing key
|
||||
/// </summary>
|
||||
public const string SigningKey = "2uasw2§$%1nd47n9s43&%Zs3529s23&/%AW";
|
||||
}
|
||||
}
|
||||
@@ -5,6 +5,7 @@ using FoodsharingSiegen.Contracts.Entity;
|
||||
using FoodsharingSiegen.Server.Data;
|
||||
using FoodsharingSiegen.Server.Data.Service;
|
||||
using FoodsharingSiegen.Server.Service;
|
||||
using FoodsharingSiegen.Shared.Helper;
|
||||
using Microsoft.AspNetCore.Components.Authorization;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
@@ -92,25 +93,7 @@ namespace FoodsharingSiegen.Server.Auth
|
||||
|
||||
if (User != null)
|
||||
{
|
||||
|
||||
|
||||
// Daten korrekt
|
||||
var tokenHandler = new JwtSecurityTokenHandler();
|
||||
var tokenDescriptor = new SecurityTokenDescriptor
|
||||
{
|
||||
Subject = new ClaimsIdentity(new[]
|
||||
{
|
||||
new Claim(ClaimTypes.NameIdentifier, User.Id.ToString()),
|
||||
}),
|
||||
Expires = DateTime.UtcNow.AddDays(30),
|
||||
Issuer = "FS-Siegen",
|
||||
Audience = "FS-Siegen",
|
||||
SigningCredentials = new SigningCredentials(AuthHelper.GetSigningKey(), SecurityAlgorithms.HmacSha256Signature)
|
||||
};
|
||||
|
||||
var token = tokenHandler.CreateToken(tokenDescriptor);
|
||||
var serializedToken = tokenHandler.WriteToken(token);
|
||||
|
||||
var serializedToken = AuthHelper.CreateToken(User.Id);
|
||||
await _localStorageService.SetItem(StorageKeys.TokenKey, serializedToken);
|
||||
|
||||
return new OperationResult();
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using System.Security.Claims;
|
||||
using FoodsharingSiegen.Contracts;
|
||||
using FoodsharingSiegen.Server.Auth;
|
||||
using FoodsharingSiegen.Shared.Helper;
|
||||
using Microsoft.AspNetCore.Components.Authorization;
|
||||
|
||||
namespace FoodsharingSiegen.Server.Service
|
||||
|
||||
Reference in New Issue
Block a user