This commit is contained in:
@@ -71,80 +71,6 @@ namespace AyaNova.Api.Controllers
|
|||||||
//NOTE: lockout or other login impacting state is processed later in ReturnUserCredsOnSuccessfulAuthentication() because many of those states need to have exceptions once the user is known
|
//NOTE: lockout or other login impacting state is processed later in ReturnUserCredsOnSuccessfulAuthentication() because many of those states need to have exceptions once the user is known
|
||||||
//or return alternate result of auth etc
|
//or return alternate result of auth etc
|
||||||
|
|
||||||
|
|
||||||
#if (DEBUG)
|
|
||||||
|
|
||||||
|
|
||||||
#region TESTING
|
|
||||||
|
|
||||||
//TEST JWT's with various flaws for testing purposes:
|
|
||||||
if (creds.Login == "INTEGRATION_TEST")
|
|
||||||
{
|
|
||||||
|
|
||||||
//build the key (JWT set in startup.cs)
|
|
||||||
byte[] secretKey = System.Text.Encoding.ASCII.GetBytes(ServerBootConfig.AYANOVA_JWT_SECRET);
|
|
||||||
|
|
||||||
//create a new datetime offset of now in utc time
|
|
||||||
var iat = new DateTimeOffset(DateTime.Now.ToUniversalTime(), TimeSpan.Zero);//timespan zero means zero time off utc / specifying this is a UTC datetime
|
|
||||||
var exp = new DateTimeOffset(DateTime.Now.AddDays(30).ToUniversalTime(), TimeSpan.Zero);
|
|
||||||
string Issuer = "ayanova.com";
|
|
||||||
var Algorithm = Jose.JwsAlgorithm.HS256;
|
|
||||||
|
|
||||||
//Pre JWT creation test payloads
|
|
||||||
switch (creds.Password)
|
|
||||||
{
|
|
||||||
case "EXPIRED":
|
|
||||||
exp = new DateTimeOffset(DateTime.Now.AddDays(-30).ToUniversalTime(), TimeSpan.Zero);
|
|
||||||
break;
|
|
||||||
case "WRONG_ISSUER":
|
|
||||||
Issuer = "Bogus";
|
|
||||||
break;
|
|
||||||
case "NO_ALGORITHM":
|
|
||||||
Algorithm = Jose.JwsAlgorithm.none;
|
|
||||||
break;
|
|
||||||
case "WRONG_SECRET":
|
|
||||||
secretKey = System.Text.Encoding.ASCII.GetBytes("xxxxxxThisIsObviouslyWrongxxxxxx");
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
var payload = new Dictionary<string, object>()
|
|
||||||
{
|
|
||||||
//{ "iat", iat.ToUnixTimeSeconds().ToString() },
|
|
||||||
{ "exp", exp.ToUnixTimeSeconds().ToString() },//in payload exp must be in unix epoch time per standard
|
|
||||||
{ "iss", Issuer },
|
|
||||||
{ "id", "1" }
|
|
||||||
};
|
|
||||||
string TestToken = Jose.JWT.Encode(payload, secretKey, Algorithm);
|
|
||||||
|
|
||||||
|
|
||||||
//Post JWT creation test payloads
|
|
||||||
switch (creds.Password)
|
|
||||||
{
|
|
||||||
case "TRUNCATED_SIGNATURE":
|
|
||||||
TestToken = TestToken.Substring(0, TestToken.Length - 3);
|
|
||||||
break;
|
|
||||||
case "TRANSPOSE_SIGNATURE":
|
|
||||||
//Transpose two characters in the signature
|
|
||||||
int len = TestToken.Length;
|
|
||||||
var Transposed = TestToken.Substring(0, len - 5) + TestToken[len - 4] + TestToken[len - 5] + TestToken.Substring(len - 3, 3);
|
|
||||||
TestToken = Transposed;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
return Ok(ApiOkResponse.Response(new
|
|
||||||
{
|
|
||||||
token = TestToken,
|
|
||||||
name = "SuperUser Account - TESTING",
|
|
||||||
roles = "0"
|
|
||||||
}));
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
#endregion testing
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (string.IsNullOrWhiteSpace(creds.Login) || string.IsNullOrWhiteSpace(creds.Password))
|
if (string.IsNullOrWhiteSpace(creds.Login) || string.IsNullOrWhiteSpace(creds.Password))
|
||||||
{
|
{
|
||||||
//Make a failed pw wait
|
//Make a failed pw wait
|
||||||
|
|||||||
Reference in New Issue
Block a user