public AuthListOutputList GetAuthList(AuthList model) { var query = ""; var list = new AuthListOutputList(); try { var os = new OSRepository(); var osId = os.GetOSbyId(model.OsId); query += "SELECT Distinct"; query += " a.nid_autorizacion, "; query += " CNRO_AUTORIZACION, "; query += " DFEC_AUTORIZACION, "; query += " NNRO_PRE, "; query += " CNOM_AFILIADO, "; query += " NNRO_AFILIADO, "; query += " (select LISTAGG(ccodprest, ',') WITHIN GROUP(ORDER BY ccodprest ) from autorizaciones_detalle AD1 where AD1.nid_autorizacion = ad.nid_autorizacion) AS Prestacion,"; query += " (select count(*) from autorizaciones_detalle AD1 where AD1.nid_autorizacion = ad.nid_autorizacion) as NCantidad, "; query += " A.ESTADO_AUTORIZACION, "; query += " NVL(A.CCOD_ANULACION, '') as CCOD_ANULACION, "; query += " NVL(PRESENTACIONID, '') as PRESENTACIONID, "; query += " NVL(A.MODOTIPO,'M') as MODOTIPO "; query += " FROM AUTORIZACIONES A "; query += " inner join autorizaciones_detalle AD on a.nid_autorizacion = ad.nid_autorizacion "; query += " inner join prestador P on A.IDPRE = P.IDPRE "; query += " WHERE A.IDPRE = " + model.PrestadorId + " AND A.NCODOSOC = " + osId + " AND DFEC_AUTORIZACION >= TO_DATE('" + model.Desde + "', 'DD/MM/YYYY') AND DFEC_AUTORIZACION <= TO_DATE('" + model.Hasta + "', 'DD/MM/YYYY HH24:MI') "; query += " Order by DFEC_AUTORIZACION DESC, a.nid_autorizacion Desc "; var c = new Connection(); var dt = c.Query(query); foreach (DataRow dr in dt.Rows) { var strFech = dr.ItemArray[2].ToString(); var index = strFech.IndexOf(' '); var banda = dr.ItemArray[11].ToString().Trim() == "B" ? " (B)" : ""; var auth = new AuthListOutput { Id = Convert.ToInt32(dr.ItemArray[0]), AuthNr = (dr.ItemArray[9].ToString().Trim() != "" ? dr.ItemArray[9].ToString() : dr.ItemArray[1].ToString()) + banda, // dr.ItemArray[9]. = Cod Anulacion; dr.ItemArray[1]= Cod Autorizacion Fecha = (index > 0 ? strFech.Substring(0, index).Trim() : strFech.Trim()), Matricula = dr.ItemArray[3].ToString(), Afiliado = dr.ItemArray[4].ToString(), AfiNr = dr.ItemArray[5].ToString(), Prestacion = dr.ItemArray[6].ToString(), Cant = dr.ItemArray[7].ToString(), Estado = dr.ItemArray[8].ToString(), Presentado = dr.ItemArray[8].ToString().Trim() != "" }; list.List.Add(auth); } } catch (Exception ex) { list.SetError(GetType().Name, GetMethod.ErrorLine(ex), ex.Message, ex.InnerException?.ToString() ?? "", model, query); } return(list); }
public bool Check(string uri,string authorization,ref string authName) { //�F���X�g var authList = new AuthList((Dat)_conf.Get("authList")); //�F���X�g�Ƀq�b�g���Ă��邩�ǂ����̊m�F var oneAuth = authList.Search(uri); if (oneAuth == null) return true;//�F���X�g�Ƀq�b�g�Ȃ� //���M����Ă����F�؏��i���[�U�{�p�X���[�h�j�̎擾 var user = ""; var pass = ""; if (!CheckHeader(authorization, ref user, ref pass)) goto err; //�F���X�g�iAuthList�j�ɓ��Y���[�U�̒�`�����݂��邩�ǂ��� if (!oneAuth.Seartch(user)) { var find = false;//�O���[�v���X�g���烆�[�U�������ł��邩�ǂ��� //�F���X�g�Œ��ڃ��[�U����������Ȃ������ꍇ�A�O���[�v���X�g��������� //�O���[�v���X�g var groupList = new GroupList((Dat)_conf.Get("groupList")); foreach (OneGroup o in groupList){ if (!oneAuth.Seartch(o.Group)) continue; if (!o.Seartch(user)) continue; find = true;//�ꉞ���[�U�Ƃ��ĔF�߂��Ă��� break; } if (!find) { _logger.Set(LogKind.Secure,null,6, string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i�F���X�g�ɒ�`����Ă��Ȃ����[�U����̃A�N�Z�X�ł��j"; goto err; } } //�p�X���[�h�̊m�F var userList = new UserList((Dat)_conf.Get("userList")); var oneUser = userList.Search(user); if (oneUser == null) { //���[�U���X�g�ɏ���݂��Ȃ� _logger.Set(LogKind.Secure,null,7,string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i���[�U���X�g�ɓ��Y���[�U�̏����܂���j"; } else { if (oneUser.Pass == pass) {//�p�X���[�h��v _logger.Set(LogKind.Detail,null, 8,string.Format("Authrization success user:{0} pass:{1}", user, pass));//�F�ؐ��� return true; } //�p�X���[�h�s��v _logger.Set(LogKind.Secure,null,9,string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i�p�X���[�h���Ⴂ�܂��j"; } err: authName = oneAuth.AuthName; return false;//�F�G���[���� }
///<summary>Processes an authentication query.</summary> ///<param name="Query">The query to process.</param> private void ProcessQuery(byte [] Query) { try { string User = Encoding.ASCII.GetString(Query, 2, Query[1]); string Pass = Encoding.ASCII.GetString(Query, Query[1] + 3, Query[Query[1] + 2]); byte [] ToSend; if (AuthList == null || AuthList.IsItemPresent(User, Pass)) { ToSend = new byte[] { 5, 0 }; Connection.BeginSend(ToSend, 0, ToSend.Length, SocketFlags.None, new AsyncCallback(this.OnOkSent), Connection); } else { ToSend = new Byte[] { 5, 1 }; Connection.BeginSend(ToSend, 0, ToSend.Length, SocketFlags.None, new AsyncCallback(this.OnUhohSent), Connection); } } catch { Callback(false); } }
///<summary>Processes an authentication query.</summary> ///<param name="Query">The query to process.</param> private async void ProcessQuery(byte[] Query) { try { string User = Encoding.ASCII.GetString(Query, 2, Query[1]); string Pass = Encoding.ASCII.GetString(Query, Query[1] + 3, Query[Query[1] + 2]); byte[] ToSend; if (AuthList == null || AuthList.IsItemPresent(User, Pass)) { ToSend = new byte[] { 5, 0 }; await Connection.SendAsync(ToSend, this.OnOkSent); } else { ToSend = new Byte[] { 5, 1 }; await Connection.SendAsync(ToSend, this.OnUhohSent); } } catch (Exception ex) { Console.WriteLine("[WARN] " + ex.Message + "\r\n" + ex.StackTrace); Callback(this.Connection, false); } }
public void RemoveUser(string username) { AuthList.RemoveItem(username); }
public void AddUser(string username, string password) { AuthList.AddItem(username, password); }
public bool Check(string uri, string authorization, ref string authName) { //�F���X�g var authList = new AuthList((Dat)_conf.Get("authList")); //�F���X�g�Ƀq�b�g���Ă��邩�ǂ����̊m�F var oneAuth = authList.Search(uri); if (oneAuth == null) { return(true);//�F���X�g�Ƀq�b�g�Ȃ� } //���M����Ă����F�؏��i���[�U�{�p�X���[�h�j�̎擾 var user = ""; var pass = ""; if (!CheckHeader(authorization, ref user, ref pass)) { goto err; } //�F���X�g�iAuthList�j�ɓ��Y���[�U�̒�`�����݂��邩�ǂ��� if (!oneAuth.Seartch(user)) { var find = false;//�O���[�v���X�g���烆�[�U�������ł��邩�ǂ��� //�F���X�g�Œ��ڃ��[�U����������Ȃ������ꍇ�A�O���[�v���X�g��������� //�O���[�v���X�g var groupList = new GroupList((Dat)_conf.Get("groupList")); foreach (OneGroup o in groupList) { if (!oneAuth.Seartch(o.Group)) { continue; } if (!o.Seartch(user)) { continue; } find = true;//�ꉞ���[�U�Ƃ��ĔF�߂��Ă��� break; } if (!find) { _logger.Set(LogKind.Secure, null, 6, string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i�F���X�g�ɒ�`����Ă��Ȃ����[�U����̃A�N�Z�X�ł��j"; goto err; } } //�p�X���[�h�̊m�F var userList = new UserList((Dat)_conf.Get("userList")); var oneUser = userList.Search(user); if (oneUser == null) { //���[�U���X�g�ɏ���݂��Ȃ� _logger.Set(LogKind.Secure, null, 7, string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i���[�U���X�g�ɓ��Y���[�U�̏����܂���j"; } else { if (oneUser.Pass == pass) //�p�X���[�h��v { _logger.Set(LogKind.Detail, null, 8, string.Format("Authrization success user:{0} pass:{1}", user, pass)); //�F�ؐ��� return(true); } //�p�X���[�h�s��v _logger.Set(LogKind.Secure, null, 9, string.Format("user:{0} pass:{1}", user, pass));//�F�G���[�i�p�X���[�h���Ⴂ�܂��j"; } err: authName = oneAuth.AuthName; return(false);//�F�G���[���� }
public void OnAuthenticateRequest(object source, EventArgs eventArgs) { HttpApplication app = (HttpApplication)source; if (PathOfExtraUsersFile == String.Empty) { string extraUsersFile = ConfigurationSettings.AppSettings["Digest.Samples.DigestAuthenticationModule_ExtraUsersFiles"]; PathOfExtraUsersFile = app.Request.MapPath(extraUsersFile); } try { byte[] bytes = new byte[app.Request.InputStream.Length]; app.Request.InputStream.Read(bytes, 0, bytes.Length); app.Request.InputStream.Position = 0; string content = Encoding.ASCII.GetString(bytes); XmlDocument doc = new XmlDocument(); doc.LoadXml(content); XmlNamespaceManager manager = new XmlNamespaceManager(doc.NameTable); manager.AddNamespace("s", "http://www.w3.org/2003/05/soap-envelope"); XmlNode node = doc.SelectSingleNode("/s:Envelope/s:Body", manager); if (node != null && node.ChildNodes.Count > 0) { XmlNode requestNode = node.ChildNodes[0]; if (requestNode.NamespaceURI.ToLower() == "http://www.onvif.org/ver10/device/wsdl") { if (PRE_AUTH == null) { PRE_AUTH = LoadPublicMethods(app); } if (AuthList == null) { AuthList = LoadLocalPublicMethods(app); } if (PRE_AUTH.Contains(requestNode.Name) || AuthList.Contains(requestNode.Name)) { app.Context.User = new GenericPrincipal(new GenericIdentity("public", "Rassoc.Samples.Digest"), new string[] { "public" }); return; } } } } catch (Exception exc) { throw exc; } string authStr = app.Request.Headers["Authorization"]; if (authStr == null || authStr.Length == 0) { // No credentials; anonymous request return; } authStr = authStr.Trim(); if (authStr.IndexOf("Digest", 0) != 0) { // Don't understand this header...we'll pass it along and // assume someone else will handle it return; } authStr = authStr.Substring(7); ListDictionary reqInfo = new ListDictionary(); string[] elems = authStr.Split(new char[] { ',' }); foreach (string elem in elems) { // form key="value" string[] parts = elem.Split(new char[] { '=' }, 2); string key = parts[0].Trim(new char[] { ' ', '\"' }); string val = parts[1].Trim(new char[] { ' ', '\"' }); reqInfo.Add(key, val); } string username = (string)reqInfo["username"]; string password = ""; string[] roles; bool bOk = GetPasswordAndRoles(app, username, out password, out roles); if (!bOk) { // Invalid username; deny access DenyAccess(app); return; } string realm = ConfigurationSettings.AppSettings["Rassoc.Samples.DigestAuthenticationModule_Realm"]; // calculate the Digest hashes // A1 = unq(username-value) ":" unq(realm-value) ":" passwd string A1 = String.Format("{0}:{1}:{2}", (string)reqInfo["username"], realm, password); System.Diagnostics.Debug.WriteLine(string.Format("A1: {0}", A1)); // H(A1) = MD5(A1) string HA1 = GetMD5HashBinHex(A1); System.Diagnostics.Debug.WriteLine(string.Format("HA1: {0}", HA1)); // A2 = Method ":" digest-uri-value string A2 = String.Format("{0}:{1}", app.Request.HttpMethod, (string)reqInfo["uri"]); System.Diagnostics.Debug.WriteLine(string.Format("A2: {0}", A2)); // H(A2) string HA2 = GetMD5HashBinHex(A2); System.Diagnostics.Debug.WriteLine(string.Format("HA2: {0}", HA2)); // KD(secret, data) = H(concat(secret, ":", data)) // if qop == auth: // request-digest = <"> < KD ( H(A1), unq(nonce-value) // ":" nc-value // ":" unq(cnonce-value) // ":" unq(qop-value) // ":" H(A2) // ) <"> // if qop is missing, // request-digest = <"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) > <"> string unhashedDigest; if (reqInfo["qop"] != null) { unhashedDigest = String.Format("{0}:{1}:{2}:{3}:{4}:{5}", HA1, (string)reqInfo["nonce"], (string)reqInfo["nc"], (string)reqInfo["cnonce"], (string)reqInfo["qop"], HA2); } else { unhashedDigest = String.Format("{0}:{1}:{2}", HA1, (string)reqInfo["nonce"], HA2); } System.Diagnostics.Debug.WriteLine(string.Format("unhashedDigest: {0}", unhashedDigest)); string hashedDigest = GetMD5HashBinHex(unhashedDigest); System.Diagnostics.Debug.WriteLine(string.Format("hashedDigest: {0}", hashedDigest)); bool isNonceStale = !IsValidNonce((string)reqInfo["nonce"]); app.Context.Items["staleNonce"] = isNonceStale; bool realmPresent = reqInfo.Contains("realm"); if (((string)reqInfo["response"] == hashedDigest) && (!isNonceStale) && (realmPresent)) { if ((string)reqInfo["nc"] == "00000003") { string nextNonce = ""; nextNonce = nextNonce + "nextnonce=\""; nextNonce = nextNonce + GetCurrentNonce(); nextNonce = nextNonce + "\""; app.Response.AddHeader("Authentication-Info", nextNonce); } app.Context.User = new GenericPrincipal(new GenericIdentity(username, "Rassoc.Samples.Digest"), roles); } else { // Invalid credentials or stale nonce; deny access DenyAccess(app); return; } }