Beispiel #1
0
        public Contracts.ApiSession login(Stream input)
        {
            Core.ApiSession coreApiSession = null;
            Contracts.ApiSession contractApiSession = new Contracts.ApiSession();
            string body = new StreamReader(input).ReadToEnd();
            NameValueCollection postVars = HttpUtility.ParseQueryString(body);

            // Determine which kind of login attempt we have
            if (!postVars.AllKeys.Contains("api_key"))
            {
                throw new BadRequestException("Parameter api_key is required.");
            }
            try
            {

                // If username is passed
                if (postVars.AllKeys.Contains("username"))
                {
                    if (!postVars.AllKeys.Contains("password"))
                    {
                        throw new BadRequestException("Parameter password is required for username authentication.");
                    }

                    // Do a normal Arena API login
                    var api = new Arena.Services.ArenaAPI();
                    input.Seek(0, SeekOrigin.Begin);
                    coreApiSession = api.Login(input);

                    // Test scenario for authenticating with device id
                    /*coreApiSession.DateExpires = DateTime.Now.AddMinutes(1);
                    coreApiSession.Save(postVars["username"]);*/

                    // If we have a device id, register this device and issue a key for it
                    if (postVars.AllKeys.Contains("device_id"))
                    {
                        // First check to see if this device id is already associated with your account
                        Device device = new Device(postVars["device_id"]);
                        if (device.AuthDeviceId > 0)
                        {
                            // Make sure this device is owned by the current person
                            if (device.PersonId != coreApiSession.CurrentPerson.PersonID)
                            {
                                // Delete the old one and create a new one
                                device.Delete();
                                device = new Device();
                                device.PersonId = coreApiSession.CurrentPerson.PersonID;
                            }
                            // Generate a new guid
                            device.DeviceKey = Guid.NewGuid();
                        }
                        else
                        {
                            device.PersonId = coreApiSession.CurrentPerson.PersonID;
                        }
                        device.DeviceId = postVars["device_id"];
                        device.DeviceName = postVars["device_name"];
                        device.LoginId = postVars["username"];
                        device.LastLogin = DateTime.Now;
                        device.Save(postVars["username"]);
                        device.Active = true;
                        contractApiSession.DeviceKey = device.DeviceKey;
                    }
                }

                // Do device authentication
                if (postVars.AllKeys.Contains("device_key"))
                {
                    // First validate the API key
                    ApiApplication apiApp = new ApiApplication(new Guid(postVars["api_key"]));
                    if (apiApp.ApplicationId <= 0)
                    {
                        throw new AuthenticationException("Invalid api_key for device key authentication.");
                    }

                    // Now validatate the device key
                    Device device = new Device(new Guid(postVars["device_key"]));
                    if (device.Active==false || device.AuthDeviceId <= 0 || device.DeviceId != postVars["device_id"])
                    {
                        throw new AuthenticationException("Invalid device id/key pair.");
                    }

                    // Setup the API Session and save it
                    coreApiSession = new Arena.Core.ApiSession();
                    coreApiSession.SetupSession(device.Person, apiApp.ApiSecret, device.LoginId, apiApp);

                    // Test scenario for authenticating with device id
                    /*coreApiSession.DateExpires = DateTime.Now.AddMinutes(1);
                    coreApiSession.Save(device.LoginId);*/

                    // Update the Last Login time for the device
                    device.LastLogin = DateTime.Now;
                    // Generate a new guid
                    device.DeviceKey = Guid.NewGuid();
                    device.Save(device.LoginId);

                    // Update the API Session that we are returning
                    contractApiSession.DeviceKey = device.DeviceKey;
                    contractApiSession.SessionID = coreApiSession.SessionID;
                    contractApiSession.DateExpires = coreApiSession.DateExpires;
                }

            } catch (Exception e)
            {
                throw new AuthenticationException(e.Message);
            }

            Arena.Core.ApiSession.SetSession(coreApiSession);

            // Copy the values for mapping back to the custom contract
            contractApiSession.SessionID = coreApiSession.SessionID;
            contractApiSession.DateExpires = coreApiSession.DateExpires;
            return contractApiSession;
        }
Beispiel #2
0
        public Contracts.ApiSession login(Stream input)
        {
            Core.ApiSession      coreApiSession     = null;
            Contracts.ApiSession contractApiSession = new Contracts.ApiSession();
            string body = new StreamReader(input).ReadToEnd();
            NameValueCollection postVars = HttpUtility.ParseQueryString(body);

            // Determine which kind of login attempt we have
            if (!postVars.AllKeys.Contains("api_key"))
            {
                throw new BadRequestException("Parameter api_key is required.");
            }
            try
            {
                // If username is passed
                if (postVars.AllKeys.Contains("username"))
                {
                    if (!postVars.AllKeys.Contains("password"))
                    {
                        throw new BadRequestException("Parameter password is required for username authentication.");
                    }

                    // Do a normal Arena API login
                    var api = new Arena.Services.ArenaAPI();
                    input.Seek(0, SeekOrigin.Begin);
                    coreApiSession = api.Login(input);

                    // Test scenario for authenticating with device id

                    /*coreApiSession.DateExpires = DateTime.Now.AddMinutes(1);
                     * coreApiSession.Save(postVars["username"]);*/

                    // If we have a device id, register this device and issue a key for it
                    if (postVars.AllKeys.Contains("device_id"))
                    {
                        // First check to see if this device id is already associated with your account
                        Device device = new Device(postVars["device_id"]);
                        if (device.AuthDeviceId > 0)
                        {
                            // Make sure this device is owned by the current person
                            if (device.PersonId != coreApiSession.CurrentPerson.PersonID)
                            {
                                // Delete the old one and create a new one
                                device.Delete();
                                device          = new Device();
                                device.PersonId = coreApiSession.CurrentPerson.PersonID;
                            }
                            // Generate a new guid
                            device.DeviceKey = Guid.NewGuid();
                        }
                        else
                        {
                            device.PersonId = coreApiSession.CurrentPerson.PersonID;
                        }
                        device.DeviceId   = postVars["device_id"];
                        device.DeviceName = postVars["device_name"];
                        device.LoginId    = postVars["username"];
                        device.LastLogin  = DateTime.Now;
                        device.Save(postVars["username"]);
                        device.Active = true;
                        contractApiSession.DeviceKey = device.DeviceKey;
                    }
                }

                // Do device authentication
                if (postVars.AllKeys.Contains("device_key"))
                {
                    // First validate the API key
                    ApiApplication apiApp = new ApiApplication(new Guid(postVars["api_key"]));
                    if (apiApp.ApplicationId <= 0)
                    {
                        throw new AuthenticationException("Invalid api_key for device key authentication.");
                    }

                    // Now validatate the device key
                    Device device = new Device(new Guid(postVars["device_key"]));
                    if (device.Active == false || device.AuthDeviceId <= 0 || device.DeviceId != postVars["device_id"])
                    {
                        throw new AuthenticationException("Invalid device id/key pair.");
                    }

                    // Setup the API Session and save it
                    coreApiSession = new Arena.Core.ApiSession();
                    coreApiSession.SetupSession(device.Person, apiApp.ApiSecret, device.LoginId, apiApp);

                    // Test scenario for authenticating with device id

                    /*coreApiSession.DateExpires = DateTime.Now.AddMinutes(1);
                     * coreApiSession.Save(device.LoginId);*/

                    // Update the Last Login time for the device
                    device.LastLogin = DateTime.Now;
                    // Generate a new guid
                    device.DeviceKey = Guid.NewGuid();
                    device.Save(device.LoginId);

                    // Update the API Session that we are returning
                    contractApiSession.DeviceKey   = device.DeviceKey;
                    contractApiSession.SessionID   = coreApiSession.SessionID;
                    contractApiSession.DateExpires = coreApiSession.DateExpires;
                }
            } catch (Exception e)
            {
                throw new AuthenticationException(e.Message);
            }

            Arena.Core.ApiSession.SetSession(coreApiSession);

            // Copy the values for mapping back to the custom contract
            contractApiSession.SessionID   = coreApiSession.SessionID;
            contractApiSession.DateExpires = coreApiSession.DateExpires;
            return(contractApiSession);
        }