private void HashCustomerPassword()
{
var cryptoService = new CryptoService();
var hash = cryptoService.ComputeHash(NewCustomer.password, cryptoService.GenerateSalt(), 10101, 24);
NewCustomer.password = Convert.ToBase64String(hash);
}
public bool Register(string email, string login, string password)
{
if (_authRep.VerifyUserExistence(login))
{
return(false);
}
var salt = CryptoService.GenerateSalt(login);
_authRep.CreateAccount(email, login, CryptoService.ComputeHash(password, salt), salt);
return(true);
}
public static User GetUser()
{
User user = new User();
user.Username = Username;
user.DisplayName = DisplayName;
user.PasswordSalt = CryptoService.GenerateSalt();
user.PasswordHash = CryptoService.ComputeHash(Password, user.PasswordSalt);
user.AccessJobParams = true;
user.AccessMainMenu = true;
user.AccessMainParams = true;
user.AccessAdditionalParams = true;
user.AccessAdminParams = true;
return(user);
}
public async Task <BankCustomer> RegisterNewUser(string firstName, string lastName, string username, string password)
{
BankCustomer customer = new BankCustomer
{
FirstName = firstName,
LastName = lastName,
Usernname = username,
passwordHash = CryptoService.ComputeHash(password)
};
// the server replies with added fields
LoggedInCustomer = await HttpMgr.Instance.PostCustomerAsync(customer);
return(LoggedInCustomer);
}
private void ButFromFile_Click(object sender, EventArgs e)
{
if (OpenFileDialog.ShowDialog() == DialogResult.OK)
{
try
{
Filename.Text = Path.GetFileName(OpenFileDialog.FileName);
Filename_Validated(this, EventArgs.Empty);
Hash.Text = ByteHelper.ByteToString(CryptoService.ComputeHash(OpenFileDialog.FileName));
Hash_Validated(this, EventArgs.Empty);
} catch (Exception)
{
}
}
}
private void SaveUser(object userInstance)
{
UserViewModel userViewModel = userInstance as UserViewModel;
if (!userViewModel.IsValidUsername)
{
Application.Current.MainPage.DisplayAlert("Ошибка", "Имя пользователя не указано", "Ok");
return;
}
if (IsExistUser(userViewModel.User))
{
Application.Current.MainPage.DisplayAlert("Ошибка", "Пользователь с таким именем существует", "Ok");
return;
}
if (!userViewModel.IsValidPassword)
{
Application.Current.MainPage.DisplayAlert("Ошибка", "Пароль пользователя не задан", "Ok");
return;
}
if (userViewModel.User != null && userViewModel.IsValidUsername && userViewModel.IsValidPassword)
{
using (UserDbContext db = App.GetUserContext())
{
userViewModel.User.PasswordSalt = CryptoService.GenerateSalt();
userViewModel.User.PasswordHash = CryptoService.ComputeHash(userViewModel.Password, userViewModel.User.PasswordSalt);
if (userViewModel.User.UserId == 0)
{
db.Entry(userViewModel.User).State = EntityState.Added;
}
else
{
db.Users.Update(userViewModel.User);
}
db.SaveChanges();
}
}
Back();
}
private void ButFromFile_Click(object sender, EventArgs e)
{
if (OpenFileDialog.ShowDialog() != DialogResult.OK)
{
return;
}
try
{
Filename.Text = Path.GetFileName(OpenFileDialog.FileName);
Filename_Validated(this, EventArgs.Empty);
Hash.Text = ByteHelper.ByteToString(CryptoService.ComputeHash(OpenFileDialog.FileName));
Hash_Validated(this, EventArgs.Empty);
}
// ReSharper disable once EmptyGeneralCatchClause
catch
{
}
}
public LoginDTO Authenticate(string login, string password)
{
if (!_authRep.VerifyUserExistence(login))
{
return(null);
}
var userData = _authRep.GetUserData(login);
if (!userData.PassHash.SequenceEqual(CryptoService.ComputeHash(password, userData.Salt)))
{
return(null);
}
var token = CryptoService.GenerateToken();
_authRep.StartSession(userData.Id, token);
return(new LoginDTO {
Id = userData.Id, Login = login, Token = token
});
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
var inputToken = context.Request.Raw.Get("input_token");
var accessToken = context.Request.Raw.Get("access_token");
if (string.IsNullOrEmpty(inputToken))
{
context.Result = new GrantValidationResult(OidcConstants.TokenErrors.InvalidRequest, null);
return;
}
if (string.IsNullOrEmpty(accessToken))
{
context.Result = new GrantValidationResult(OidcConstants.TokenErrors.InvalidRequest, null);
return;
}
var client = new HttpClient();
var tokenResponse = await client.GetAsync($"https://graph.facebook.com/debug_token?input_token={inputToken}&access_token={accessToken}");
if (tokenResponse.StatusCode == System.Net.HttpStatusCode.OK)
{
//Get token response and check wheather ist from valid application or not
var tokenResponseData = await tokenResponse.Content.ReadAsStringAsync();
var fbTokenResponseData = TokenResponseDserializer.DserializeIdToken <FacebookAuthTokenResponse>(tokenResponseData);
//Make sure issuer client is valid
//if (fbTokenResponseData.Data.App_id != FacebookAuthConstants.FacebookAppId)
//{
// context.Result = new GrantValidationResult(OidcConstants.TokenErrors.UnauthorizedClient, null);
// return;
//}
//Get user profile information using access_token from Facebook Graph API
var profileResponse = await client.GetAsync($"https://graph.facebook.com/me?fields=id,email,gender,picture&access_token={inputToken}");
if (profileResponse.IsSuccessStatusCode)
{
//Parse fb response
var responseData = await profileResponse.Content.ReadAsStringAsync();
var fbTokenResponse = TokenResponseDserializer.DserializeIdToken <FacebookAuthResponse>(responseData);
//Check if user is available in Auth Database yet.
var requestedUser = _userStore.FindByProviderAndSubjectId(ProviderConstants.Facebook, fbTokenResponse.Id);
if (requestedUser == null)
{
#region Password Hash and Salt
var pwdSalt = CryptoService.GenerateSalt();
var pwdHash = CryptoService.ComputeHash(PasswordGenerator.GetRandomPassword(), pwdSalt);
#endregion
//Get User Information
//Create new User
var customUser = new CustomUser
{
SubjectId = fbTokenResponse.Id,
Email = string.IsNullOrEmpty(fbTokenResponse.Email)?"": fbTokenResponse.Email.ToLower(),
PasswordHash = Convert.ToBase64String(pwdHash),
PasswordSalt = Convert.ToBase64String(pwdSalt),
Provider = ProviderConstants.Facebook,
CreatedDate = DateTime.UtcNow,
LastUpdated = DateTime.UtcNow
};
_userStore.AddNewUser(customUser);
}
context.Result = new GrantValidationResult(fbTokenResponse.Id, ExternalGrantTypes.Facebok);
}
else
{
context.Result = new GrantValidationResult(OidcConstants.TokenErrors.InvalidRequest, null);
}
}
else
{
context.Result = new GrantValidationResult(OidcConstants.TokenErrors.InvalidRequest, null);
}
}
public async Task <BankCustomer> GetCustomerWithPasswordAsync(string username, string password)
{
string passwordHash = CryptoService.ComputeHash(password);
return(await HttpMgr.Instance.LoginCustomerAsync(username, passwordHash));
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
try
{
var idToken = context.Request.Raw.Get("id_token");
if (string.IsNullOrEmpty(idToken))
{
context.Result = new GrantValidationResult(OidcConstants.TokenErrors.InvalidRequest, null);
return;
}
//https://www.googleapis.com/auth/userinfo.profile scope is required to get user profile image for app team
// get user's identity
var client = new HttpClient();
var request = await client.GetAsync($"https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={idToken}");
if (request.StatusCode == System.Net.HttpStatusCode.OK)
{
var responseData = await request.Content.ReadAsStringAsync();
var googleAuthResponse = TokenResponseDserializer.DserializeIdToken <GoogleAuthResponse>(responseData);
if (!string.Equals(googleAuthResponse.Iss, GoogleAuthConstants.Issuer, StringComparison.CurrentCultureIgnoreCase))
{
context.Result = new GrantValidationResult("Invalid Issuer.", null);
return;
}
//Make sure issuer client is valid
//if (googleAuthResponse.Azp != GoogleAuthConstants.ClinetId)
//{
// context.Result = new GrantValidationResult(OidcConstants.TokenErrors.UnauthorizedClient, null);
// return;
//}
var requestedUser = _userStore.FindByProviderAndEmail(ProviderConstants.Google, googleAuthResponse.Email);
if (requestedUser == null)
{
#region Password Hash and Salt
var pwdSalt = CryptoService.GenerateSalt();
var pwdHash = CryptoService.ComputeHash(PasswordGenerator.GetRandomPassword(), pwdSalt);
#endregion
//Create new User
var customUser = new CustomUser
{
SubjectId = googleAuthResponse.Sub,
Email = googleAuthResponse.Email.ToLower(),
PasswordHash = Convert.ToBase64String(pwdHash),
PasswordSalt = Convert.ToBase64String(pwdSalt),
Provider = ProviderConstants.Google,
CreatedDate = DateTime.UtcNow,
LastUpdated = DateTime.UtcNow
};
_userStore.AddNewUser(customUser);
}
context.Result = new GrantValidationResult(googleAuthResponse.Sub, ExternalGrantTypes.Google);
}
}
catch (Exception)
{
context.Result = new GrantValidationResult("Internal Server Error.", null);
}
}
