public PaymentsController(ApplicationDbContext dbContext, IDataSigningService dataSigningService, INotificationService notificationService, IStorageService storageService, IOptions <CyberSourceSettings> cyberSourceSettings, IEmailService emailService)
{
_dbContext = dbContext;
_dataSigningService = dataSigningService;
_notificationService = notificationService;
_storageService = storageService;
_emailService = emailService;
_cyberSourceSettings = cyberSourceSettings.Value;
}
public ResultsController(ApplicationDbContext context,
IFileStorageService fileStorageService,
IDataSigningService dataSigningService,
IOptions <CyberSourceSettings> cyberSourceSettings,
IOptions <AppSettings> appSettings,
IOrderMessageService orderMessageService)
{
_context = context;
_fileStorageService = fileStorageService;
_dataSigningService = dataSigningService;
_orderMessageService = orderMessageService;
_appSettings = appSettings.Value;
_cyberSourceSettings = cyberSourceSettings.Value;
}
/// <summary>
/// Write this payload to the specified stream
/// </summary>
public void Write(Stream s, IDataSigningService signingProvider)
{
// Header
byte[] header = new byte[7];
Array.Copy(MAGIC_HEADER, header, 5);
header[5] = VERSION_ID;
header[6] = (byte)this.Encoding;
s.Write(header, 0, 7);
var jwsHeader = new
{
alg = signingProvider.GetSignatureAlgorithm(),
typ = $"x-santedb+{this.Payload.GetType().GetSerializationName()}",
key = "p2pdefault"
};
var hdrString = System.Text.Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header)).Base64UrlEncode();
StringBuilder payloadToken = new StringBuilder($"{hdrString}.");
// Now we serialize the payload
var payloadData = System.Text.Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(this.Payload)).Base64UrlEncode();
payloadToken.Append(payloadData);
var tokenData = System.Text.Encoding.UTF8.GetBytes(payloadToken.ToString());
var signature = signingProvider.SignData(tokenData, "p2pdefault");
payloadToken.AppendFormat(".{0}", signature.Base64UrlEncode());
// Now we write to the stream
if (this.Encoding.HasFlag(PeerTransferEncodingFlags.Compressed))
{
s = new GZipStream(s, SharpCompress.Compressors.CompressionMode.Compress);
}
using (var sw = new StreamWriter(s))
sw.Write(payloadData.ToString());
}
/// <summary>
/// DI constructor
/// </summary>
public JwsResourcePointerService(IDataSigningService signingService, IApplicationIdentityProviderService applicationIdentityProviderService = null)
{
this.m_signingService = signingService;
this.m_applicationIdService = applicationIdentityProviderService;
}
public PaymentController(ApplicationDbContext context, IOrderMessageService orderMessageService, IDataSigningService dataSigningService)
{
_context = context;
_orderMessageService = orderMessageService;
_dataSigningService = dataSigningService;
}
/// <summary>
/// Read from the stream
/// </summary>
public static PeerTransferPayload Read(Stream s, IDataSigningService signingProvider, bool validateSignature)
{
byte[] hdr = new byte[7];
s.Read(hdr, 0, 7);
if (!hdr.Take(5).SequenceEqual(MAGIC_HEADER))
{
throw new FormatException("Invalid payload");
}
else if (hdr[5] >= VERSION_ID)
{
throw new InvalidOperationException($"Payload version {hdr[5]} is greater than supported version of {VERSION_ID}");
}
var retVal = new PeerTransferPayload();
retVal.Encoding = (PeerTransferEncodingFlags)hdr[6];
// Read the rest of the stream
if (retVal.Encoding.HasFlag(PeerTransferEncodingFlags.Compressed))
{
s = new GZipStream(s, SharpCompress.Compressors.CompressionMode.Decompress);
}
using (var sr = new StreamReader(s))
{
var data = sr.ReadToEnd();
// Read the JWS header
var match = s_jwsFormat.Match(data);
if (!match.Success)
{
throw new FormatException("Payload must be in JWS format");
}
// Get the parts of the header
byte[] headerBytes = match.Groups[1].Value.ParseBase64UrlEncode(),
bodyBytes = match.Groups[2].Value.ParseBase64UrlEncode(),
signatureBytes = match.Groups[3].Value.ParseBase64UrlEncode();
// Now lets parse the JSON objects
dynamic header = JsonConvert.DeserializeObject(System.Text.Encoding.UTF8.GetString(headerBytes));
dynamic body = JsonConvert.DeserializeObject(System.Text.Encoding.UTF8.GetString(bodyBytes));
// Now validate the payload
if (!header.typ.ToString().StartsWith("x-santedb+"))
{
throw new InvalidOperationException("Cannot determine type of data");
}
var type = new ModelSerializationBinder().BindToType(null, header.typ.ToString().Substring(10));
var algorithm = header.alg.ToString();
String keyId = header.key.ToString();
// Validate the signature if we have the key
if (validateSignature)
{
// We have the key?
if (!signingProvider.GetKeys().Any(k => k == keyId))
{
throw new InvalidOperationException("Cannot find appropriate validation key");
}
if (signingProvider.GetSignatureAlgorithm(keyId) != algorithm)
{
throw new InvalidOperationException("Invalid signature algorithm");
}
var payload = System.Text.Encoding.UTF8.GetBytes($"{match.Groups[1].Value}.{match.Groups[2].Value}");
if (!signingProvider.Verify(payload, signatureBytes, keyId))
{
throw new SecurityException("Cannot verify authenticity of the specified data payload");
}
}
retVal.Payload = JsonConvert.DeserializeObject(System.Text.Encoding.UTF8.GetString(bodyBytes), type);
// Return the result
return(retVal);
}
}
