Beispiel #1
0
        public ProcessingResult PostUpdatePassword([FromHeader] string Request)
        {
            ProcessingResult result = new ProcessingResult();

            IncubitoCryptoGraphy.IncubitoCrypto EncryptedRequest = new IncubitoCryptoGraphy.IncubitoCrypto(Request, true);
            string DecryptedRequest = EncryptedRequest.StringToStringDecryption();

            JObject JSON = JObject.Parse(DecryptedRequest);

            string UUID     = JSON["UUID"].ToString().Trim();
            string Password = JSON["Password"].ToString().Trim();

            try
            {
                ICASCrypto EncryptedPassword = new ICASCrypto(Password.Trim(), true);

                CreatorEntities   db = new CreatorEntities();
                MobileConnections mobileconnection = db.MobileConnections.Single(mc => mc.UUID == UUID.Trim().ToUpper());
                mobileconnection.Password = EncryptedPassword.StringToStringEncryption();
                db.SaveChanges();

                result.Status  = "Mobile Users";
                result.Message = "Sucessfully Updated Password";
            }
            catch (Exception ex)
            {
                result.Status  = "Mobile Users";
                result.Message = ex.Message;
            }

            return(result);
        }
Beispiel #2
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            byte[] usrdata          = System.Convert.FromBase64String(context.UserName);
            string Usrbase64Decoded = System.Text.UTF8Encoding.UTF8.GetString(usrdata);

            byte[] pwddata          = System.Convert.FromBase64String(context.Password);
            string Pwdbase64Decoded = System.Text.UTF8Encoding.UTF8.GetString(pwddata);

            try
            {
                IncubitoCryptoGraphy.IncubitoCrypto EncryptedUUID = new IncubitoCryptoGraphy.IncubitoCrypto(Usrbase64Decoded, true);
                string DecryptedUIID = EncryptedUUID.StringToStringDecryption();

                DecryptedUIID = DecryptedUIID.Replace("-", "");
                string UUIDEmail = DecryptedUIID + "@cubitsuite.com";

                IncubitoCryptoGraphy.IncubitoCrypto EncryptedPassword = new IncubitoCryptoGraphy.IncubitoCrypto(Pwdbase64Decoded, true);
                string DecryptedPassword = EncryptedPassword.StringToStringDecryption();

                string Handshake = context.Request.Headers.GetValues("Handshake")[0];
                IncubitoCryptoGraphy.IncubitoCrypto EncryptedHandshake = new IncubitoCryptoGraphy.IncubitoCrypto(Handshake, true);
                string DecryptedHandshake = EncryptedHandshake.StringToStringDecryption();

                ApplicationUser user;
                var             userManager = context.OwinContext.GetUserManager <ApplicationUserManager>();

                if (DecryptedHandshake == DecryptedUIID)
                {
                    if (DecryptedPassword == "")
                    {
                        byte[]          plainBytes = System.Text.Encoding.UTF8.GetBytes(UUIDEmail.ToLower());
                        RijndaelManaged Encoder    = new RijndaelManaged();
                        Encoder.Mode      = CipherMode.CBC;
                        Encoder.Padding   = PaddingMode.PKCS7;
                        Encoder.KeySize   = 128;
                        Encoder.BlockSize = 128;
                        Encoder.Key       = System.Text.Encoding.UTF8.GetBytes("qs9em6$%#MXMswPB");
                        Encoder.IV        = System.Text.Encoding.UTF8.GetBytes("a7Tqxpd()+HVmVpE");

                        byte[] Encoded1 = Encoder.CreateEncryptor().TransformFinalBlock(plainBytes, 0, plainBytes.Length);

                        GeneratedPassword = Convert.ToBase64String(Encoded1);

                        var UserRegistration = await userManager.FindByEmailAsync(UUIDEmail);

                        if (UserRegistration == null)
                        {
                            var NewUser = new ApplicationUser()
                            {
                                UserName = UUIDEmail, Email = UUIDEmail
                            };
                            IdentityResult result = await userManager.CreateAsync(NewUser, GeneratedPassword);
                        }
                        else
                        {
                            var token = await userManager.GeneratePasswordResetTokenAsync(UserRegistration.Id);

                            var result = await userManager.ResetPasswordAsync(UserRegistration.Id, token, GeneratedPassword);
                        }

                        user = await userManager.FindAsync(UUIDEmail, GeneratedPassword);
                    }
                    else
                    {
                        GeneratedPassword = "******";
                        user = await userManager.FindAsync(UUIDEmail, DecryptedPassword);
                    }

                    if (user == null)
                    {
                        context.SetError("invalid_grant", "The user name or password is incorrect.");
                        return;
                    }

                    ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
                                                                                        OAuthDefaults.AuthenticationType);

                    ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
                                                                                          CookieAuthenticationDefaults.AuthenticationType);

                    AuthenticationProperties properties = CreateProperties(user.UserName);
                    AuthenticationTicket     ticket     = new AuthenticationTicket(oAuthIdentity, properties);
                    context.Validated(ticket);
                    context.Request.Context.Authentication.SignIn(cookiesIdentity);
                }
                else
                {
                    return;
                }
            }
            catch (Exception ex)
            {
                return;
            }
        }