Beispiel #1
0
        private async Task <KeyValidationResult> IsKeyValid(KeyChallenge key)
        {
            KeyValidationResult result;

            if (key.Type == ApiKeyTypes.ClientSecret)
            {
                result = await _keySecretValidator.IsValid(key.Properties[ApiKeyPropertyNames.PublicKey], key.Properties[ApiKeyPropertyNames.ClientSecret]);
            }
            else
            {
                var msg = _localizer["Unknown key type."];
                throw new InvalidKeyException(msg, HttpStatusCode.Unauthorized);
            }

            return(result);
        }
Beispiel #2
0
        public async Task <KeyValidationResult> IsClientApiKeyValidAsync(string apiKey, string apiSecret,
                                                                         string serviceName, string apiName, string httpMethod)
        {
            var challenge = new KeyChallenge
            {
                Type       = _apiRequestHelper.GetApiKeyType(),
                Properties = new Dictionary <string, string>
                {
                    [ApiKeyPropertyNames.ClientSecret] = apiSecret,
                    [ApiKeyPropertyNames.PublicKey]    = apiKey
                }
            };

            var result = await _keyValidator.IsValid(challenge, httpMethod, serviceName, apiName);

            return(result);
        }
        public async Task <IActionResult> Get(string id, string api, string httpMethod)
        {
            if (string.IsNullOrWhiteSpace(api))
            {
                api = "";
            }
            if (string.IsNullOrWhiteSpace(id) ||
                string.IsNullOrWhiteSpace(httpMethod))
            {
                return(BadRequest());
            }

            var serviceName = id.ToLower();

            var challenge = new KeyChallenge
            {
                Type       = ApiKeyType,
                Properties = { [ApiKeyPropertyNames.ClientSecret1] = ApiSecret, [ApiKeyPropertyNames.PublicKey] = ApiKey }
            };

            var result = await _keyValidator.IsValid(challenge, httpMethod, serviceName, api);

            return(Ok(result.ToLite()));
        }
Beispiel #4
0
        public async Task <KeyValidationResult> IsValid(KeyChallenge keyChallenge, string httpMethod, string serviceName, string apiNameOrUrl)
        {
            // Validate client key
            var clientKeyResult = await IsKeyValid(keyChallenge);

            var publicKey = keyChallenge.Properties[ApiKeyPropertyNames.PublicKey];

            if (!clientKeyResult.IsValid)
            {
                // Client key validation failed
                return(new KeyValidationResult
                {
                    InnerValidationResult = clientKeyResult,
                    IsValid = false,
                    Message = _localizer["Client key validation failed"]
                });
            }

            // Key validation passed. Now check if client has the right permission to access the api/url

            var result = new KeyValidationResult();

            ServiceModel service = null;

            if (serviceName.ToLower() == AppConstants.SysApiServiceName.ToLower())
            {
                // Its a core service (eg. manage key, service, role, etc. All active clients can use this service)
                service = await _serviceManager.GetSysService();
            }
            else
            {
                service = await _serviceManager.GetByName(publicKey, serviceName);
            }

            if (service == null)
            {
                result.Message = _localizer["Service not found. Service name or api key is invalid."];
                result.IsValid = false;
                return(result);
            }

            ApiModel api;

            if (serviceName.ToLower() == AppConstants.SysApiServiceName.ToLower())
            {
                // System API
                api = await _apiManager.GetByApiName(service.Id, httpMethod, apiNameOrUrl);
            }
            else
            {
                // User API
                api = await _apiManager.GetByApiName(publicKey, service.Id, httpMethod, apiNameOrUrl);
            }

            if (api == null && !string.IsNullOrEmpty(apiNameOrUrl))
            {
                api = await _apiManager.GetByApiUrl(publicKey, service.Id, httpMethod, apiNameOrUrl);
            }

            if (api == null)
            {
                api = await _apiManager.GetByApiName(publicKey, service.Id, httpMethod, string.Empty);
            }

            if (api == null)
            {
                result.Message = _localizer["Api not found"];
                result.IsValid = false;
                return(result);
            }

            var clientKeyWithRoles = await _keyManager.GetByPublicKey(publicKey);

            foreach (var role in api.Roles)
            {
                result.IsValid = clientKeyWithRoles.Roles.SingleOrDefault(x => x.Id == role.Id && !role.IsDisabled) != null;
                if (result.IsValid)
                {
                    break;
                }
            }

            if (result.IsValid == false)
            {
                result.Message = _localizer["Access denied."];
            }


            result.ApiId     = api.Id;
            result.KeyId     = clientKeyResult.KeyId;
            result.ServiceId = api.ServiceId;

            return(result);
        }