/// <summary>
/// Validate authentication request
/// </summary>
/// <returns>User configuration</returns>
private User ValidateUser(string authorization, string selectedRoleValue)
{
// Credentials are stored in Key Vault in the format username:password
string actualUsername;
string actualPassword;
User user;
// Check whether role is either Sales Person or Sales Manager
if (string.Equals(selectedRoleValue, Constant.SalesManagerRole, StringComparison.InvariantCultureIgnoreCase))
{
actualUsername = configuration[Constant.SalesManagerUsername];
actualPassword = configuration[Constant.SalesManagerPassword];
user = userCollection.Value.SalesManager;
logger.LogInformation($"{user.Username}, {Constant.SalesManagerRole}");
}
else if (string.Equals(selectedRoleValue, Constant.SalespersonRole, StringComparison.InvariantCultureIgnoreCase))
{
// Return anonymous user when authorization parameter is not present
if (string.IsNullOrWhiteSpace(authorization))
{
logger.LogInformation($"Anonymous: {Constant.SalespersonRole}");
return(userCollection.Value.Anonymous);
}
actualUsername = configuration[Constant.SalespersonUsername];
actualPassword = configuration[Constant.SalespersonPassword];
user = userCollection.Value.Salesperson;
logger.LogInformation($"{user.Username}, {Constant.SalespersonRole}");
}
else
{
return(null);
}
// Stores credential passed in user request
string[] credential;
try
{
// Get user credentials from request header
credential = ParamHelper.DecodeBase64EncodedString(authorization.Split(' ')[1].Trim()).Split(':');
}
catch (Exception)
{
// Return if request header is malformed
return(null);
}
// Check whether username and password matches
if (!string.Equals(credential[0], actualUsername, StringComparison.InvariantCultureIgnoreCase) ||
!string.Equals(credential[1], actualPassword)
)
{
logger.LogInformation($"{Constant.InvalidUsernamePassword}, {credential[0]}, {credential[1]}, {selectedRoleValue}");
return(null);
}
return(user);
}
