Ejemplo n.º 1
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="UserID"></param>
        /// <param name="Role"></param>
        /// <param name="IPAddress"></param>
        /// <param name="AES_KEY"></param>
        /// <param name="AES_SALT"></param>
        /// <param name="IsAdmin">If true it will fetch HashSalt from a_Admin table else from contact table</param>
        /// <param name="SaltLength"></param>
        /// <returns></returns>
        public T obtainAuthToken <T>(T adminEntity, string IPAddress) where T : new()
        {
            try
            {
                string AES_KEY    = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY);
                string AES_SALT   = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT);
                int    SaltLength = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.SaltLength));

                PropertyInfo useridPropertyInfo    = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_UserId));
                PropertyInfo idPropertyInfo        = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_ID));
                PropertyInfo rolePropertyInfo      = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_Role));
                PropertyInfo authTokenPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_AuthToken));

                using (var objTokenDBService = new TokenDBService())
                {
                    var objAdminEntity = objTokenDBService.ValidateAdminCredentials(adminEntity);
                    var id             = (UInt64)idPropertyInfo.GetValue(objAdminEntity, null);
                    var role           = Convert.ToString(rolePropertyInfo.GetValue(objAdminEntity, null));
                    var userid         = (string)useridPropertyInfo.GetValue(objAdminEntity, null);
                    var authTolen      = (string)authTokenPropertyInfo.GetValue(objAdminEntity, null);

                    if (userid == (string)useridPropertyInfo.GetValue(adminEntity, null))
                    {
                        var Inner_Msg = id + Constants.AuthToken.SeperatorString + role + Constants.AuthToken.SeperatorString + IPAddress + Constants.AuthToken.SeperatorString + CryptoUtility.GenerateTimeStamp();
                        var HASH_SALT = CryptoUtility.GenerateSalt(SaltLength);
                        objTokenDBService.ChangeHashSalt(id.ToString(), HASH_SALT);
                        var Msg_Hash = CryptoUtility.GenerateHash(Inner_Msg, HASH_SALT);
                        authTokenPropertyInfo.SetValue(objAdminEntity, CryptoUtility.Encrypt(Inner_Msg + "##" + Msg_Hash, AES_KEY, AES_SALT), null);
                        return(objAdminEntity);
                    }
                    else
                    {
                        throw new SecurityTokenException("-3|Error granting access token: You entered wrong UserId or Password(UserID: " + userid + " | IP Address: " + IPAddress + ")");
                    }
                }
            }
            catch (SecurityTokenException e)
            {
                throw e;
            }
            catch (MySqlException odbcEx)
            {
                throw odbcEx;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Method to validate an authentication token
        /// </summary>
        /// <param name="AuthToken"></param>
        /// <param name="IPAddress"></param>
        /// <param name="UserType">type of user to be validated</param>
        /// <param name="IsAuthorize"></param>
        /// <param name="Action"></param>
        /// <returns></returns>
        public bool validateAuthToken(string AuthToken, string IPAddress, bool IsAuthorize, Enums.Action Action)
        {
            try
            {
                string AES_KEY             = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY);
                string AES_SALT            = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT);
                bool   IsValidateIPAddress = Convert.ToBoolean(CommonUtility.GetAppSettingKey(Constants.AuthToken.IsValidateIPAddress));
                int    TokenValiditySec    = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.TokenValiditySec));

                var    TokenBody    = CryptoUtility.Decrypt(AuthToken, AES_KEY, AES_SALT);
                var    LstTokenBody = JLT.Common.Utility.StringUtility.SplitString(TokenBody, "##");
                var    LstInnerMsg  = JLT.Common.Utility.StringUtility.SplitString(LstTokenBody[0], Constants.AuthToken.SeperatorString); //InnerMsg = UserID + Role + IPAddress + CryptoUtility.GenerateTimeStamp();
                var    TokenHash    = LstTokenBody[1];
                string Msg_Hash     = string.Empty;
                using (var objTokenDBService = new TokenDBService())
                {
                    var Hash_Salt = objTokenDBService.GetHashSalt(LstInnerMsg[0]);
                    Msg_Hash = CryptoUtility.GenerateHash(LstTokenBody[0], Hash_Salt);
                }
                if (Convert.ToInt64(CryptoUtility.GenerateTimeStamp()) - Convert.ToInt64(LstInnerMsg[3]) < TokenValiditySec)
                {
                    if (IsValidateIPAddress)
                    {
                        if (!String.Equals(LstInnerMsg[2], IPAddress, StringComparison.Ordinal))
                        {
                            throw new SecurityTokenException("401|Error validating access token: Suspicious request, IP mismatch found(Token: " + AuthToken + " :: Token IP Address: " + LstInnerMsg[2] + " - Current IP Address: " + IPAddress + ")"); //Suspicious Request
                        }
                    }

                    if (String.Equals(Msg_Hash, TokenHash, StringComparison.Ordinal))
                    {
                        if (IsAuthorize)
                        {
                            if ((Convert.ToInt64(Action) & Convert.ToInt64(LstInnerMsg[1])) == Convert.ToInt64(Action))
                            {
                                return(true);
                            }
                            else
                            {
                                throw new SecurityTokenException("403|User is not authorized to perform this action(Token: " + AuthToken + " :: IP Address: " + IPAddress + ")"); //User does not have role for this action
                            }
                        }
                        else
                        {
                            return(true);
                        }
                    }
                    else
                    {
                        throw new SecurityTokenException("401|Error validating access token: token not valid(Token: " + AuthToken + " :: IP Address: " + IPAddress + ")"); //Token Expired
                    }
                }
                else
                {
                    throw new SecurityTokenException("401|Error validating access token: Session has expired(Token: " + AuthToken + " :: IP Address: " + IPAddress + ")"); //Token Expired
                }
            }
            catch (SecurityTokenException e)
            {
                throw e;
            }
            catch (Exception ex)
            {
                throw new Exception("401|Default Exeption(Token: " + AuthToken + " | IP Address: " + IPAddress + ")", ex);
            }
        }