private RequestValidationResult GetVaidationErrorResult(
string customerId,
string targetUrl,
QueueEventConfig config,
QueueUrlParams qParams,
string errorCode)
{
var query = GetQueryString(customerId, config.EventId, config.Version, config.Culture, config.LayoutName) +
$"&queueittoken={qParams.QueueITToken}" +
$"&ts={DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow)}" +
(!string.IsNullOrEmpty(targetUrl) ? $"&t={HttpUtility.UrlEncode(targetUrl)}" : "");
var domainAlias = config.QueueDomain;
if (!domainAlias.EndsWith("/"))
{
domainAlias = domainAlias + "/";
}
var redirectUrl = $"https://{domainAlias}error/{errorCode}/?{query}";
return(new RequestValidationResult(ActionType.QueueAction)
{
RedirectUrl = redirectUrl,
EventId = config.EventId
});
}
private RequestValidationResult GetVaidationErrorResult(
string customerId,
string targetUrl,
EventConfig config,
QueueUrlParams qParams,
string errorCode)
{
var query = GetQueryString(customerId, config) +
$"&queueittoken={qParams.QueueITToken}" +
$"&ts={DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow)}" +
$"&t={HttpUtility.UrlEncode(targetUrl)}";
var domainAlias = config.QueueDomain;
if (!domainAlias.EndsWith("/"))
{
domainAlias = domainAlias + "/";
}
var redirectUrl = "https://" + domainAlias + $"error/{errorCode}?" + query;
return(new RequestValidationResult()
{
RedirectUrl = redirectUrl,
EventId = config.EventId
});
}
public RequestValidationResult ValidateQueueRequest(
string targetUrl,
string queueitToken,
QueueEventConfig config,
string customerId,
string secretKey)
{
var state = _userInQueueStateRepository.GetState(config.EventId, config.CookieValidityMinute, secretKey);
if (state.IsValid)
{
if (state.IsStateExtendable && config.ExtendCookieValidity)
{
_userInQueueStateRepository.Store(config.EventId,
state.QueueId,
null,
config.CookieDomain,
state.RedirectType,
secretKey);
}
return(new RequestValidationResult(ActionType.QueueAction,
eventId: config.EventId,
queueId: state.QueueId,
redirectType: state.RedirectType,
actionName: config.ActionName));
}
QueueUrlParams queueParams = QueueParameterHelper.ExtractQueueParams(queueitToken);
RequestValidationResult requestValidationResult;
bool isTokenValid = false;
if (queueParams != null)
{
var tokenValidationResult = ValidateToken(config, queueParams, secretKey);
isTokenValid = tokenValidationResult.IsValid;
if (isTokenValid)
{
requestValidationResult = GetValidTokenResult(config, queueParams, secretKey);
}
else
{
requestValidationResult = GetErrorResult(customerId, targetUrl, config, queueParams, tokenValidationResult.ErrorCode);
}
}
else
{
requestValidationResult = GetQueueResult(targetUrl, config, customerId);
}
if (state.IsFound && !isTokenValid)
{
_userInQueueStateRepository.CancelQueueCookie(config.EventId, config.CookieDomain);
}
return(requestValidationResult);
}
private RequestValidationResult GetErrorResult(
string customerId,
string targetUrl,
QueueEventConfig config,
QueueUrlParams qParams,
string errorCode)
{
var query = GetQueryString(customerId, config.EventId, config.Version, config.ActionName, config.Culture, config.LayoutName) +
$"&queueittoken={qParams.QueueITToken}" +
$"&ts={DateTimeHelper.GetUnixTimeStampFromDate(DateTime.UtcNow)}" +
(!string.IsNullOrEmpty(targetUrl) ? $"&t={Uri.EscapeDataString(targetUrl)}" : "");
var redirectUrl = GenerateRedirectUrl(config.QueueDomain, $"error/{errorCode}/", query);
return(new RequestValidationResult(
ActionType.QueueAction,
redirectUrl: redirectUrl,
eventId: config.EventId,
actionName: config.ActionName));
}
private RequestValidationResult GetValidTokenResult(
QueueEventConfig config,
QueueUrlParams queueParams,
string secretKey)
{
_userInQueueStateRepository.Store(
config.EventId,
queueParams.QueueId,
queueParams.CookieValidityMinutes,
config.CookieDomain,
queueParams.RedirectType,
secretKey);
return(new RequestValidationResult(
ActionType.QueueAction,
eventId: config.EventId,
queueId: queueParams.QueueId,
redirectType: queueParams.RedirectType,
actionName: config.ActionName));
}
private RequestValidationResult GetQueueITTokenValidationResult(
string targetUrl,
string eventId,
QueueEventConfig config,
QueueUrlParams queueParams,
string customerId,
string secretKey)
{
string calculatedHash = HashHelper.GenerateSHA256Hash(secretKey, queueParams.QueueITTokenWithoutHash);
if (calculatedHash != queueParams.HashCode)
{
return(GetVaidationErrorResult(customerId, targetUrl, config, queueParams, "hash"));
}
if (queueParams.EventId != eventId)
{
return(GetVaidationErrorResult(customerId, targetUrl, config, queueParams, "eventid"));
}
if (queueParams.TimeStamp < DateTime.UtcNow)
{
return(GetVaidationErrorResult(customerId, targetUrl, config, queueParams, "timestamp"));
}
this._userInQueueStateRepository.Store(
config.EventId,
queueParams.QueueId,
queueParams.CookieValidityMinutes,
config.CookieDomain,
queueParams.RedirectType,
secretKey,
config.CookieHttpOnly);
return(new RequestValidationResult(ActionType.QueueAction)
{
EventId = config.EventId,
QueueId = queueParams.QueueId,
RedirectType = queueParams.RedirectType
});
}
public RequestValidationResult ValidateQueueRequest(
string targetUrl,
string queueitToken,
QueueEventConfig config,
string customerId,
string secretKey)
{
var state = _userInQueueStateRepository.GetState(config.EventId, config.CookieValidityMinute, secretKey);
if (state.IsValid)
{
if (state.IsStateExtendable && config.ExtendCookieValidity)
{
this._userInQueueStateRepository.Store(config.EventId,
state.QueueId,
null,
config.CookieDomain,
state.RedirectType,
secretKey,
config.CookieHttpOnly);
}
return(new RequestValidationResult(ActionType.QueueAction)
{
EventId = config.EventId,
QueueId = state.QueueId,
RedirectType = state.RedirectType
});
}
QueueUrlParams queueParmas = QueueParameterHelper.ExtractQueueParams(queueitToken);
if (queueParmas != null)
{
return(GetQueueITTokenValidationResult(targetUrl, config.EventId, config, queueParmas, customerId, secretKey));
}
else
{
return(GetInQueueRedirectResult(targetUrl, config, customerId));
}
}
private TokenValidationResult ValidateToken(
QueueEventConfig config,
QueueUrlParams queueParams,
string secretKey)
{
string calculatedHash = HashHelper.GenerateSHA256Hash(secretKey, queueParams.QueueITTokenWithoutHash);
if (calculatedHash != queueParams.HashCode)
{
return(new TokenValidationResult(false, "hash"));
}
if (queueParams.EventId != config.EventId)
{
return(new TokenValidationResult(false, "eventid"));
}
if (queueParams.TimeStamp < DateTime.UtcNow)
{
return(new TokenValidationResult(false, "timestamp"));
}
return(new TokenValidationResult(true, null));
}
public static QueueUrlParams ExtractQueueParams(string queueitToken)
{
try
{
if (string.IsNullOrEmpty(queueitToken))
{
return(null);
}
QueueUrlParams result = new QueueUrlParams()
{
QueueITToken = queueitToken
};
var paramList = result.QueueITToken.Split(KeyValueSeparatorGroupChar);
foreach (var paramKeyValue in paramList)
{
var keyValueArr = paramKeyValue.Split(KeyValueSeparatorChar);
switch (keyValueArr[0])
{
case TimeStampKey:
result.TimeStamp = DateTimeHelper.GetUnixTimeStampAsDate(keyValueArr[1]);
break;
case CookieValidityMinuteKey:
{
int cookieValidity = 0;
if (int.TryParse(keyValueArr[1], out cookieValidity))
{
result.CookieValidityMinute = cookieValidity;
}
else
{
result.CookieValidityMinute = null;
}
break;
}
case EventIdKey:
result.EventId = keyValueArr[1];
break;
case ExtendableCookieKey:
{
bool extendCookie;
if (!bool.TryParse(keyValueArr[1], out extendCookie))
{
extendCookie = false;
}
result.ExtendableCookie = extendCookie;
break;
}
case HashKey:
result.HashCode = keyValueArr[1];
break;
case QueueIdKey:
result.QueueId = keyValueArr[1];
break;
}
}
result.QueueITTokenWithoutHash =
result.QueueITToken.Replace($"{KeyValueSeparatorGroupChar}{HashKey}{KeyValueSeparatorChar}{result.HashCode}", "");
return(result);
}
catch
{
return(null);
}
}
