private async Task <AuthenticationHeaderValue> CreateCredentialsAsync() { byte[] iv = this.SymmetricCryptoProvider.GenerateIv(); AuthHeaderModel model = new AuthHeaderModel { Indentifier = this.ClientState.Identifier, ClientSecret = await this.SymmetricCryptoProvider.EncryptBase64ToBase64Async(this.ClientState.ClientSecret, this.ClientState.RoundKey, iv), Login = await this.SymmetricCryptoProvider.EncryptUtf8ToBase64Async(this.ClientState.AuthInfo?.Login, this.ClientState.RoundKey, iv), Password = await this.SymmetricCryptoProvider.EncryptUtf8ToBase64Async(this.ClientState.AuthInfo?.Password, this.ClientState.RoundKey, iv), Iv = iv }; byte[] bytes = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model)); return(new AuthenticationHeaderValue("Hospital", Convert.ToBase64String(bytes))); }
public async Task <AuthenticationResult> AuthenticateAsync(string authenticationToken) { try { if (authenticationToken == null) { throw new ArgumentException("Auth header is not set"); } string serializedModel = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationToken)); AuthHeaderModel model = JsonConvert.DeserializeObject <AuthHeaderModel>(serializedModel); string clientSecret = await this.GadgetKeysService.GetGadgetClientSecretAsync(model.Indentifier); KeysInfoModel keys = await this.GadgetKeysService.GetGadgetKeysInfoAsync(model.Indentifier, clientSecret); byte[] roundKey = keys.RoundKey; string login = await this.SymmetricCryptoService.DecryptBase64ToUtf8Async(model.Login, roundKey, model.Iv); string password = await this.SymmetricCryptoService.DecryptBase64ToUtf8Async(model.Password, roundKey, model.Iv); string decryptedClientSecret = await this.SymmetricCryptoService.DecryptBase64ToBase64Async(model.ClientSecret, roundKey, model.Iv); if (clientSecret != decryptedClientSecret) { throw new ArgumentException("Invalid client secret"); } bool isRoundKeyExpired = this.CheckIfRoundKeyExpired(keys); await this.GadgetKeysService.IncrementGadgetRoundKeySentTimesAsync(model.Indentifier, clientSecret); PrincipalModel principal = null; if (await this.UserService.CheckCredentialsAsync(login, password)) { await this.UserSessionService.AddEntryAsync(login, model.Indentifier); principal = new PrincipalModel { Login = login }; } return(new AuthenticationResult { IsAuthenticated = true, IsRoundKeyExpired = isRoundKeyExpired, RoundKey = roundKey, Principal = principal }); } catch (Exception e) { string failureReason = e is SqlException ? null : e.Message; return(new AuthenticationResult { FailureReason = failureReason, IsAuthenticated = false }); } }