Example #1
0
        public async Task<HttpResponseMessage> Get(string id, string location, string role, string visible, int? page, int? x, int? y)
        {

            try
            {
                //get the requested document and covert it for upload.
                Document doc = docs[id].ToDocument();

                //Upload it, keeping the DSS-P session that is returned
                dsspClient.ApplicationName = configuration.Current.AppName;
                dsspClient.ApplicationPassword = configuration.Current.AppPwd;
                sessions[id] = await dsspClient.UploadDocumentAsync(doc);

                //Create properties
                SignatureRequestProperties props = null;
                if (!configuration.Current.AltMode || visible != "None" || !string.IsNullOrEmpty(location) || !string.IsNullOrEmpty(role))
                {
                    props = new SignatureRequestProperties() { SignatureProductionPlace = location, SignerRole = role };
                }
                if (visible == "Photo")
                {
                    //Create an image visual signature, which defaults to eID photo
                    props.VisibleSignature = new ImageVisibleSignature()
                    {
                        Page = page.Value,
                        X = x.Value,
                        Y = y.Value
                    };
                }

                //creating the browser post page with the pending request
                string browserPostPage;
                if (configuration.Current.AltMode) {
                    if (string.IsNullOrEmpty(configuration.Current.Lanuage) && props == null && string.IsNullOrEmpty(configuration.Current.Authorization))
                    {
                        browserPostPage = sessions[id].GeneratePendingRequestPage("https://www.e-contract.be/dss-ws/start", Request.RequestUri.ToString());
                    }
                    else if (props == null && string.IsNullOrEmpty(configuration.Current.Authorization))
                    {
                        browserPostPage = sessions[id].GeneratePendingRequestPage("https://www.e-contract.be/dss-ws/start", Request.RequestUri.ToString(),
                            configuration.Current.Lanuage);
                    }
                    else if (string.IsNullOrEmpty(configuration.Current.Authorization) && props != null)
                    {
                        browserPostPage = sessions[id].GeneratePendingRequestPage(new Uri("https://www.e-contract.be/dss-ws/start"), Request.RequestUri,
                            configuration.Current.Lanuage, props);
                    }
                    else if (!string.IsNullOrEmpty(configuration.Current.Authorization) && props == null)
                    {
                        browserPostPage = sessions[id].GeneratePendingRequestPage(new Uri("https://www.e-contract.be/dss-ws/start"), Request.RequestUri,
                            configuration.Current.Lanuage, EContract.Dssp.Client.Authorization.AllowDssSignIfMatchSubject(configuration.Current.Authorization));
                    }
                    else
                    {
                        browserPostPage = sessions[id].GeneratePendingRequestPage(new Uri("https://www.e-contract.be/dss-ws/start"), Request.RequestUri,
                            configuration.Current.Lanuage, props, EContract.Dssp.Client.Authorization.AllowDssSignIfMatchSubject(configuration.Current.Authorization));
                    }
                } else {
                    browserPostPage = sessions[id].GeneratePendingRequestPage(new Uri("https://www.e-contract.be/dss-ws/start"), Request.RequestUri,
                        configuration.Current.Lanuage, props, configuration.Current.Authorization);
                }

                //returning it to the browser to execute
                HttpResponseMessage result = new HttpResponseMessage(HttpStatusCode.OK);
                result.Content = new ByteArrayContent(Encoding.ASCII.GetBytes(browserPostPage));
                result.Content.Headers.ContentType = new MediaTypeHeaderValue("text/html");
                return result;
            }
            catch (Exception e)
            {
                docs[id].Alert = new Alert() { Message = e.Message, Type = "danger" };
                return RedirectBack();
            }
            
        }
Example #2
0
        /// <summary>
        /// Generates the html page that initiates the BROWSER/POST request for the current session.
        /// </summary>
        /// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
        /// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
        /// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
        /// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
        /// <param name="authorization">The authorization that the signer must match too to be authorized</param>
        /// <returns>The html page in the form of a string</returns>
        public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
        {
            var builder = new StringBuilder();

            builder.AppendLine("<html>");
            builder.AppendLine("<head><title>DSS-P Browser POST</title></head>");
            builder.AppendLine("<body>");
            builder.AppendLine("<p>Redirecting to the DSS-P Server...</p>");
            builder.AppendLine("<form name=\"dsspform\" method=\"post\" action=\"" + postAddress.ToString() + "\">");
            builder.Append("<input type=\"hidden\" name=\"PendingRequest\" value=\"");
            builder.Append(GeneratePendingRequest(landingUrl, language, properties, authorization));
            builder.AppendLine("\"/>");
            builder.AppendLine("</form>");
            builder.AppendLine("<script type=\"text/javascript\">");
            builder.AppendLine("window.onload = function() { document.forms[\"dsspform\"].submit(); };");
            builder.AppendLine("</script>");
            builder.AppendLine("</body>");
            builder.AppendLine("</html>");

            return builder.ToString();
        }
Example #3
0
 /// <summary>
 /// Generates the html page that initiates the BROWSER/POST request for the current session.
 /// </summary>
 /// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
 /// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
 /// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
 /// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
 /// <returns>The html page in the form of a string</returns>
 public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties)
 {
     return GeneratePendingRequestPage(postAddress, landingUrl, language, properties, (Authorization)null);
 }
Example #4
0
 /// <summary>
 /// Generates the html page that initiates the BROWSER/POST request for the current session.
 /// </summary>
 /// <param name="postAddress">The e-contract.be address, normally "https://www.e-contract.be/dss-ws/start"</param>
 /// <param name="landingUrl">Own url for the BROWSER/POST "SignResponse" response</param>
 /// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
 /// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
 /// <param name="subjectRegex">Regular expression of the eID subject that the signer must match too to be authorized</param>
 /// <returns>The html page in the form of a string</returns>
 public string GeneratePendingRequestPage(Uri postAddress, Uri landingUrl, string language, SignatureRequestProperties properties, string subjectRegex)
 {
     if (String.IsNullOrEmpty(subjectRegex))
         return GeneratePendingRequestPage(postAddress, landingUrl, language, properties, (Authorization)null);
     else
         return GeneratePendingRequestPage(postAddress, landingUrl, language, properties, Authorization.AllowDssSignIfMatchSubjectRegex(subjectRegex));
 }
Example #5
0
        /// <summary>
        /// Creates a new pending request for the current session.
        /// </summary>
        /// <param name="landingUrl">The landing page of the SignResponse</param>
        /// <param name="language">The language of the e-contract.be pages, <c>null</c> for the default language</param>
        /// <param name="properties">Additional properties (location, role, visibility info, ...) for the signature request</param>
        /// <param name="authorization">The optional authorization that the signer must match too to be authorized</param>
        /// <returns>The base64 encoded PendingRequest, to be used as value for the "PendingRequest"-input</returns>
        public string GeneratePendingRequest(Uri landingUrl, string language, SignatureRequestProperties properties, Authorization authorization)
        {
            if (landingUrl == null) throw new ArgumentNullException("landingUrl");

            //Prepare browser post message (to return)
            var pendingRequest = new PendingRequest();
            pendingRequest.OptionalInputs = new OptionalInputs();
            pendingRequest.OptionalInputs.AdditionalProfile = "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing";
            pendingRequest.OptionalInputs.ResponseID = this.ServerId;
            pendingRequest.OptionalInputs.MessageID = new AttributedURIType();
            pendingRequest.OptionalInputs.MessageID.Value = this.ClientId;
            pendingRequest.OptionalInputs.Timestamp = new TimestampType();
            pendingRequest.OptionalInputs.Timestamp.Created = new AttributedDateTime();
            pendingRequest.OptionalInputs.Timestamp.Created.Value = DateTime.UtcNow;
            pendingRequest.OptionalInputs.Timestamp.Expires = new AttributedDateTime();
            pendingRequest.OptionalInputs.Timestamp.Expires.Value = DateTime.UtcNow.AddMinutes(10);
            pendingRequest.OptionalInputs.ReplyTo = new EndpointReferenceType();
            pendingRequest.OptionalInputs.ReplyTo.Address = new AttributedURIType();
            pendingRequest.OptionalInputs.ReplyTo.Address.Value = landingUrl.AbsoluteUri;
            pendingRequest.OptionalInputs.ReturnSignerIdentity = new ReturnSignerIdentity();
            pendingRequest.OptionalInputs.Language = string.IsNullOrEmpty(language) ? null : language;

            if (properties != null && (!string.IsNullOrEmpty(properties.SignerRole)
                    || !string.IsNullOrEmpty(properties.SignatureProductionPlace)
                    || properties.VisibleSignature != null))
            {
                var items = new List<VisibleSignatureItemType>();
                PixelVisibleSignaturePositionType pixelVisibleSignaturePosition = null;

                if (!string.IsNullOrEmpty(properties.SignerRole))
                {
                    var stringItem = new ItemValueStringType();
                    stringItem.ItemValue = properties.SignerRole;

                    var item = new VisibleSignatureItemType();
                    item.ItemName = ItemNameEnum.SignatureReason;
                    item.ItemValue = stringItem;
                    items.Add(item);
                }
                if (!string.IsNullOrEmpty(properties.SignatureProductionPlace))
                {
                    var stringItem = new ItemValueStringType();
                    stringItem.ItemValue = properties.SignatureProductionPlace;

                    var item = new VisibleSignatureItemType();
                    item.ItemName = ItemNameEnum.SignatureProductionPlace;
                    item.ItemValue = stringItem;
                    items.Add(item);
                }
                if (properties.VisibleSignature != null)
                {
                    var photoProp = properties.VisibleSignature as ImageVisibleSignature;
                    if (photoProp != null)
                    {
                        var uriItem = new ItemValueURIType();
                        uriItem.ItemValue = photoProp.ValueUri;

                        var item = new VisibleSignatureItemType();
                        item.ItemName = ItemNameEnum.SignerImage;
                        item.ItemValue = uriItem;
                        items.Add(item);

                        var customText = photoProp.CustomText;
                        if (!string.IsNullOrEmpty(customText))
                        {
                            var customTextItem = new VisibleSignatureItemType();
                            customTextItem.ItemName = ItemNameEnum.CustomText;
                            var customTextItemValue = new ItemValueStringType();
                            customTextItemValue.ItemValue = customText;
                            customTextItem.ItemValue = customTextItemValue;
                            items.Add(customTextItem);
                        }
                    }
                    else
                    {
                        throw new ArgumentException("The type of VisibleSignatureProperties (field of SignatureRequestProperties) is unsupported", "properties");
                    }

                    pixelVisibleSignaturePosition = new PixelVisibleSignaturePositionType();
                    pixelVisibleSignaturePosition.PageNumber = properties.VisibleSignature.Page;
                    pixelVisibleSignaturePosition.x = properties.VisibleSignature.X;
                    pixelVisibleSignaturePosition.y = properties.VisibleSignature.Y;
                }

                pendingRequest.OptionalInputs.VisibleSignatureConfiguration = new VisibleSignatureConfigurationType();
                pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignaturePolicy = VisibleSignaturePolicyType.DocumentSubmissionPolicy;
                pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignatureItemsConfiguration = new VisibleSignatureItemsConfigurationType();
                pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignatureItemsConfiguration.VisibleSignatureItem = items.ToArray<VisibleSignatureItemType>();
                pendingRequest.OptionalInputs.VisibleSignatureConfiguration.VisibleSignaturePosition = pixelVisibleSignaturePosition;
            }

            if (authorization != null)
            {
                pendingRequest.OptionalInputs.Policy = authorization.getPolicy();
            }

            //Prepare Sign
            var pendingRequestXml = new XmlDocument();
            pendingRequestXml.PreserveWhitespace = true;
            if (null == requestSerializer)
            {
                requestSerializer = new XmlSerializer(typeof(PendingRequest), "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing:1.0");
            }
            using (var pendingRequestWriter = pendingRequestXml.CreateNavigator().AppendChild())
            {
                requestSerializer.Serialize(pendingRequestWriter, pendingRequest);
            }

            var signedXml = new SignedXml(pendingRequestXml);
            signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
            signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigHMACSHA1Url;
            var docRef = new Reference("");
            docRef.DigestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
            docRef.AddTransform(new XmlDsigEnvelopedSignatureTransform());
            docRef.AddTransform(new XmlDsigExcC14NTransform());
            signedXml.AddReference(docRef);

            //Add Key Info
            var keyRefXml = new XmlDocument();
            keyRefXml.PreserveWhitespace = true;
            if (null == tRefSerializer)
            {
                tRefSerializer = new XmlSerializer(typeof(SecurityTokenReferenceType), null, new Type[0], new XmlRootAttribute("SecurityTokenReference"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            }
            using (var keyRefXmlWriter = keyRefXml.CreateNavigator().AppendChild())
            {
                tRefSerializer.Serialize(keyRefXmlWriter, this.KeyReference);
            }
            signedXml.KeyInfo = new KeyInfo();
            signedXml.KeyInfo.AddClause(new KeyInfoNode(keyRefXml.DocumentElement));

            //Compute signature
            signedXml.ComputeSignature(new HMACSHA1(this.KeyValue));

            //Append signature to document
            var nsmgr = new XmlNamespaceManager(pendingRequestXml.NameTable);
            nsmgr.AddNamespace("async", "urn:oasis:names:tc:dss:1.0:profiles:asynchronousprocessing:1.0");
            nsmgr.AddNamespace("dss", "urn:oasis:names:tc:dss:1.0:core:schema");
            pendingRequestXml.SelectSingleNode("/async:PendingRequest/dss:OptionalInputs", nsmgr).AppendChild(signedXml.GetXml());

            //Serialize and encode
            var stream = new MemoryStream();
            pendingRequestXml.Save(stream);
            return Convert.ToBase64String(stream.ToArray());
        }