public bool AuthenticateUser(ChallengeResponse challengeResponse)
{
if (authAndPayService.IsValidChallengeResponse(challengeResponse))
{
authAndPayService.AuthenticateUser(challengeResponse.UserName, challengeResponse.EpochTime);
return true;
}
return false;
}
public ChallengeResponse ParseAuthChallenge(string input, string userName,string key)
{
char[] seps={'/'};//For Epoche Time
String [] values = input.Split(seps);//For Epoche Time
string op = CalculateHMAC(input, userName, key);
ChallengeResponse cmac = new ChallengeResponse
{
EpochTime = Convert.ToInt64 ( values[1]),
UserName = userName,
HMAC = op
};
return cmac;
}
public bool IsValidChallengeResponse(ChallengeResponse challengeResponse)
{
string challenge = GetAuthChallenge(challengeResponse.UserName,challengeResponse.EpochTime);
string secret = GetSecretOfUser(challengeResponse.UserName);
string input = String.Format("{0}/{1}/{2}/{3}",
"01",
challengeResponse.EpochTime,
challenge,challengeResponse.UserName);
string hash = cryptoService.CalculateHmac(secret, challenge);
return (challengeResponse.HMAC != null && challengeResponse.HMAC.Equals(hash));
}