/// <summary>
/// Method to revoke/invalidate authentication token
/// </summary>
/// <param name="AuthToken"></param>
/// <param name="UserType">type of user to be validated</param>
/// <returns></returns>
public bool revokeAuthToken(string AuthToken)
{
try
{
string AES_KEY = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY);
string AES_SALT = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT);
int SaltLength = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.SaltLength));
var TokenBody = CryptoUtility.Decrypt(AuthToken, AES_KEY, AES_SALT);
var LstTokenBody = JLT.Common.Utility.StringUtility.SplitString(TokenBody, "##");
var LstInnerMsg = JLT.Common.Utility.StringUtility.SplitString(LstTokenBody[0], Constants.AuthToken.SeperatorString); //InnerMsg = UserID + Role + IPAddress + CryptoUtility.GenerateTimeStamp();
var TokenHash = LstTokenBody[1];
using (var objTokenDBService = new TokenDBService())
{
return(objTokenDBService.ChangeHashSalt(LstInnerMsg[0], CryptoUtility.GenerateSalt(SaltLength)));
}
}
catch (MySqlException odbcEx)
{
throw odbcEx;
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
///
/// </summary>
/// <param name="UserID"></param>
/// <param name="Role"></param>
/// <param name="IPAddress"></param>
/// <param name="AES_KEY"></param>
/// <param name="AES_SALT"></param>
/// <param name="IsAdmin">If true it will fetch HashSalt from a_Admin table else from contact table</param>
/// <param name="SaltLength"></param>
/// <returns></returns>
public T obtainAuthToken <T>(T adminEntity, string IPAddress) where T : new()
{
try
{
string AES_KEY = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY);
string AES_SALT = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT);
int SaltLength = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.SaltLength));
PropertyInfo useridPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_UserId));
PropertyInfo idPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_ID));
PropertyInfo rolePropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_Role));
PropertyInfo authTokenPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_AuthToken));
using (var objTokenDBService = new TokenDBService())
{
var objAdminEntity = objTokenDBService.ValidateAdminCredentials(adminEntity);
var id = (UInt64)idPropertyInfo.GetValue(objAdminEntity, null);
var role = Convert.ToString(rolePropertyInfo.GetValue(objAdminEntity, null));
var userid = (string)useridPropertyInfo.GetValue(objAdminEntity, null);
var authTolen = (string)authTokenPropertyInfo.GetValue(objAdminEntity, null);
if (userid == (string)useridPropertyInfo.GetValue(adminEntity, null))
{
var Inner_Msg = id + Constants.AuthToken.SeperatorString + role + Constants.AuthToken.SeperatorString + IPAddress + Constants.AuthToken.SeperatorString + CryptoUtility.GenerateTimeStamp();
var HASH_SALT = CryptoUtility.GenerateSalt(SaltLength);
objTokenDBService.ChangeHashSalt(id.ToString(), HASH_SALT);
var Msg_Hash = CryptoUtility.GenerateHash(Inner_Msg, HASH_SALT);
authTokenPropertyInfo.SetValue(objAdminEntity, CryptoUtility.Encrypt(Inner_Msg + "##" + Msg_Hash, AES_KEY, AES_SALT), null);
return(objAdminEntity);
}
else
{
throw new SecurityTokenException("-3|Error granting access token: You entered wrong UserId or Password(UserID: " + userid + " | IP Address: " + IPAddress + ")");
}
}
}
catch (SecurityTokenException e)
{
throw e;
}
catch (MySqlException odbcEx)
{
throw odbcEx;
}
catch (Exception ex)
{
throw ex;
}
}
