/// <summary> /// Method to revoke/invalidate authentication token /// </summary> /// <param name="AuthToken"></param> /// <param name="UserType">type of user to be validated</param> /// <returns></returns> public bool revokeAuthToken(string AuthToken) { try { string AES_KEY = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY); string AES_SALT = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT); int SaltLength = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.SaltLength)); var TokenBody = CryptoUtility.Decrypt(AuthToken, AES_KEY, AES_SALT); var LstTokenBody = JLT.Common.Utility.StringUtility.SplitString(TokenBody, "##"); var LstInnerMsg = JLT.Common.Utility.StringUtility.SplitString(LstTokenBody[0], Constants.AuthToken.SeperatorString); //InnerMsg = UserID + Role + IPAddress + CryptoUtility.GenerateTimeStamp(); var TokenHash = LstTokenBody[1]; using (var objTokenDBService = new TokenDBService()) { return(objTokenDBService.ChangeHashSalt(LstInnerMsg[0], CryptoUtility.GenerateSalt(SaltLength))); } } catch (MySqlException odbcEx) { throw odbcEx; } catch (Exception ex) { throw ex; } }
/// <summary> /// /// </summary> /// <param name="UserID"></param> /// <param name="Role"></param> /// <param name="IPAddress"></param> /// <param name="AES_KEY"></param> /// <param name="AES_SALT"></param> /// <param name="IsAdmin">If true it will fetch HashSalt from a_Admin table else from contact table</param> /// <param name="SaltLength"></param> /// <returns></returns> public T obtainAuthToken <T>(T adminEntity, string IPAddress) where T : new() { try { string AES_KEY = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_KEY); string AES_SALT = CommonUtility.GetAppSettingKey(Constants.AuthToken.AES_SALT); int SaltLength = Convert.ToInt32(CommonUtility.GetAppSettingKey(Constants.AuthToken.SaltLength)); PropertyInfo useridPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_UserId)); PropertyInfo idPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_ID)); PropertyInfo rolePropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_Role)); PropertyInfo authTokenPropertyInfo = typeof(T).GetProperty(CommonUtility.GetAppSettingKey(Constants.AuthToken.UserEntity_AuthToken)); using (var objTokenDBService = new TokenDBService()) { var objAdminEntity = objTokenDBService.ValidateAdminCredentials(adminEntity); var id = (UInt64)idPropertyInfo.GetValue(objAdminEntity, null); var role = Convert.ToString(rolePropertyInfo.GetValue(objAdminEntity, null)); var userid = (string)useridPropertyInfo.GetValue(objAdminEntity, null); var authTolen = (string)authTokenPropertyInfo.GetValue(objAdminEntity, null); if (userid == (string)useridPropertyInfo.GetValue(adminEntity, null)) { var Inner_Msg = id + Constants.AuthToken.SeperatorString + role + Constants.AuthToken.SeperatorString + IPAddress + Constants.AuthToken.SeperatorString + CryptoUtility.GenerateTimeStamp(); var HASH_SALT = CryptoUtility.GenerateSalt(SaltLength); objTokenDBService.ChangeHashSalt(id.ToString(), HASH_SALT); var Msg_Hash = CryptoUtility.GenerateHash(Inner_Msg, HASH_SALT); authTokenPropertyInfo.SetValue(objAdminEntity, CryptoUtility.Encrypt(Inner_Msg + "##" + Msg_Hash, AES_KEY, AES_SALT), null); return(objAdminEntity); } else { throw new SecurityTokenException("-3|Error granting access token: You entered wrong UserId or Password(UserID: " + userid + " | IP Address: " + IPAddress + ")"); } } } catch (SecurityTokenException e) { throw e; } catch (MySqlException odbcEx) { throw odbcEx; } catch (Exception ex) { throw ex; } }