/// <summary>
/// Save a refresh token
/// Returns the refresh token id
/// </summary>
/// <param name="refreshToken"></param>
/// <returns>Refresh token id</returns>
public async Task <String> SaveRefreshTokenAsync(RefreshTokenModel refreshToken)
{
var refreshTokenId = Guid.NewGuid().ToString("n");
_context.RefreshTokens.Add(new RefreshTokens
{
ClientId = "notneeded",
ExpiresUtc = refreshToken.ExpiresUtc,
IssuedUtc = refreshToken.IssuedUtc,
ProtectedTicket = refreshToken.AccessToken,
Subject = refreshToken.Subject,
TokenIdHash = CryptoMethods.GetSHA512Hash(refreshTokenId)
});
await _context.SaveChangesAsync();
return(refreshTokenId);
}
public async Task <IActionResult> UpdateAccount([FromBody] AdminModel model)
{
try
{
var(firstname, lastname) = Utils.SplitFullname(model.Fullname);
var admin = await _context.Admins.SingleOrDefaultAsync(o => o.AdminId == Convert.ToInt32(User.Identity.Name));
admin.Firstname = firstname;
admin.Lastname = lastname;
admin.Email = model.EmailAddress;
admin.Phonenumber = Phonenumber.Parse(model.Phonenumber);
await _context.SaveChangesAsync();
return(Ok(admin.AdminId));
}
catch (DbUpdateException ex) when(ex.InnerException is SqlException sqlEx && (sqlEx.Number == 2601 || sqlEx.Number == 2627))
{
ModelState.AddModelError("EmailAddress", "This email address is already registered");
return(BadRequest(ModelState));
}
}
/// <summary>
/// Authenticate an admin
/// Returns the admin with roles if successful, otherwise null
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
public async Task <Admins> AuthenticateAsync(String username, String password)
{
var admin = await _context.Admins.Include(m => m.Roles).SingleOrDefaultAsync(o => (o.Username == username || o.Email == username) && o.Status == 1);
if (admin != null)
{
var result = CryptoMethods.VerifyHashedPassword(admin.Password, password);
if (result == PasswordVerificationResult.Success)
{
return(admin);
}
else if (result == PasswordVerificationResult.SuccessRehashNeeded)
{
admin.Password = new PasswordHasher <Admins>().HashPassword(null, password);
await _context.SaveChangesAsync();
return(admin);
}
}
return(null);
}
public async Task <IActionResult> TwilioDeliveryReport(TwilioDeliveryReportModel deliveryReport)
{
try
{
_log.Debug($"Received delivery report for sms {deliveryReport.MessageSid} with status {deliveryReport.SmsStatus}");
var message = await _smsGateway.GetSmsReportAsync(deliveryReport.MessageSid);
_flexinetsContext.SmsLogEntries.Add(new SmsLogEntries
{
EventTimestamp = DateTime.UtcNow,
DestinationAddress = message.To.ToString(),
Orgaddr = message.From.ToString(),
Text = message.Body,
Smsid = message.Sid,
Inbound = false,
Status = deliveryReport.SmsStatus,
SmsTimestamp = message.DateSent
});
await _flexinetsContext.SaveChangesAsync();
_log.Debug($"Saved sms with id {message.Sid}");
if (deliveryReport.SmsStatus == "sent")
{
_log.Info($"Sms with id {message.Sid} from {message.From} to {message.To} : {message.Body}");
}
}
catch (DbUpdateException ex) when(ex.InnerException is SqlException sqlEx && (sqlEx.Number == 2601 || sqlEx.Number == 2627))
{
_log.Warn($"Ignoring duplicate sms delivery report for id {deliveryReport.MessageSid}");
}
catch (Exception ex)
{
_log.Error("Failed receiving delivery report", ex);
return(BadRequest(ex));
}
return(new TwiMLResult());
}
public async Task <IActionResult> TwilioIncoming()
{
var dictionary = Request.Form.ToDictionary(o => o.Key, o => o.Value.ToString());
var messageAuthenticator = Request.Headers.SingleOrDefault(o => o.Key == "X-Twilio-Signature").Value.FirstOrDefault();
if (!_smsGateway.ValidateMessage(Request.GetDisplayUrl(), dictionary, messageAuthenticator))
{
_log.Warn("Invalid message authenticator, check twilio logs");
return(BadRequest("Invalid message authenticator"));
}
// cannot use frombody because then the parameters are not available for validating message authenticator
var model = new TwilioIncomingSmsModel
{
AccountSid = dictionary.SingleOrDefault(o => o.Key == "AccountSid").Value,
Body = dictionary.SingleOrDefault(o => o.Key == "Body").Value,
From = dictionary.SingleOrDefault(o => o.Key == "From").Value,
To = dictionary.SingleOrDefault(o => o.Key == "To").Value,
MessageSid = dictionary.SingleOrDefault(o => o.Key == "MessageSid").Value,
};
_log.Info($"Incoming sms {model.MessageSid} from {model.From} to {model.To}");
try
{
model.From = Phonenumber.Parse(model.From);
model.To = Phonenumber.Parse(model.To);
_flexnetsContext.SmsLogEntries.Add(new SmsLogEntries
{
EventTimestamp = DateTime.UtcNow,
DestinationAddress = model.To,
Orgaddr = model.From,
Text = model.Body,
Smsid = model.MessageSid,
Inbound = true,
Status = "RECEIVED",
SmsTimestamp = DateTime.UtcNow
});
await _flexnetsContext.SaveChangesAsync();
_log.Info($"Saved incoming sms with id {model.MessageSid}");
_log.Info($"Incoming SMS from {model.From} to {model.To} : {model.Body}");
if (model.Body.ToUpper() == "A" || model.Body.ToUpper() == "\"A\"" || model.Body.ToUpper() == "\'A\'")
{
_log.Info("Handling limit extension");
var queueClient = new QueueClient(_serviceBusConnectionString);
await queueClient.SendAsync(new Message(Encoding.UTF8.GetBytes(model.From)));
}
if (model.Body == "echo?" && model.From == _echoNumber)
{
_log.Info("Sending echo reply");
await _smsGateway.SendSmsAsync("echo!", model.From);
}
}
catch (DbUpdateException ex) when(ex.InnerException is SqlException sqlEx && (sqlEx.Number == 2601 || sqlEx.Number == 2627))
{
_log.Warn($"Ignoring duplicate sms delivery report for id {model.MessageSid}");
}
catch (Exception ex)
{
_log.Error("Failed receiving incoming sms", ex);
return(BadRequest(ex));
}
return(new TwiMLResult());
}
