public async Task <User> Login(string username, string password) { if (string.IsNullOrWhiteSpace(username)) { return(null); } var user = await _context.Users .Include(x => x.Photos) .FirstOrDefaultAsync(x => x.Username == username.ToLowerInvariant()); if (user == null) { return(null); } bool isPasswordValid = HmacHelper.CheckPasswordHash(password, user.PasswordHash, user.PasswordSalt); if (isPasswordValid) { return(user); } else { return(null); } }
// Http Request to Momo Server public void sendPaymentRequest() { var reqtime = Utils.GetTimeStamp().ToString(); var transid = Guid.NewGuid().ToString(); var embeddata = new {}; var order = new Dictionary <string, string>(); order.Add("appid", appid); order.Add("appuser", "demo"); order.Add("apptime", Utils.GetTimeStamp().ToString()); order.Add("amount", totalCost.ToString()); order.Add("apptransid", DateTime.Now.ToString("yyMMdd") + "_" + transid); order.Add("embeddata", JsonConvert.SerializeObject(embeddata)); order.Add("item", orderInfo); order.Add("description", "Smart Food Court ZaloPay demo"); order.Add("bankcode", "zalopayapp"); var data = appid + "|" + order["apptransid"] + "|" + order["appuser"] + "|" + order["amount"] + "|" + order["apptime"] + "|" + order["embeddata"] + "|" + order["item"]; order.Add("mac", HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, key1, data)); var orderJSON = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(order)); Dictionary <string, string> param = new Dictionary <string, string>(); param.Add("appid", appid); param.Add("reqtime", reqtime); param.Add("mac", HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, key1, appid + "|" + reqtime)); payUrl = qrUrl = "https://sbgateway.zalopay.vn/openinapp?order=" + Convert.ToBase64String(orderJSON); }
public async Task <string> CreateOrderAsync(Booking booking, long amount, string description) { var transid = Guid.NewGuid().ToString(); var embeddata = new {}; var items = new object[] {}; var param = new Dictionary <string, string>(); param.Add("appid", _appid); param.Add("appuser", booking.Owner.Name); param.Add("apptime", Utils.GetTimeStamp().ToString()); // Quick hack to convert to VND :)) param.Add("amount", Math.Ceiling(amount * 23193d).ToString()); param.Add("apptransid", DateTime.Now.ToString("yyMMdd") + "_" + transid); param.Add("embeddata", JsonConvert.SerializeObject(embeddata)); param.Add("item", JsonConvert.SerializeObject(items)); param.Add("description", description); param.Add("bankcode", "zalopayapp"); var data = _appid + "|" + param["apptransid"] + "|" + param["appuser"] + "|" + param["amount"] + "|" + param["apptime"] + "|" + param["embeddata"] + "|" + param["item"]; param.Add("mac", HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, _key1, data)); var result = await HttpHelper.PostFormAsync(_createOrderUrl, param); foreach (var entry in result) { Console.WriteLine("{0} = {1}", entry.Key, entry.Value); } return(result["orderurl"] as string); }
public static string Compute(string data, string key = "") { if (string.IsNullOrEmpty(key)) { key = Constants.KEY1; } return(HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, key, data)); }
public static string Compute(string data, string key = "") { if (string.IsNullOrEmpty(key)) { key = ConfigurationManager.AppSettings["Key1"]; } return(HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, key, data)); }
public IActionResult Signup() { var username = HttpContext.Request.Form["username"]; var password = HttpContext.Request.Form["password"]; var sign = HmacHelper.HmacSha1ToBase64(username, password); Console.WriteLine(HttpContext.Request.Host.Value); //return RedirectToRoute("HttpContext.Request.Host.Value" + "/api/token", new { username, sign }); return(new JsonResult(new { username, usersign = sign })); //RedirectToRoute("/api/token", "username="******"&usersign=" + sign); }
public static bool VerifyCallback(string data, string requestMac) { try { string mac = HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, ConfigurationManager.AppSettings["Key2"], data); return(requestMac.Equals(mac)); } catch { return(false); } }
public static bool VerifyCallback(string data, string requestMac) { try { string mac = HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, Constants.KEY1, data); return(requestMac.Equals(mac)); } catch { return(false); } }
public void TestCalculateHmac() { string message = "amount=100¤cy=EUR"; string expectedHex = "b436e3e86cb3800b3864aeecc8d06c126f005e7645803461717a8e4b2de3a905"; // Test out the HMAC hash method string key = "57617b5d2349434b34734345635073433835777e2d244c31715535255a366773755a4d70532a5879793238235f707c4f7865753f3f446e633a21575643303f66"; var hmacHelper = new HmacHelper(); string hashHMACHex = hmacHelper.CalculateHashHMACHex(key, message); // Assert Assert.Equal(expectedHex, hashHMACHex); }
private Task <ClaimsIdentity> GetIdentity(string username, string userSign) { //从数据库中读取对应用户的密码计算HMAC var sign = HmacHelper.HmacSha1ToBase64(username, "TEST123"); Console.WriteLine(sign); // Don't do this in production, obviously! if (sign == userSign) { return(Task.FromResult(new ClaimsIdentity(new GenericIdentity(username, "Token"), new Claim[] { }))); } // Credentials are invalid, or account doesn't exist return(Task.FromResult <ClaimsIdentity>(null)); }
public Task <string> CreateOrderAsync(Booking booking, long amount, string description) { string secret = "MbRYDmFmFTVl11Dp8KqUYmeSPpUnEYnr"; long amountVnd = amount * 21000; string partnerCode = "MOMOLEEQ20210615"; string accessKey = "XGqCNhlAZAtL0lGD"; string requestId = Utils.GetTimeStamp().ToString(); string orderId = Guid.NewGuid().ToString(); string orderInfo = description; string url = (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == "Production"? "https://etour-client.azurewebsites.net/booking/momoconfirm" : "https://localhost:44323/booking/momoconfirm") + $"?id={booking.ID}"; string requestType = "captureMoMoWallet"; string extraData = ""; var httpWebRequest = (HttpWebRequest)WebRequest.Create("https://test-payment.momo.vn/gw_payment/transactionProcessor"); httpWebRequest.ContentType = "application/json"; httpWebRequest.Method = "POST"; using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream())) { string json = new JavaScriptSerializer().Serialize(new { partnerCode, accessKey, requestId, amount = amountVnd.ToString(), orderId, orderInfo, returnUrl = url, notifyUrl = url, requestType, signature = HmacHelper.Compute(key: secret, message: $"partnerCode={partnerCode}&accessKey={accessKey}&requestId={requestId}&amount={amountVnd.ToString()}&orderId={orderId}&orderInfo={orderInfo}&returnUrl={url}¬ifyUrl={url}&extraData={extraData}"), extraData }); streamWriter.Write(json); } var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse(); using (var streamReader = new StreamReader(httpResponse.GetResponseStream())) { var result = streamReader.ReadToEnd(); Console.WriteLine(result); return(Task.FromResult <string>(((dynamic) new JavaScriptSerializer().DeserializeObject(result)).payUrl)); } }
public async Task <User> Register(User user, string password) { if (user == null) { return(null); } // The password must be a not empty string if (string.IsNullOrWhiteSpace(password)) { return(null); } (user.PasswordHash, user.PasswordSalt) = HmacHelper.ComputeHashSalt(password); await _context.Users.AddAsync(user); await _context.SaveChangesAsync(); return(user); }
public IActionResult Get([FromQuery] AdyenPaymentResponse request) { // check payment var list = new SortedList <string, string>(); list.Add(nameof(request.shopperLocale), request.shopperLocale); list.Add(nameof(request.authResult), request.authResult); list.Add(nameof(request.merchantReference), request.merchantReference); list.Add(nameof(request.merchantReturnData), request.merchantReturnData); list.Add(nameof(request.skinCode), request.skinCode); list.Add(nameof(request.paymentMethod), request.paymentMethod); list.Add(nameof(request.pspReference), request.pspReference); var messageToSign = string.Concat(string.Join(":", list.Keys), ":", string.Join(":", list.Values.Select(x => x.Replace("\\", "\\\\").Replace(":", "\\:")))); var sign = new HmacHelper().CalculateHashHMACHex(paymentSettings.HmacKey, messageToSign); if (sign == request.merchantSig) { var returnUrl = request.merchantReturnData.Replace("_qm_", "?").Replace("_amp_", "&");// todo: rework this hotfix return(Redirect(returnUrl)); } return(BadRequest()); }
private async Task <T> MakeRequestAsync <T>(HttpMethod method, string route, object body = null, Dictionary <string, string> parameters = null) { SortedDictionary <string, string> sortedParameters = parameters == null ? sortedParameters = new SortedDictionary <string, string>() : sortedParameters = new SortedDictionary <string, string>(parameters); // Uncomment the HttpClientHandler to run requests through Fiddler to aid debugging using (var httpClient = new HttpClient(/*new HttpClientHandler { Proxy = new WebProxy("localhost:8888", true), UseDefaultCredentials = true }*/)) { httpClient.Timeout = _timeout; // Set required headers httpClient.DefaultRequestHeaders.Accept.Add( new MediaTypeWithQualityHeaderValue(_jsonContentType)); httpClient.DefaultRequestHeaders.UserAgent.Add( new ProductInfoHeaderValue("luno_dotnet", "0.0.1")); // TODO: make this reaaal httpClient.BaseAddress = new Uri(_baseUrl); var path = $"/v{_version}{route}"; // Add additional required parameters sortedParameters.Add("key", _apiKey); sortedParameters.Add("timestamp", $"{DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ss.fff")}Z"); // Create signature var signatureDatum = $"{method.ToString()}:{path}?{sortedParameters.ToQueryString()}"; if (body != null) { signatureDatum += $":{JsonConvert.SerializeObject(body)}"; } var signature = HmacHelper.ComputeHmacSha512Hash(signatureDatum, _secretKey).ToLower(); sortedParameters.Add("sign", signature); path = $"{path}?{sortedParameters.ToQueryString()}"; HttpResponseMessage response = null; switch (method) { case HttpMethod.GET: response = await httpClient.GetAsync(path); break; case HttpMethod.POST: response = await httpClient.PostAsync(path, new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, _jsonContentType)); break; case HttpMethod.PUT: response = await httpClient.PutAsync(path, new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, _jsonContentType)); break; case HttpMethod.PATCH: response = await httpClient.PatchAsync(path, new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, _jsonContentType)); break; case HttpMethod.DELETE: response = await httpClient.DeleteAsync(path); break; default: throw new NotImplementedException($"The http method '{method.ToString()}' is not supported."); } // read the response content into a string var responseContent = await response.Content.ReadAsStringAsync(); // if the response was a success: deserialize the response and then return it. if (response.IsSuccessStatusCode) { return(JsonConvert.DeserializeObject <T>(responseContent)); } // otherwise, deserialize it into an error response and throw it var errorResponse = JsonConvert.DeserializeObject <ErrorResponse>(responseContent); if (errorResponse == null) { response.EnsureSuccessStatusCode(); } throw new LunoApiException(errorResponse); } }
public string ComputeMac() { return(HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, Constants.APP_ID, GetMacData())); }
public string ComputeMac() { return(HmacHelper.Compute(ZaloPayHMAC.HMACSHA256, ConfigurationManager.AppSettings["Key1"], GetMacData())); }