private String GetPasswordProof(Profile profile, AuthRequest request, ProofType type, bool client_to_server)
{
List <String> challenges = new List <String>();
StringBuilder sb = new StringBuilder();
string password = null;
if (profile != null && profile.User != null)
{
password = profile.User.Password;
}
switch (type)
{
case ProofType.ProofType_NickEmail:
if (profile.User.Partnercode != CoreWeb.Models.User.PARTNERID_GAMESPY)
{
sb.Append(profile.User.Partnercode.ToString());
sb.Append("@");
sb.Append(profile.Nick);
sb.Append("@");
sb.Append(profile.User.Email);
}
else
{
sb.Append(profile.Nick);
sb.Append("@");
sb.Append(profile.User.Email);
}
break;
case ProofType.ProofType_Unique:
if (profile.User.Partnercode != CoreWeb.Models.User.PARTNERID_GAMESPY)
{
sb.Append(profile.User.Partnercode.ToString());
sb.Append("@");
sb.Append(profile.Uniquenick);
}
else
{
sb.Append(profile.Uniquenick);
}
break;
case ProofType.ProofType_PreAuth:
password = request.client_response;
sb.Append(request.auth_token);
break;
case ProofType.ProofType_LoginTicket:
password = request.login_ticket;
sb.Append(request.login_ticket);
break;
}
if (client_to_server)
{
challenges.Add(request.client_challenge);
challenges.Add(request.server_challenge);
}
else
{
challenges.Add(request.server_challenge);
challenges.Add(request.client_challenge);
}
return(GetProofString(sb.ToString(), challenges, password));
}
public Task <AuthResponse> NickEmailAuth([FromBody] AuthRequest authRequest)
{
return(handleAuthRequest(authRequest, ProofType.ProofType_NickEmail));
}
public Task <AuthResponse> UniqueNickAuth([FromBody] AuthRequest authRequest)
{
return(handleAuthRequest(authRequest, ProofType.ProofType_Unique));
}
public async Task <AuthResponse> PreAuth([FromBody] AuthRequest authRequest)
{
Dictionary <string, string> dict = await sessionRepository.decodeAuthToken(authRequest.auth_token);
if (dict == null)
{
throw new AuthInvalidCredentialsException();
}
DateTime expireTime;
AuthResponse response = new AuthResponse();
if (dict.Keys.Contains("expiresAt"))
{
long expiresAtTS;
if (!long.TryParse(dict["expiresAt"], out expiresAtTS))
{
throw new AuthInvalidCredentialsException();
}
System.DateTime dtDateTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, System.DateTimeKind.Utc);
expireTime = dtDateTime.AddSeconds(expiresAtTS).ToLocalTime();
if (DateTime.UtcNow > expireTime)
{
throw new AuthInvalidCredentialsException();
}
}
ProfileLookup profileLookup = new ProfileLookup();
UserLookup userLookup = new UserLookup();
int profileId;
int.TryParse(dict["profileId"], out profileId);
profileLookup.id = profileId;
User user = null;
if (dict.ContainsKey("userId"))
{
int.TryParse(dict["userId"], out profileId);
userLookup.id = profileId;
user = (await userRepository.Lookup(userLookup)).First();
}
response.profile = (await profileRepository.Lookup(profileLookup)).First();
response.success = true;
if (user == null)
{
userLookup.id = response.profile.Userid;
user = (await userRepository.Lookup(userLookup)).First();
}
response.user = user;
//authRequest.client_response = authRequest.auth_token_challenge;
var client_response = authRequest.client_response;
authRequest.client_response = dict["true_signature"];
//test validity of auth token... confirm the users token is signed against "true_signature"
if (client_response.CompareTo(GetPasswordProof(response.profile, authRequest, ProofType.ProofType_PreAuth, true)) != 0)
{
throw new AuthInvalidCredentialsException();
}
response.server_response = GetPasswordProof(response.profile, authRequest, ProofType.ProofType_PreAuth, false);
response.session = await generateSessionKey(response.profile);
response.success = true;
return(response);
}