public async Task <SessionKeyResponse> RefreshSessionKey(RequestModel model) { var imei = Request.GetImei(); using (var context = new ApplicationDbContext()) { var keys = await context.Keys.Where(k => k.User.UserName == User.Identity.Name).ToListAsync(); foreach (var currentKey in keys) { currentKey.SessionKeyGenerated = null; context.Entry(currentKey).State = EntityState.Modified; } await context.SaveChangesAsync(); var key = await context.Keys.FirstOrDefaultAsync(k => k.User.UserName == User.Identity.Name && k.Imei == imei); if (key == null || key.PublicKey == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Public key by email not found")); } var sessionKey = BouncyCastleHelper.GenerateSerpentKey(); key.SessionKey = BouncyCastleHelper.DbProtection(sessionKey); key.SessionKeyGenerated = DateTime.UtcNow; context.Entry(key).State = EntityState.Modified; await context.SaveChangesAsync(); return(new SessionKeyResponse { EncryptedSessionKey = BouncyCastleHelper.EncryptSessionKey(sessionKey, BouncyCastleHelper.DbProtection(key.PublicKey, false)) }); } }
public static AuthenticationProperties CreateProperties(ApplicationUser user, UserKey key) { IDictionary <string, string> data = new Dictionary <string, string> { { "userName", user.UserName } }; if (key?.PublicSignKey != null) { data.Add("signHalfKey", BouncyCastleHelper.DbProtection(key.SignHalfKey, false)); } if (key?.UserStorageKey != null) { data.Add("userStorageKey", BouncyCastleHelper.DbProtection(key.UserStorageKey, false)); } return(new AuthenticationProperties(data)); }
public async Task <bool> SetSignatureKeys(SignatureRequestModel model) { var imei = Request.GetImei(); if (imei == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Imei not specified")); } if (model?.HalfPrivateSignKey == null || model.PublicSignKey == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Keys not provided")); } using (var context = new ApplicationDbContext()) { var key = await context.Keys.FirstOrDefaultAsync(k => k.Imei == imei && k.User.UserName == User.Identity.Name); if (key != null && (key.SignHalfKey != null || key.PublicSignKey != null)) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Sign key are already defined")); } if (key == null) { context.Keys.Add(new UserKey { Imei = imei, PublicSignKey = BouncyCastleHelper.DbProtection(model.PublicSignKey), SignHalfKey = BouncyCastleHelper.DbProtection(model.HalfPrivateSignKey), User = await context.Users.FirstOrDefaultAsync(u => u.UserName == User.Identity.Name) }); } else { key.PublicSignKey = BouncyCastleHelper.DbProtection(model.PublicSignKey); key.SignHalfKey = BouncyCastleHelper.DbProtection(model.HalfPrivateSignKey); context.Entry(key).State = EntityState.Modified; } await context.SaveChangesAsync(); } return(true); }
public override async Task OnAuthorizationAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken) { await base.OnAuthorizationAsync(actionContext, cancellationToken); var principal = actionContext.RequestContext.Principal; var imei = actionContext.Request.GetImei(); var signature = actionContext.Request.GetSignature(); if (imei == null || signature == null) { actionContext.Response = actionContext.Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "There is no imei or signature"); return; } UserKey key; using (var context = new ApplicationDbContext()) { key = await context.Keys.FirstOrDefaultAsync(k => k.Imei == imei && k.User.UserName == principal.Identity.Name); if (key == null || key.SignHalfKey == null || key.PublicSignKey == null) { actionContext.Response = actionContext.Request.CreateCustomErrorResponse(HttpStatusCode.MethodNotAllowed, "Sign key is not found"); return; } } var stream = await actionContext.Request.Content.ReadAsStreamAsync(); var reader = new StreamReader(stream); var jsonPostData = reader.ReadToEnd(); stream.Seek(0, SeekOrigin.Begin); if (!BouncyCastleHelper.Verify(jsonPostData, signature, BouncyCastleHelper.DbProtection(key.PublicSignKey, false))) { actionContext.Response = actionContext.Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Sign is invalid"); return; } }
public async Task <bool> RefreshPublicKey(RequestModel model) { var imei = Request.GetImei(); if (string.IsNullOrEmpty(imei) || string.IsNullOrEmpty(model.PublicKey)) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Imei and public key can not be null")); } using (var context = new ApplicationDbContext()) { var user = await context.Users.FirstOrDefaultAsync(u => u.UserName == User.Identity.Name); if (user == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.InternalServerError, "User not found")); } var key = await context.Keys.FirstOrDefaultAsync(k => k.Imei == imei && k.User.UserName == User.Identity.Name); if (key == null) { context.Keys.Add(new UserKey { Imei = imei, PublicKey = BouncyCastleHelper.DbProtection(model.PublicKey), User = user }); } else { key.PublicKey = BouncyCastleHelper.DbProtection(model.PublicKey); context.Entry(key).State = EntityState.Modified; } await context.SaveChangesAsync(); } return(true); }
public async Task <NoteResponse> Post(RequestModel model) { var imei = Request.GetImei(); if (string.IsNullOrEmpty(imei) || string.IsNullOrEmpty(model.Name)) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Imei and name can not be null")); } using (var context = new ApplicationDbContext()) { var key = await context.Keys.FirstOrDefaultAsync(k => k.User.UserName == User.Identity.Name && k.Imei == imei); if (key == null || key.PublicKey == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.BadRequest, "Public key by email not found")); } if (key.SessionKey == null || key.SessionKeyGenerated == null || (DateTime.UtcNow - key.SessionKeyGenerated.Value).TotalMinutes > _sessionKeyExpirationInMinutes) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.Forbidden, "Session key not generated or has been expired")); } var text = await context.Notes.FirstOrDefaultAsync(n => n.Name == model.Name); if (text == null) { throw new HttpResponseException(Request.CreateCustomErrorResponse(HttpStatusCode.NotFound, "Note with such name not found")); } return(new NoteResponse { Name = text.Name, EncryptedText = BouncyCastleHelper.EncryptNote(BouncyCastleHelper.DbProtection(text.Text, false), BouncyCastleHelper.DbProtection(key.SessionKey, false)) }); } }
protected override void Seed(kbsrserver.Models.ApplicationDbContext context) { const string name1 = "*****@*****.**"; const string name2 = "*****@*****.**"; if (!(context.Users.Any(u => u.UserName == name1))) { var userStore = new UserStore <ApplicationUser>(context); var userManager = new UserManager <ApplicationUser>(userStore); var userToInsert = new ApplicationUser { UserName = name1, PhoneNumber = "123", Email = name1 }; userManager.Create(userToInsert, "Password123*"); context.SaveChanges(); } if (!(context.Users.Any(u => u.UserName == name2))) { var userStore = new UserStore <ApplicationUser>(context); var userManager = new UserManager <ApplicationUser>(userStore); var userToInsert = new ApplicationUser { UserName = name2, PhoneNumber = "123", Email = name2 }; var bytes = Encoding.UTF8.GetBytes("Password123*"); var hasher = new SHA256Managed(); var hashed = hasher.ComputeHash(bytes).ToHexString(); userManager.Create(userToInsert, hashed); context.SaveChanges(); } context.Notes.AddOrUpdate( p => p.Name, new Note { Id = 1, Name = "Hello", Text = BouncyCastleHelper.DbProtection("Hello, World!") }, new Note { Id = 2, Name = "Eldar", Text = BouncyCastleHelper.DbProtection(@"Eldar Gamisoniya BSU GROUP 12") } ); context.SaveChanges(); // This method will be called after migrating to the latest version. // You can use the DbSet<T>.AddOrUpdate() helper extension method // to avoid creating duplicate seed data. E.g. // // context.People.AddOrUpdate( // p => p.FullName, // new Person { FullName = "Andrew Peters" }, // new Person { FullName = "Brice Lambson" }, // new Person { FullName = "Rowan Miller" } // ); // }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var userManager = context.OwinContext.GetUserManager <ApplicationUserManager>(); var user = await userManager.FindByNameAsync(context.UserName); if (user == null || user.Attempts >= MaxAttempts) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } context. if (!await userManager.CheckPasswordAsync(user, context.Password)) { user.Attempts++; await userManager.UpdateAsync(user); await context.OwinContext.Get <ApplicationDbContext>().SaveChangesAsync(); context.SetError("invalid_grant", "The user name or password is incorrect."); return; } user.Attempts = 0; await userManager.UpdateAsync(user); await context.OwinContext.Get <ApplicationDbContext>().SaveChangesAsync(); string[] values; if (!context.Request.Headers.TryGetValue("Imei", out values)) { context.SetError("no_imei", "Imei not specified"); return; } var imei = values.FirstOrDefault(); UserKey key; try { using (var db = new ApplicationDbContext()) { var userEntity = await db.Users.FirstOrDefaultAsync(u => u.UserName == user.UserName); key = await db.Keys.FirstOrDefaultAsync(k => k.User.UserName == userEntity.UserName && k.Imei == imei); if (key == null) { key = new UserKey { Imei = imei, UserStorageKey = BouncyCastleHelper.DbProtection(BouncyCastleHelper.GenerateSerpentKey()), User = userEntity }; db.Keys.Add(key); await db.SaveChangesAsync(); } else if (key.UserStorageKey == null) { key.UserStorageKey = BouncyCastleHelper.DbProtection(BouncyCastleHelper.GenerateSerpentKey()); db.Entry(key).State = EntityState.Modified; await db.SaveChangesAsync(); } } ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType); AuthenticationProperties properties = CreateProperties(user, key); AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties); context.Validated(ticket); } catch (Exception ex) { throw ex; } }