public async Task <IActionResult> GetCertificate(long uln, string familyName, [SwaggerParameter("Standard Code or Standard Reference Number")] string standard) { var getRequest = new GetBatchCertificateRequest { UkPrn = _headerInfo.Ukprn, Uln = uln, FamilyName = familyName, Standard = standard }; var response = await _apiClient.GetCertificate(getRequest); if (response.ValidationErrors.Any()) { ApiResponse error = new ApiResponse((int)HttpStatusCode.Forbidden, string.Join("; ", response.ValidationErrors)); return(StatusCode(error.StatusCode, error)); } else if (response.Certificate is null) { return(NoContent()); } else { if (CertificateHelpers.IsDraftCertificateDeemedAsReady(response.Certificate)) { response.Certificate.Status.CurrentStatus = CertificateStatus.Ready; } else if (response.Certificate.Status.CurrentStatus == CertificateStatus.Printed || response.Certificate.Status.CurrentStatus == CertificateStatus.Reprint) { response.Certificate.Status.CurrentStatus = CertificateStatus.Submitted; } return(Ok(response.Certificate)); } }
public async Task <IActionResult> CreateCertificates([FromBody] IEnumerable <CreateCertificateRequest> request) { if (request.Count() > MAX_CERTIFICATES_IN_REQUEST) { ApiResponse error = new ApiResponse((int)HttpStatusCode.Forbidden, MAX_CERTIFICATES_IN_REQUEST_ERROR_MESSAGE); return(StatusCode(error.StatusCode, error)); } var createRequest = request.Select(req => new CreateBatchCertificateRequest { UkPrn = _headerInfo.Ukprn, RequestId = req.RequestId, CertificateData = new Models.Request.Certificates.CertificateData { Standard = req.Standard, Learner = req.Learner, LearningDetails = req.LearningDetails, PostalContact = req.PostalContact } }); var results = await _apiClient.CreateCertificates(createRequest); foreach (var result in results) { if (CertificateHelpers.IsDraftCertificateDeemedAsReady(result.Certificate)) { result.Certificate.Status.CurrentStatus = CertificateStatus.Ready; } } return(Ok(results)); }
private async Task <Certificate> UpdateCertificate(UpdateBatchCertificateRequest request) { _logger.LogInformation("UpdateCertificate Before Get Standard from API"); var standard = await _standardService.GetStandard(request.StandardCode); _logger.LogInformation("UpdateCertificate Before Get Certificate from db"); var certificate = await _certificateRepository.GetCertificate(request.Uln, request.StandardCode); if (standard != null && certificate != null) { var certData = CombineCertificateData(JsonConvert.DeserializeObject <CertificateData>(certificate.CertificateData), request.CertificateData, standard); _logger.LogInformation("UpdateCertificate Before Update CertificateData"); // need to update EPA Reference too certData.EpaDetails.EpaReference = certificate.CertificateReference; certificate.CertificateData = JsonConvert.SerializeObject(certData); // adjust Status appropriately if (certificate.Status == CertificateStatus.Deleted) { certificate.Status = CertificateStatus.Draft; } _logger.LogInformation("UpdateCertificate Before Update Cert in db"); await _certificateRepository.Update(certificate, ExternalApiConstants.ApiUserName, CertificateActions.Amend); return(await CertificateHelpers.ApplyStatusInformation(_certificateRepository, _contactQueryRepository, certificate)); } else { _logger.LogWarning($"UpdateCertificate Did not find Certificate for Uln {request.Uln} and StandardCode {request.StandardCode}"); throw new NotFound(); } }
public IActionResult Add(ModelCertificate certificate) { try { _repository.Add(certificate); var certificateProductId = certificate.CertificateId; var certificateCustomer = _repository.Get().Include(c => c.Customer).Where(c => c.CertificateId == certificateProductId).First(); //Adicionar o diretório na estrutura de arquivos !!! e depois fazer o upload do arquivo!! if (CertificateHelpers.CreateFileRepositorie(Path.Combine(@"c:\Celta Business Solutions\" + certificateCustomer.Customer.RootDirectory + @"\bsf\certificados", certificateCustomer.FileRepositorie))) { //faça o upload } else { return(NotFound()); } return(Ok(certificateProductId)); } catch (Exception err) { return(NotFound(err.Message)); } }
// ReSharper disable once InconsistentNaming public ActionResult SAWPost(string returnUrl) { using (var sawSamlResponse = new SawSamlResponse(CertificateHelpers.GetX509Certificate2FromUri(FirmaWebConfiguration.SAWEndPoint))) { try { // SAML providers usually POST the data into this var var base64SawSamlResponse = Request.Form["SAMLResponse"]; Logger.Debug($"SAML Debugging - SAWPost Received Base64 Encoded Form Variable SAMLResponse: {base64SawSamlResponse}"); sawSamlResponse.LoadXmlFromBase64(base64SawSamlResponse); if (sawSamlResponse.IsValid(userDisplayableValidationErrorMessage: out var userDisplayableValidationErrorMessage)) { var firstName = sawSamlResponse.GetFirstName(); var lastName = sawSamlResponse.GetLastName(); var email = sawSamlResponse.GetEmail(); var roleGroups = sawSamlResponse.GetRoleGroups(); var sawAuthenticator = sawSamlResponse.GetWhichSawAuthenticator(); ProcessLogin(firstName, lastName, email, roleGroups, sawAuthenticator); } else { SitkaHttpApplication.Logger.Error($"Processing SAW login, SAML Response invalid. Validation error: {userDisplayableValidationErrorMessage}, SAW SAML XML:\r\n{sawSamlResponse.GetSamlAsPrettyPrintXml()}"); SetErrorForDisplay($"There was a SAW validation problem while trying to log into your account. {userDisplayableValidationErrorMessage} Please try again in a few minutes. If this issue keeps happening, please contact support: <a href=\"mailto:{FirmaWebConfiguration.SitkaSupportEmail}\">{FirmaWebConfiguration.SitkaSupportEmail}</a>"); } return(new RedirectResult(HomeUrl)); }
private CertificateData CombineCertificateData(CertificateData certData, CertificateData requestData, StandardOptions options) { var epaDetails = certData.EpaDetails ?? new EpaDetails(); if (epaDetails.Epas is null) { epaDetails.Epas = new List <EpaRecord>(); } var epaOutcome = certData.OverallGrade == CertificateGrade.Fail ? EpaOutcome.Fail : EpaOutcome.Pass; if (requestData.AchievementDate != null && !epaDetails.Epas.Any(rec => rec.EpaDate == requestData.AchievementDate.Value && rec.EpaOutcome == epaOutcome)) { var record = new EpaRecord { EpaDate = requestData.AchievementDate.Value, EpaOutcome = epaOutcome }; epaDetails.Epas.Add(record); // sort pass outcomes before fail outcomes as pass is the final state even if earlier than the fail var latestRecord = epaDetails.Epas .OrderByDescending(epa => epa.EpaOutcome != EpaOutcome.Fail ? 1 : 0) .ThenByDescending(epa => epa.EpaDate) .First(); epaDetails.LatestEpaDate = latestRecord.EpaDate; epaDetails.LatestEpaOutcome = latestRecord.EpaOutcome; } return(new CertificateData() { LearnerGivenNames = certData.LearnerGivenNames, LearnerFamilyName = certData.LearnerFamilyName, LearningStartDate = certData.LearningStartDate, StandardReference = certData.StandardReference, StandardName = certData.StandardName, StandardLevel = certData.StandardLevel, StandardPublicationDate = certData.StandardPublicationDate, FullName = certData.FullName, ProviderName = certData.ProviderName, ContactName = requestData.ContactName, ContactOrganisation = requestData.ContactOrganisation, Department = requestData.Department, ContactAddLine1 = requestData.ContactAddLine1, ContactAddLine2 = requestData.ContactAddLine2, ContactAddLine3 = requestData.ContactAddLine3, ContactAddLine4 = requestData.ContactAddLine4, ContactPostCode = requestData.ContactPostCode, Registration = requestData.Registration, AchievementDate = requestData.AchievementDate, CourseOption = CertificateHelpers.NormalizeCourseOption(options, requestData.CourseOption), Version = requestData.Version, OverallGrade = CertificateHelpers.NormalizeOverallGrade(requestData.OverallGrade), EpaDetails = epaDetails }); }
private async Task <Certificate> CreateNewCertificate(CreateBatchCertificateRequest request) { _logger.LogInformation("CreateNewCertificate Before Get Ilr from db"); var ilr = await _ilrRepository.Get(request.Uln, request.StandardCode); if (ilr is null) { _logger.LogWarning($"CreateNewCertificate Did not find ILR for Uln {request.Uln} and StandardCode {request.StandardCode}"); return(null); } _logger.LogInformation("CreateNewCertificate Before Get Organisation from db"); var organisation = await _organisationQueryRepository.GetByUkPrn(request.UkPrn); _logger.LogInformation("CreateNewCertificate Before Get Standard from API"); var standard = await _standardService.GetStandard(ilr.StdCode); _logger.LogInformation("CreateNewCertificate Before Get Provider from API"); var provider = await GetProviderFromUkprn(ilr.UkPrn); var certData = CombineCertificateData(request.CertificateData, ilr, standard, provider); var certificate = await _certificateRepository.GetCertificate(request.Uln, request.StandardCode); if (certificate == null) { _logger.LogInformation("CreateNewCertificate Before create new Certificate"); certificate = await _certificateRepository.New( new Certificate() { Uln = request.Uln, StandardCode = request.StandardCode, ProviderUkPrn = ilr.UkPrn, OrganisationId = organisation.Id, CreatedBy = ExternalApiConstants.ApiUserName, CertificateData = JsonConvert.SerializeObject(certData), Status = CertificateStatus.Draft, // NOTE: Web & Staff always creates Draft first CertificateReference = string.Empty, LearnRefNumber = ilr.LearnRefNumber, CreateDay = DateTime.UtcNow.Date }); } else { _logger.LogInformation("CreateNewCertificate Before resurrecting deleted Certificate"); certData.EpaDetails.EpaReference = certificate.CertificateReference; certificate.CertificateData = JsonConvert.SerializeObject(certData); certificate.Status = CertificateStatus.Draft; await _certificateRepository.Update(certificate, ExternalApiConstants.ApiUserName, CertificateActions.Start); } _logger.LogInformation(LoggingConstants.CertificateStarted); _logger.LogInformation($"Certificate with ID: {certificate.Id} Started with reference of {certificate.CertificateReference}"); return(await CertificateHelpers.ApplyStatusInformation(_certificateRepository, _contactQueryRepository, certificate)); }
private CertificateData CombineCertificateData(CertificateData data, Ilr ilr, StandardCollation standard, Provider provider) { var epaDetails = data.EpaDetails ?? new EpaDetails(); if (epaDetails.Epas is null) { epaDetails.Epas = new List <EpaRecord>(); } var epaOutcome = data.OverallGrade == CertificateGrade.Fail ? EpaOutcome.Fail : EpaOutcome.Pass; if (data.AchievementDate != null && !epaDetails.Epas.Any(rec => rec.EpaDate == data.AchievementDate.Value && rec.EpaOutcome == epaOutcome)) { var record = new EpaRecord { EpaDate = data.AchievementDate.Value, EpaOutcome = epaOutcome }; epaDetails.Epas.Add(record); var latestRecord = epaDetails.Epas.OrderByDescending(epa => epa.EpaDate).First(); epaDetails.LatestEpaDate = latestRecord.EpaDate; epaDetails.LatestEpaOutcome = latestRecord.EpaOutcome; } return(new CertificateData() { LearnerGivenNames = ilr.GivenNames, LearnerFamilyName = ilr.FamilyName, LearningStartDate = ilr.LearnStartDate, StandardReference = standard.ReferenceNumber, StandardName = standard.Title, StandardLevel = standard.StandardData.Level.GetValueOrDefault(), StandardPublicationDate = standard.StandardData.EffectiveFrom, FullName = $"{ilr.GivenNames} {ilr.FamilyName}", ProviderName = provider.ProviderName, ContactName = data.ContactName, ContactOrganisation = data.ContactOrganisation, Department = data.Department, ContactAddLine1 = data.ContactAddLine1, ContactAddLine2 = data.ContactAddLine2, ContactAddLine3 = data.ContactAddLine3, ContactAddLine4 = data.ContactAddLine4, ContactPostCode = data.ContactPostCode, Registration = data.Registration, AchievementDate = data.AchievementDate, CourseOption = CertificateHelpers.NormalizeCourseOption(standard, data.CourseOption), OverallGrade = CertificateHelpers.NormalizeOverallGrade(data.OverallGrade), EpaDetails = epaDetails }); }
private async Task <Certificate> GetCertificate(GetBatchCertificateRequest request) { _logger.LogInformation("GetCertificate Before Get Certificate from db"); var certificate = await _certificateRepository.GetCertificate(request.Uln, request.StandardCode); _logger.LogInformation("GetCertificate Before Get Searching Organisation from db"); var searchingOrganisation = await _organisationQueryRepository.GetByUkPrn(request.UkPrn); var allowedCertificateStatus = new string[] { CertificateStatus.Draft, CertificateStatus.Submitted, CertificateStatus.Printed, CertificateStatus.Reprint }; if (certificate != null && searchingOrganisation != null && allowedCertificateStatus.Contains(certificate.Status)) { var certData = JsonConvert.DeserializeObject <CertificateData>(certificate.CertificateData); if (string.Equals(certData.LearnerFamilyName, request.FamilyName, StringComparison.InvariantCultureIgnoreCase)) { certificate = await CertificateHelpers.ApplyStatusInformation(_certificateRepository, _contactQueryRepository, certificate); if (!EpaOutcome.Pass.Equals(certData.EpaDetails?.LatestEpaOutcome, StringComparison.InvariantCultureIgnoreCase)) { // As EPA has not passed, only give access to basic information & EPA Details certificate = RedactCertificateInformation(certificate, true); } if (certificate.OrganisationId != searchingOrganisation.Id) { var providedStandards = await _standardRepository.GetEpaoRegisteredStandards(searchingOrganisation.EndPointAssessorOrganisationId, short.MaxValue, null); if (providedStandards.PageOfResults.Any(s => s.StandardCode == certificate.StandardCode)) { // Shared standard but not the EPAO who created the certificate certificate = RedactCertificateInformation(certificate, false); } else { certificate = null; } } } else { certificate = null; } } else { certificate = null; } return(certificate); }
public async Task <IActionResult> InstallCertificate([FromBody] int certificateIdForInstall) { try { var certificate = _repository.Get() .Include(c => c.Customer). Where(x => x.CertificateId == certificateIdForInstall). First(); //string fileName = certificate.FileName; //string fullpath = @"C:\Celta Business Solutions\" + certificate.Customer.RootDirectory + @"\bsf\certificados\" + certificate.FileRepositorie; //1- Pegar data de Expiração, NotAfter: var dateOfExpiration = await CertificateHelpers.GetNotAfter(certificate); //2- Pegar Impressão Digital Thumbprint HashCert var certHash = await CertificateHelpers.GetHashCert(certificate); //3- Atualizar o model certificate.DateHourExpiration = dateOfExpiration; certificate.HashCert = certHash; certificate.IsInstalled = true; _repository.Update(certificate); //4- Agora é instalar mesmo!!! var responseInstallCert = await CertificateHelpers.InstallCert(certificate); if (responseInstallCert == "oiErro") { return(BadRequest("Erro ao instalar certificado: " + responseInstallCert)); } //5- Atribuir permissão todos var responseChangerPermission = await CertificateHelpers.ChangePermissions(certificate); if (responseInstallCert == "oiErro") { return(BadRequest("Erro ao configurar permissão de certificado: " + responseChangerPermission)); } return(Ok("Certificado: " + certificate.FriendlyName + " instalado com sucesso")); } catch (Exception err) { var certificate = _repository.Get() .Include(c => c.Customer). Where(x => x.CertificateId == certificateIdForInstall). First(); certificate.IsInstalled = false; _repository.Update(certificate); return(BadRequest(err.Message)); } }
private async Task <Certificate> GetCertificate(GetBatchCertificateRequest request) { _logger.LogInformation("GetCertificate Before Get Certificate from db"); var certificate = await _certificateRepository.GetCertificate(request.Uln, request.StandardCode, request.FamilyName, request.IncludeLogs); _logger.LogInformation("GetCertificate Before Get Searching Organisation from db"); var searchingOrganisation = await _organisationQueryRepository.GetByUkPrn(request.UkPrn); var allowedCertificateStatus = new[] { CertificateStatus.Draft, CertificateStatus.Submitted }.Concat(CertificateStatus.PrintProcessStatus); if (certificate == null || searchingOrganisation == null || !allowedCertificateStatus.Contains(certificate.Status)) { return(null); } var certData = JsonConvert.DeserializeObject <CertificateData>(certificate.CertificateData); certificate = await CertificateHelpers.ApplyStatusInformation(_certificateRepository, _contactQueryRepository, certificate); if ((certificate.Status == CertificateStatus.Submitted || CertificateStatus.HasPrintProcessStatus(certificate.Status)) && certData.OverallGrade == CertificateGrade.Fail) { return(null); } else if (certificate.Status == CertificateStatus.Draft && EpaOutcome.Pass.Equals(certData.EpaDetails?.LatestEpaOutcome, StringComparison.InvariantCultureIgnoreCase) && certData.OverallGrade == null) { return(null); } if (certificate.OrganisationId != searchingOrganisation.Id) { var providedStandards = await _standardRepository.GetEpaoRegisteredStandards(searchingOrganisation.EndPointAssessorOrganisationId, int.MaxValue, 1); if (providedStandards.PageOfResults.Any(s => s.StandardCode == certificate.StandardCode)) { // Shared standard but not the EPAO who created the certificate certificate = RedactCertificateInformation(certificate, false); } else { certificate = null; } } return(certificate); }
public async Task <IActionResult> GetCertificate(long uln, string familyName, [SwaggerParameter("Standard Code or Standard Reference Number")] string standard) { var getRequest = new GetBatchCertificateRequest { UkPrn = _headerInfo.Ukprn, Uln = uln, FamilyName = familyName, Standard = standard }; var response = await _apiClient.GetCertificate(getRequest); if (response.ValidationErrors.Any()) { ApiResponse error = new ApiResponse((int)HttpStatusCode.Forbidden, string.Join("; ", response.ValidationErrors)); return(StatusCode(error.StatusCode, error)); } else if (response.Certificate is null) { return(NoContent()); } if (response.Certificate.Status.CurrentStatus == CertificateStatus.Printed) { response.Certificate.Delivered = new Delivered { Status = "WaitingForDelivery" }; } if (CertificateStatus.HasPrintProcessStatus(response.Certificate.Status.CurrentStatus) is false) // status could be Draft or Deleted (or Privately Funded statuses) { var certificateData = response.Certificate.CertificateData; if (!string.IsNullOrEmpty(certificateData.Standard?.StandardReference) && !string.IsNullOrEmpty(certificateData?.LearningDetails?.Version)) { var standardOptions = await _apiClient.GetStandardOptionsByStandardIdAndVersion(certificateData.Standard.StandardReference, certificateData.LearningDetails.Version); var hasOptions = standardOptions != null && standardOptions.CourseOption?.Count() > 0; if (CertificateHelpers.IsDraftCertificateDeemedAsReady(response.Certificate, hasOptions)) { response.Certificate.Status.CurrentStatus = CertificateStatus.Ready; } } } return(Ok(response.Certificate)); }
public IActionResult Remove(int id) { try { var certificate = _repository.Get() .Include(c => c.Customer) .Where(x => x.CertificateId == id). First(); var response = CertificateHelpers.Remove(certificate); _repository.Delete(certificate); return(Ok()); } catch (Exception err) { throw err; } }
private async Task <Certificate> SubmitCertificate(SubmitBatchCertificateRequest request) { _logger.LogInformation("SubmitCertificate Before Get Certificate from db"); var certificate = await _certificateRepository.GetCertificate(request.Uln, request.StandardCode); if (certificate != null) { _logger.LogInformation("SubmitCertificate Before Update Certificate Status"); certificate.Status = CertificateStatus.Submitted; _logger.LogInformation("SubmitCertificate Before Update Cert in db"); var submittedCertificate = await _certificateRepository.Update(certificate, ExternalApiConstants.ApiUserName, CertificateActions.Submit); return(await CertificateHelpers.ApplyStatusInformation(_certificateRepository, _contactQueryRepository, submittedCertificate)); } else { _logger.LogWarning($"SubmitCertificate Did not find Certificate for Uln {request.Uln} and StandardCode {request.StandardCode}"); return(null); } }
public void When_AllRequiredFieldsAreComplete_Then_ReturnTrue() { var result = CertificateHelpers.IsDraftCertificateDeemedAsReady(_certificate); result.Should().BeTrue(); }
private void CheckHelperReturnsFalse() { var result = CertificateHelpers.IsDraftCertificateDeemedAsReady(_certificate, hasOptions: true); result.Should().BeFalse(); }
private CertificateData CombineCertificateData(CertificateData data, Domain.Entities.Learner learner, Standard standard, Provider provider, StandardOptions options, Certificate certificate) { var epaDetails = new EpaDetails(); if (certificate != null) { var certData = JsonConvert.DeserializeObject <CertificateData>(certificate.CertificateData); if (certData.EpaDetails != null) { epaDetails = certData.EpaDetails; } } if (epaDetails.Epas is null) { epaDetails.Epas = new List <EpaRecord>(); } var epaOutcome = data.OverallGrade == CertificateGrade.Fail ? EpaOutcome.Fail : EpaOutcome.Pass; if (data.AchievementDate != null && !epaDetails.Epas.Any(rec => rec.EpaDate == data.AchievementDate.Value && rec.EpaOutcome == epaOutcome)) { var record = new EpaRecord { EpaDate = data.AchievementDate.Value, EpaOutcome = epaOutcome }; epaDetails.Epas.Add(record); var latestRecord = epaDetails.Epas.OrderByDescending(epa => epa.EpaDate).First(); epaDetails.LatestEpaDate = latestRecord.EpaDate; epaDetails.LatestEpaOutcome = latestRecord.EpaOutcome; } return(new CertificateData() { LearnerGivenNames = learner.GivenNames, LearnerFamilyName = learner.FamilyName, LearningStartDate = learner.LearnStartDate, StandardReference = standard.IfateReferenceNumber, StandardName = standard.Title, StandardLevel = standard.Level, StandardPublicationDate = standard.EffectiveFrom, FullName = $"{learner.GivenNames} {learner.FamilyName}", ProviderName = provider.Name, ContactName = data.ContactName, ContactOrganisation = data.ContactOrganisation, Department = data.Department, ContactAddLine1 = data.ContactAddLine1, ContactAddLine2 = data.ContactAddLine2, ContactAddLine3 = data.ContactAddLine3, ContactAddLine4 = data.ContactAddLine4, ContactPostCode = data.ContactPostCode, Registration = data.Registration, AchievementDate = data.AchievementDate, CourseOption = CertificateHelpers.NormalizeCourseOption(options, data.CourseOption), OverallGrade = CertificateHelpers.NormalizeOverallGrade(data.OverallGrade), Version = data.Version, EpaDetails = epaDetails }); }
public void TestSawSamlResponseDateValidity() { var samlXml = @" <samlp:Response xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"" xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:xs=""http://www.w3.org/2001/XMLSchema"" xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" Destination=""https://wadnrforesthealth.qa.projectfirma.com/Account/SAWPost"" ID=""FIMRSP_d38b3f33-0175-192a-8f59-a9b3208be3fe"" IssueInstant=""2020-11-17T00:11:59Z"" Version=""2.0""> <saml:Issuer Format=""urn:oasis:names:tc:SAML:2.0:nameid-format:entity"">https://test-secureaccess.wa.gov/FIM2/sps/sawidp/saml20</saml:Issuer> <samlp:Status> <samlp:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success""> </samlp:StatusCode> </samlp:Status> <saml:Assertion ID=""Assertion-uuidd38b3f13-0175-16c6-b3b5-a9b3208be3fe"" IssueInstant=""2020-11-17T00:11:59Z"" Version=""2.0""> <saml:Issuer Format=""urn:oasis:names:tc:SAML:2.0:nameid-format:entity"">https://test-secureaccess.wa.gov/FIM2/sps/sawidp/saml20</saml:Issuer> <ds:Signature xmlns:ds=""http://www.w3.org/2000/09/xmldsig#"" Id=""uuidd38b3f18-0175-1072-a058-a9b3208be3fe""> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm=""http://www.w3.org/2001/04/xmldsig-more#rsa-sha256""> </ds:SignatureMethod> <ds:Reference URI=""#Assertion-uuidd38b3f13-0175-16c6-b3b5-a9b3208be3fe""> <ds:Transforms> <ds:Transform Algorithm=""http://www.w3.org/2000/09/xmldsig#enveloped-signature""> </ds:Transform> <ds:Transform Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""> <xc14n:InclusiveNamespaces xmlns:xc14n=""http://www.w3.org/2001/10/xml-exc-c14n#"" PrefixList=""xs saml xsi""> </xc14n:InclusiveNamespaces> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm=""http://www.w3.org/2001/04/xmlenc#sha256""> </ds:DigestMethod> <ds:DigestValue>4JDoIy8WFOLjFGGNcJB/fUTA9rLVU8RtCMx9VJZzXU0=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RUkq+y/ccsfJVrlvTZuoSirJktnSUhiK7NYeJ/oO8kScR7E8ZcVViSlvjbSYZOTc5dlDbCqdNlDpEu/s/FGjBcGHSLnBrbdJid/8aJhdn2h05l/2vGrbhKnP3X3b7PHwMGC2HCARr0w9VxT/yoXwfoYi9caaJ2UhrEfZNQ4QBHAv3uYHumvEEmkMepW+RfRCGVmn84Hx0DyAN98Q8E2e9+r+UT2Tsv0jIpCocFXiVl4hvSCdLZE88hr8HSJWryvgh4DCdi4bsxWusXjPA1VeULwslH7EPWBWOLMt+vejE3Q7s3TiEwDF0eFoqYOQXsTiCIfu/ZjYzfY5RR20aBUehg==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIGzjCCBbagAwIBAgIRANppqRydHQpiAAAAAFEEi1wwDQYJKoZIhvcNAQELBQAwgboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcNMjAwNTE1MjAyMDExWhcNMjEwNjE1MjA1MDEwWjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHT2x5bXBpYTEcMBoGA1UEChMTU3RhdGUgb2YgV2FzaGluZ3RvbjEhMB8GA1UEAxMYdGVzdC1zZWN1cmVhY2Nlc3Mud2EuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHAT/51sNgiyQlnbo688AD7xm0ETWFQWq2Xo1yCF6CQWTtQnoWmEUqIFsXuKzcBP87eZVSJdugpcpAo0CTgKwS4LkGJ0Wxvs1yufa2GCqGsK1NVWArv/fDTJNskZCeOxUWM9qHg/v9ltr1uNlWYvyqv3n1xObacrirUsBM7x/8/yg/5ge+rmRlS/8xxiEWT1aJCvdTtSIf6D/IHsvAq9zS4CRk8JTTgP9bv+bkqP40/nml+p+XxKhrDnx//3rDOxk/w+2y/oww5v5tyiDiCdygnuoRqGglP1q86+6XxzUeq/q3juCcgO5DvNDjbVSnOmqnvhENLAFHLRiOglY9zx1wIDAQABo4IDETCCAw0wIwYDVR0RBBwwGoIYdGVzdC1zZWN1cmVhY2Nlc3Mud2EuZ292MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAXIaGgVSAAAEAwBHMEUCIHSGURb7+W6aVQKfNjChAe3fG/E8hr5DsWqhfrriqIK8AiEAmABVgqvYclpWtLEpHgJcWIotAudZORppP7caH0fCvjIAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAXIaGgVxAAAEAwBHMEUCIQCP07yFr1c9+2rWIiEoHrKm4scoK/ID9Z44w0ZctyjwXgIgLnRSbXA9o9VvPejUmxci4ByTf3OXh8Ww3aj338qHRF0AdgB9PvL4j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAXIaGgWQAAAEAwBHMEUCIHQ4WjlZWbAAJZl1awfHih8H7vu04o4xt17aUvEoF61SAiEA48/P6Ej2f9ceE3394h6O9S4mu1ar7+dWEAJMzQjUbMEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xldmVsMWsuY3JsMEsGA1UdIAREMEIwNgYKYIZIAYb6bAoBBTAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAIBgZngQwBAgIwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMB8GA1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBQz02paHjOMwByIcMH/BQQw7YufrjAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQB6ZBRCOb36s/VyW3zYY7d2PtAxn+HFlNf+0vBP3Ux6F2pGkPs4xEeMJtchimOYxGhM++nEGAeZOww9Ai533Jo0dGZDKei+bCjkzalO3Z0D3xFqPAR7F9SmuIGVLD5ofgrtENYZzx6+CtHeqjGNC9/Y6xebTyCVLnkbbfe+q/tVrutqit1JsG+RxwVQdHmAUJcBYTNQGwFh1EZA+bDWw5bWOWxIFUPTbibQc3DxSxGqUAU+NUPw7E+fS7/F6JbV/81M2zA3RO3tODluUp+mFj4AzZbGLVzgb1ZdgKG5TGSAt0ih1rwVsidUrFUxFMir7ZClFnE4MtiVsMWCr/uGrVQa</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml:Subject> <saml:NameID Format=""urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"">DP4VD4ZP8QQ6L-1PF0ZV2FF4-D1LW4VZ0FD-DW9QW8ZL9Q</saml:NameID> <saml:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer""> <saml:SubjectConfirmationData NotOnOrAfter=""2020-11-17T00:12:59Z"" Recipient=""https://wadnrforesthealth.qa.projectfirma.com/Account/SAWPost""> </saml:SubjectConfirmationData> </saml:SubjectConfirmation> </saml:Subject> <saml:Conditions NotBefore=""2020-11-17T00:10:59Z"" NotOnOrAfter=""2020-11-17T00:12:59Z""> <saml:AudienceRestriction> <saml:Audience>https://wadnrforesthealth.qa.projectfirma.com</saml:Audience> </saml:AudienceRestriction> </saml:Conditions> <saml:AuthnStatement AuthnInstant=""2020-11-17T00:11:59Z"" SessionIndex=""uuidd35793e5-0175-1dc9-afb8-a9b3208be3fe"" SessionNotOnOrAfter=""2020-11-17T01:11:59Z""> <saml:AuthnContext> <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef> </saml:AuthnContext> </saml:AuthnStatement> <saml:AttributeStatement> <saml:Attribute Name=""level"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">1</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=""groups"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">f3_users</saml:AttributeValue> <saml:AttributeValue xsi:type=""xs:string"">DNR-ForestHealthTrackerQA-USER-REG</saml:AttributeValue> <saml:AttributeValue xsi:type=""xs:string"">DNR-ForestHealthTrackerQA-DEFAULT_UMG-USER-REG</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=""guid"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">DP4VD4ZP8QQ6L-1PF0ZV2FF4-D1LW4VZ0FD-DW9QW8ZL9Q</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=""user"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">[email protected]</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=""name"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">Michael Ferrante</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=""email"" NameFormat=""urn:oasis:names:tc:SAML:2.0:assertion""> <saml:AttributeValue xsi:type=""xs:string"">[email protected]</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </samlp:Response> "; using (var sawSamlResponse = new SawSamlResponse(CertificateHelpers.GetX509Certificate2FromUri(FirmaWebConfiguration.SAWEndPoint))) { sawSamlResponse.LoadXmlFromString(samlXml); Console.Write(DateTimeOffset.Now); // NotOnOrAfter=""2020-11-17T00:12:59Z"" var now = DateTimeOffset.Parse("11/16/2020 4:11:59 PM -08:00"); var isResponseStillWithinValidTimePeriod = sawSamlResponse.IsResponseStillWithinValidTimePeriod(now); Assert.That(sawSamlResponse.IsResponseStillWithinValidTimePeriod(now), Is.True, "Should be valid date"); Assert.That(sawSamlResponse.IsResponseStillWithinValidTimePeriod(now.AddMinutes(5)), Is.False, "Should be invalid date too old"); } }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { AppSettings appSettings = Configuration.GetSection("AppSettings").Get <AppSettings>(); services.AddControllers() .AddJsonOptions(opts => { opts.JsonSerializerOptions.Converters.Add(new JsonStringEnumConverter()); }); services.AddCors(options => { options.AddDefaultPolicy(builder => builder.WithOrigins(appSettings.AllowedHosts) .SetIsOriginAllowedToAllowWildcardSubdomains()); }); #region Database (RavenDb) RavenSettings ravenSettings = new RavenSettings(); Configuration.Bind(ravenSettings); X509Certificate2 certificate = new X509Certificate2(); if (ravenSettings.Database.RawCert.IsNotNullOrEmpty() && ravenSettings.Database.RawCertKey.IsNotNullOrEmpty()) { certificate = CertificateHelpers.CreateRavenCertificate(ravenSettings.Database.RawCert, ravenSettings.Database.RawCertKey); } else { certificate = new X509Certificate2(ravenSettings.Database.CertPath, ravenSettings.Database.CertPass); } DocumentStore store = new DocumentStore { Urls = ravenSettings.Database.Urls, Database = ravenSettings.Database.DatabaseName, Certificate = certificate }; store.Initialize(); services.AddSingleton <IDocumentStore>(store); services.AddScoped <IDocumentSession>(serviceProvider => { return(serviceProvider .GetService <IDocumentStore>() .OpenSession()); }); // Register Indexes new Item_Smart_Search().Execute(store); new Items_ByName_ForAll().Execute(store); new Items_ByBsgId().Execute(store); new Characters_ByType().Execute(store); #endregion #region Configure strongly typed settings objects // This should be stored in a secrets.json file. Right click the project in solution explorer // and select "Manage User Secrets" to create this file. Use secrets.example.json as a template. var secretsSection = Configuration.GetSection("Secrets"); services.Configure <Secrets>(secretsSection); var appSettingsSection = Configuration.GetSection("AppSettings"); services.Configure <AppSettings>(appSettingsSection); #endregion #region Configure DI for application services //services.AddScoped<ITarkovDatabaseService, TarkovDatabaseService>(); commented as AddHttpClient registers this service //services.AddScoped<ITarkovMarketService, TarkovMarketService>(); commented as AddHttpClient registers this service services.AddScoped <IItemUpdaterService, ItemUpdaterService>(); services.AddScoped <IItemRepository, ItemRepository>(); services.AddScoped <ICharacterRepository, CharacterRepository>(); services.AddScoped <ITarkovToolsService, TarkovToolsService>(); #endregion #region HTTP Clients services.AddHttpClient <ITarkovDatabaseService, TarkovDatabaseService>(); services.AddHttpClient <ITarkovMarketService, TarkovMarketService>(); #endregion #region Hangfire automatic jobs services.AddHangfire(config => config.SetDataCompatibilityLevel(CompatibilityLevel.Version_170) .UseSimpleAssemblyNameTypeSerializer() .UseDefaultTypeSerializer() .UseMemoryStorage()); services.AddHangfireServer(); #endregion }
public void GetSubjectFromCertificate() { var certificate = CertificateHelpers.LoadCertificate(CryptoFundamentalsCertificate); certificate.SubjectDN.ToString().Should().Be("CN=www.cryptofundamentals.com"); }
public void ConfigureServices(IServiceCollection services) { // Config var cert = CertificateHelpers.CreateCertificateFromPfx(Configuration["RESTER_OAUTH2_CERTIFICATE"]); var issuer = "https://rester.kuehle.me"; services.Configure <OAuth2Config>(config => { config.ExpiresIn = 3600; // 1h config.Issuer = issuer; config.SigningCredentials = CertificateHelpers.CreateSigningCredentials(cert); }); // Database var db = new MongoClient(Configuration["RESTER_MONGO_DB_URL"]); db.GetDatabase(Configuration["RESTER_MONGO_DB_NAME"]).SetupIndexes(); services.AddSingleton <IMongoClient>(db); services.AddScoped <IMongoDatabase>(serviceProvider => serviceProvider.GetService <IMongoClient>().GetDatabase(Configuration["RESTER_MONGO_DB_NAME"])); // Services services.AddTransient <IOAuth2Service, OAuth2Service>(); // Repositories services.AddTransient <IStsOAuth2CodeRepository, StsOAuth2CodeRepository>(); services.AddTransient <IStsOAuth2RefreshTokenRepository, StsOAuth2RefreshTokenRepository>(); services.AddTransient <IUserRepository, UserRepository>(); // Authentication MVC services.TryAddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services .AddIdentityCore <User>(identityOptions => { }) .AddUserStore <IdentityUserStore>() .AddSignInManager <SignInManager <User> >() .AddDefaultTokenProviders(); services .AddAuthentication(authOptions => { authOptions.DefaultScheme = IdentityConstants.ApplicationScheme; authOptions.DefaultSignInScheme = IdentityConstants.ExternalScheme; }) .AddCookie(IdentityConstants.ApplicationScheme, cookieOptions => { cookieOptions.LoginPath = "/sts/login"; }) .AddCookie(IdentityConstants.ExternalScheme) .AddCookie(IdentityConstants.TwoFactorUserIdScheme) // Needed for SignInManager.SignOutAsync .AddGoogle(googleOptions => { googleOptions.ClientId = Configuration["RESTER_IDP_GOOGLE_CLIENT_ID"]; googleOptions.ClientSecret = Configuration["RESTER_IDP_GOOGLE_CLIENT_SECRET"]; googleOptions.CallbackPath = "/sts/callback/google"; googleOptions.ClaimActions.MapJsonSubKey("urn:rester:picture", "image", "url"); }); // Authentication WebAPI services .AddAuthentication() .AddJwtBearer(jwtBearerOptions => { jwtBearerOptions.TokenValidationParameters.IssuerSigningKey = CertificateHelpers.CreateIssuerSigningKey(cert); jwtBearerOptions.TokenValidationParameters.ValidAudience = "rester"; jwtBearerOptions.TokenValidationParameters.ValidIssuer = issuer; var validator = (JwtSecurityTokenHandler)jwtBearerOptions.SecurityTokenValidators[0]; validator.MapInboundClaims = false; }); // MVC services.AddMvc() .SetCompatibilityVersion(CompatibilityVersion.Version_2_1); }