Esempio n. 1
0
        private RefreshTokens BuildRefreshToken(string userId, string clientAppId, string grantType, string authenToSystem, string authorizationCode)
        {
            var obj = new RefreshTokens();

            obj.Id             = Guid.NewGuid();
            obj.AppAudienceId  = clientAppId;
            obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
            var RefreshTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:RefreshTokenExpires"]));

            obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(RefreshTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
            obj.GrantType      = grantType;
            if (grantType == GRANT_TYPE_PASSWORD)
            {
                obj.ResourceOwnerId = userId;
                obj.AuthenToSystem  = authenToSystem;
            }
            if (grantType == GRANT_TYPE_AUTHORIZATION_CODE)
            {
                obj.AuthorizationCode = authorizationCode;
            }

            var key     = Encoding.UTF8.GetBytes(obj.AppAudienceId);
            var message = Encoding.UTF8.GetBytes(obj.Id.ToString("N"));

            obj.RefreshToken = ReplaceInvalidCharacterForJwt(Convert.ToBase64String(HashingByHMACSHA256(message, key)));
            obj.Status       = true;

            // Write Generated RefreshToken to AuthDB (For future checking)
            var authRefreshToken = _authObj.PutRefreshTokens(obj);

            return(obj);
        }
Esempio n. 2
0
        private AccessTokens BuildAccessToken(string userId, string clientAppId, string refreshToken, Jwt.Algorithm alg, string grantType)
        {
            var obj = new AccessTokens();

            obj.Id             = Guid.NewGuid();
            obj.RefreshToken   = refreshToken;
            obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
            var AccessTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:Expires"]));

            obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(AccessTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);

            Claim[] claims;

            if (grantType == GRANT_TYPE_PASSWORD)
            {
                claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Sub, userId),
                    new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
                    new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim("appid", clientAppId)
                };
            }
            else
            {
                claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Jti, obj.Id.ToString("N")),
                    new Claim(JwtRegisteredClaimNames.Iat, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim(JwtRegisteredClaimNames.Nbf, DateTimes.ConvertToUnixTimeByDateTime(DateTime.UtcNow).ToString(), System.Security.Claims.ClaimValueTypes.Integer32),
                    new Claim("appid", clientAppId)
                };
            }

            var token = new JwtSecurityToken(
                issuer: _config["Jwt:Issuer"],
                audience: _config["Jwt:Audience"],
                claims: claims,
                expires: AccessTokenExpiryDateTime,
                notBefore: DateTime.UtcNow,
                signingCredentials: Jwt.CreateSigningCredentials(alg, _config, _azObj)
                );

            obj.AccessToken = new JwtSecurityTokenHandler().WriteToken(token);
            obj.Status      = true;

            // Write Generated AccessToken to AuthDB (For future checking)
            var authAccessToken = _authObj.PutAccessTokens(obj);

            // Update RefreshToken to AuthDB (For future checking)
            var authRefreshToken = _authObj.PutRefreshTokensAccessToken(refreshToken, obj.AccessToken, obj.IssuedDateTime);

            return(obj);
        }
Esempio n. 3
0
        public IActionResult CreateToken([FromForm] AuthenticationModel authen)
        {
            IActionResult response  = Unauthorized();
            var           objResult = new ObjectResult(String.Empty);

            try
            {
                if (ModelState.IsValid) // ModelState อาจจะไม่จำเป็นต้องใช้ หรือใช้ไม่ได้กับ API
                {
                    if (authen.grant_type.ToLower() == GRANT_TYPE_CLIENT_CREDENTIALS)
                    {
                        if (authen.client_id != string.Empty && authen.client_id != "null" && authen.client_id != null)
                        {
                            if (authen.client_secret != string.Empty && authen.client_secret != "null" && authen.client_secret != null)
                            {
                                var appAudObj = GetAppAudiencesById(authen.client_id).Result;

                                if (appAudObj != null)
                                {
                                    if (appAudObj.ExpiryDate > DateTime.UtcNow)
                                    {
                                        if (appAudObj.AppSecretKey == authen.client_secret)
                                        {
                                            var refreshTokenObj = BuildRefreshToken(authen.username, authen.client_id, GRANT_TYPE_CLIENT_CREDENTIALS, authen.authen_to_system, authen.code);
                                            var accessTokenObj  = BuildAccessToken(authen.username, authen.client_id, refreshTokenObj.RefreshToken, Jwt.Algorithm.ES256, GRANT_TYPE_CLIENT_CREDENTIALS);

                                            var tokenResp = new TokenResponse();
                                            tokenResp.token_type               = "Bearer";
                                            tokenResp.access_token             = accessTokenObj.AccessToken;
                                            tokenResp.expires_in               = _config["Jwt:Expires"];
                                            tokenResp.refresh_token            = refreshTokenObj.RefreshToken;
                                            tokenResp.refresh_token_expires_in = _config["Jwt:RefreshTokenExpires"];

                                            response = Ok(tokenResp);
                                        }
                                        else
                                        {
                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key (" + authen.client_secret + ") is invalid.");
                                        }
                                    }
                                    else
                                    {
                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is expired (" + appAudObj.ExpiryDate + ").");
                                    }
                                }
                                else
                                {
                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is invalid.");
                                }
                            }
                            else
                            {
                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key is empty.");
                            }
                        }
                        else
                        {
                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id is empty.");
                        }
                    }
                    else if (authen.grant_type.ToLower() == GRANT_TYPE_PASSWORD)
                    {
                        if (authen.client_id != string.Empty && authen.client_id != "null" && authen.client_id != null)
                        {
                            if (authen.client_secret != string.Empty && authen.client_secret != "null" && authen.client_secret != null)
                            {
                                if (authen.username != string.Empty && authen.username != "null" && authen.username != null)
                                {
                                    if (authen.password != string.Empty && authen.password != "null" && authen.password != null)
                                    {
                                        if (authen.authen_to_system != string.Empty && authen.authen_to_system != "null" && authen.authen_to_system != null)
                                        {
                                            var appAudObj = GetAppAudiencesById(authen.client_id).Result;

                                            if (appAudObj != null)
                                            {
                                                if (appAudObj.ExpiryDate > DateTime.UtcNow)
                                                {
                                                    if (appAudObj.AppSecretKey == authen.client_secret)
                                                    {
                                                        var IsValidated = false;

                                                        switch (authen.authen_to_system.ToLower())
                                                        {
                                                        case "mtl-agent":
                                                            // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL AGENT SYSTEM
                                                            break;

                                                        case "mtl-smileclub":
                                                            // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL SMILE CLUB SYSTEM
                                                            break;

                                                        case "mtl-employee":
                                                            // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL EMPLOYEE SYSTEM
                                                            IsValidated = true;
                                                            break;
                                                        }

                                                        if (IsValidated)
                                                        {
                                                            var refreshTokenObj = BuildRefreshToken(authen.username, authen.client_id, GRANT_TYPE_PASSWORD, authen.authen_to_system, authen.code);
                                                            var accessTokenObj  = BuildAccessToken(authen.username, authen.client_id, refreshTokenObj.RefreshToken, Jwt.Algorithm.ES256, GRANT_TYPE_PASSWORD);

                                                            var tokenResp = new TokenResponse();
                                                            tokenResp.token_type               = "Bearer";
                                                            tokenResp.access_token             = accessTokenObj.AccessToken;
                                                            tokenResp.expires_in               = _config["Jwt:Expires"];
                                                            tokenResp.refresh_token            = refreshTokenObj.RefreshToken;
                                                            tokenResp.refresh_token_expires_in = _config["Jwt:RefreshTokenExpires"];

                                                            response = Ok(tokenResp);
                                                        }
                                                        else
                                                        {
                                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.ExceptionalOccured, "Unauthorized, Username and Password is not valid for the system (" + authen.authen_to_system + ").");
                                                        }
                                                    }
                                                    else
                                                    {
                                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key (" + authen.client_secret + ") is invalid.");
                                                    }
                                                }
                                                else
                                                {
                                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is expired (" + appAudObj.ExpiryDate + ").");
                                                }
                                            }
                                            else
                                            {
                                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is invalid.");
                                            }
                                        }
                                        else
                                        {
                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.ExceptionalOccured, "Unauthorized, Authentication System is empty.");
                                        }
                                    }
                                    else
                                    {
                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_Password, "Unauthorized, Password is empty.");
                                    }
                                }
                                else
                                {
                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_Username, "Unauthorized, Username is empty.");
                                }
                            }
                            else
                            {
                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key is empty.");
                            }
                        }
                        else
                        {
                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id is empty.");
                        }
                    }
                    else if (authen.grant_type.ToLower() == GRANT_TYPE_AUTHORIZATION_CODE)
                    {
                        if (authen.client_id != string.Empty && authen.client_id != "null" && authen.client_id != null)
                        {
                            if (authen.client_secret != string.Empty && authen.client_secret != "null" && authen.client_secret != null)
                            {
                                if (authen.code != string.Empty && authen.code != "null" && authen.code != null)
                                {
                                    if (authen.redirect_uri != string.Empty && authen.redirect_uri != "null" && authen.redirect_uri != null)
                                    {
                                        var appAudObj = GetAppAudiencesById(authen.client_id).Result;

                                        if (appAudObj != null)
                                        {
                                            if (appAudObj.ExpiryDate > DateTime.UtcNow)
                                            {
                                                if (appAudObj.AppSecretKey == authen.client_secret)
                                                {
                                                    var authCode = GetAuthorizationCodesById(authen.code).Result;

                                                    if (authCode != null)
                                                    {
                                                        if (authCode.ClientAppId == authen.client_id)
                                                        {
                                                            if (DateTime.Parse(authCode.ExpiryDateTime.Replace("Z", ".0000000")) > DateTime.Parse(DateTimes.ConvertToUtcDateTimeInThaiTimeZone(DateTime.UtcNow, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon).Replace("Z", ".0000000")))
                                                            {
                                                                var refreshTokenObj = BuildRefreshToken(authen.username, authen.client_id, GRANT_TYPE_AUTHORIZATION_CODE, authen.authen_to_system, authen.code);
                                                                var accessTokenObj  = BuildAccessToken(authen.username, authen.client_id, refreshTokenObj.RefreshToken, Jwt.Algorithm.ES256, GRANT_TYPE_AUTHORIZATION_CODE);

                                                                var tokenResp = new TokenResponse();
                                                                tokenResp.token_type               = "Bearer";
                                                                tokenResp.access_token             = accessTokenObj.AccessToken;
                                                                tokenResp.expires_in               = _config["Jwt:Expires"];
                                                                tokenResp.refresh_token            = refreshTokenObj.RefreshToken;
                                                                tokenResp.refresh_token_expires_in = _config["Jwt:RefreshTokenExpires"];

                                                                response = Ok(tokenResp);
                                                            }
                                                            else
                                                            {
                                                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_AuthorizationCode, "Unauthorized, Authorization Code (" + authen.code + ") is expired (" + authCode.ExpiryDateTime + ").");
                                                            }
                                                        }
                                                        else
                                                        {
                                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_AuthorizationCode, "Unauthorized, Authorization Code (" + authen.code + ") is invalid (AuthorizationCode is not belong to Client App Id).");
                                                        }
                                                    }
                                                    else
                                                    {
                                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_AuthorizationCode, "Unauthorized, Authorization Code (" + authen.code + ") is invalid.");
                                                    }
                                                }
                                                else
                                                {
                                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key (" + authen.client_secret + ") is invalid.");
                                                }
                                            }
                                            else
                                            {
                                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is expired (" + appAudObj.ExpiryDate + ").");
                                            }
                                        }
                                        else
                                        {
                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is invalid.");
                                        }
                                    }
                                    else
                                    {
                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_RedirectUri, "Unauthorized, Client App Redirect Uri is empty.");
                                    }
                                }
                                else
                                {
                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_AuthorizationCode, "Unauthorized, Authorization Code is empty.");
                                }
                            }
                            else
                            {
                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key is empty.");
                            }
                        }
                        else
                        {
                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id is empty.");
                        }
                    }
                    else if (authen.grant_type.ToLower() == GRANT_TYPE_REFRESH_TOKEN)
                    {
                        if (authen.client_id != string.Empty && authen.client_id != "null" && authen.client_id != null)
                        {
                            if (authen.client_secret != string.Empty && authen.client_secret != "null" && authen.client_secret != null)
                            {
                                if (authen.refresh_token != string.Empty && authen.refresh_token != "null" && authen.refresh_token != null)
                                {
                                    var appAudObj = GetAppAudiencesById(authen.client_id).Result;

                                    if (appAudObj != null)
                                    {
                                        if (appAudObj.ExpiryDate > DateTime.UtcNow)
                                        {
                                            if (appAudObj.AppSecretKey == authen.client_secret)
                                            {
                                                var rftkObj = GetRefreshTokenByToken(authen.refresh_token).Result;

                                                if (rftkObj != null)
                                                {
                                                    if (rftkObj.AppAudienceId == authen.client_id)
                                                    {
                                                        if (DateTime.Parse(rftkObj.ExpiryDateTime.Replace("Z", ".0000000")) > DateTime.Parse(DateTimes.ConvertToUtcDateTimeInThaiTimeZone(DateTime.UtcNow, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon).Replace("Z", ".0000000")) && rftkObj.Status == true)
                                                        {
                                                            var alg = GetLastestAccessTokenAlgorithmByRefreshToken(authen.refresh_token).Result;

                                                            if (rftkObj.GrantType == GRANT_TYPE_PASSWORD)
                                                            {
                                                                var userId = GetUserIdByRefreshToken(authen.refresh_token).Result;

                                                                if (userId != null)
                                                                {
                                                                    var accessTokenObj = BuildAccessToken(userId, authen.client_id, authen.refresh_token, alg, GRANT_TYPE_REFRESH_TOKEN);

                                                                    var tokenResp = new TokenResponse();
                                                                    tokenResp.token_type               = "Bearer";
                                                                    tokenResp.access_token             = accessTokenObj.AccessToken;
                                                                    tokenResp.expires_in               = _config["Jwt:Expires"];
                                                                    tokenResp.refresh_token            = authen.refresh_token;
                                                                    tokenResp.refresh_token_expires_in = _config["Jwt:RefreshTokenExpires"];

                                                                    response = Ok(tokenResp);
                                                                }
                                                                else
                                                                {
                                                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.Invalid_RefreshToken, "Unauthorized, RefreshToken (" + authen.refresh_token + ") is invalid (UserId is not found).");
                                                                }
                                                            }
                                                            else
                                                            {
                                                                var accessTokenObj = BuildAccessToken(authen.username, authen.client_id, authen.refresh_token, alg, GRANT_TYPE_REFRESH_TOKEN);

                                                                var tokenResp = new TokenResponse();
                                                                tokenResp.token_type               = "Bearer";
                                                                tokenResp.access_token             = accessTokenObj.AccessToken;
                                                                tokenResp.expires_in               = _config["Jwt:Expires"];
                                                                tokenResp.refresh_token            = authen.refresh_token;
                                                                tokenResp.refresh_token_expires_in = _config["Jwt:RefreshTokenExpires"];

                                                                response = Ok(tokenResp);
                                                            }
                                                        }
                                                        else
                                                        {
                                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.Invalid_RefreshToken, "Unauthorized, RefreshToken (" + authen.refresh_token + ") is expired (" + rftkObj.ExpiryDateTime + ").");
                                                        }
                                                    }
                                                    else
                                                    {
                                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.Invalid_RefreshToken, "Unauthorized, RefreshToken (" + authen.refresh_token + ") is invalid (RefreshToken is not belong to Client App Id).");
                                                    }
                                                }
                                                else
                                                {
                                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.Invalid_RefreshToken, "Unauthorized, RefreshToken (" + authen.refresh_token + ") is not found.");
                                                }
                                            }
                                            else
                                            {
                                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key (" + authen.client_secret + ") is invalid.");
                                            }
                                        }
                                        else
                                        {
                                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is expired (" + appAudObj.ExpiryDate + ").");
                                        }
                                    }
                                    else
                                    {
                                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id (" + authen.client_id + ") is invalid.");
                                    }
                                }
                                else
                                {
                                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.Invalid_RefreshToken, "Unauthorized, RefreshToken is empty.");
                                }
                            }
                            else
                            {
                                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientSecretKey, "Unauthorized, Client App Secret Key is empty.");
                            }
                        }
                        else
                        {
                            response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.InvalidOrEmpty_ClientAppId, "Unauthorized, Client App Id is empty.");
                        }
                    }
                    else
                    {
                        response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.ExceptionalOccured, "Unauthorized, Grant Type (" + authen.grant_type.ToLower() + ") is invalid.");
                    }
                }
                else // ModelState อาจจะไม่จำเป็นต้องใช้ หรือใช้ไม่ได้กับ API
                {
                    response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.ExceptionalOccured, "Unauthorized, Input Model (grant_type: '" + authen.grant_type.ToLower() + "', client_id: '" + authen.client_id + "', user_id: '" + authen.username + "', refresh_token: '" + authen.refresh_token + "') is invalid.");
                }
            }
            catch (Exception ex)
            {
                response = CustomHttpResponse.Error(HttpStatusCode.Unauthorized, Errors.ExceptionalOccured, "Unauthorized, Exception occurred (" + ex.Message + " - " + ex.Source + " - " + ex.StackTrace + " - " + ex.InnerException + " - " + ex.HelpLink + ").");
            }

            return(response);
        }
Esempio n. 4
0
        public IActionResult Index([Bind("Response_Type,Client_Id,Redirect_Uri,State,Authen_To_System,username,password")] string username, string password, AuthorizationCodeModel authCodeObj)
        {
            try
            {
                IActionResult response = Unauthorized();

                if (ModelState.IsValid)
                {
                    if (username != string.Empty && username != "null" && username != null)
                    {
                        if (password != string.Empty && password != "null" && password != null)
                        {
                            var IsValidated = false;

                            switch (authCodeObj.Authen_To_System.ToLower())
                            {
                            case "mtl-agent":
                                // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL AGENT SYSTEM
                                break;

                            case "mtl-smileclub":
                                // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL SMILE CLUB SYSTEM
                                break;

                            case "mtl-employee":
                                // TODO: TO VALIDATE USERNAME AND PASSWORD AGAINST MTL EMPLOYEE SYSTEM
                                IsValidated = true;
                                break;
                            }

                            if (IsValidated)
                            {
                                var code = Guid.NewGuid();

                                var auth = new AuthorizationCodes();
                                auth.Id              = code;
                                auth.AuthenToSystem  = authCodeObj.Authen_To_System;
                                auth.ClientAppId     = authCodeObj.Client_Id;
                                auth.CreatedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
                                var expdt = DateTime.UtcNow.AddSeconds(90);
                                auth.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(expdt, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon);
                                auth.RedirectUri    = authCodeObj.Redirect_Uri;
                                auth.State          = authCodeObj.State;

                                if (authCodeObj.State != string.Empty && authCodeObj.State != "null" && authCodeObj.State != null)
                                {
                                    var resp = _authObj.PutAuthorizationCodes(auth);

                                    response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code + "&state=" + authCodeObj.State);
                                }
                                else
                                {
                                    response = Redirect(authCodeObj.Redirect_Uri + "?code=" + code);
                                }

                                return(response);
                            }
                            else
                            {
                                return(View());
                            }
                        }
                        else
                        {
                            return(View());
                        }
                    }
                    else
                    {
                        return(View());
                    }
                }
                else
                {
                    return(View());
                }
            }
            catch
            {
                return(View());
            }
        }