/// <summary>
/// delete security key pair
/// </summary>
/// <param name="keyDescription"></param>
public void DeleteSecurityKeyPair(string keyDescription, string systemGeneratedApiKey)
{
//get security key pair for user name
var getSecurityKeyPair = _securityKeysRepository.GetByApiKey(systemGeneratedApiKey);
if (getSecurityKeyPair == null)
{
throw new ArgumentException("Invalid api key");
}
var keyPair = _securityKeysRepository.GetByKeyDescriptionAndUserId(keyDescription, getSecurityKeyPair.UserId);
if (keyPair == null)
{
throw new InvalidOperationException("Could not find the security key pair.");
}
_securityKeysRepository.DeleteSecurityKeysPair(keyPair);
}
/// <summary>
/// Validates the credentials related to the API Key
/// </summary>
/// <returns></returns>
private bool ApiKeyValidation(AuthenticateCommand authenticateCommand)
{
SecurityKeysPair securityKeysPair = _securityKeysRepository.GetByApiKey(authenticateCommand.Apikey);
if (securityKeysPair != null)
{
User user = _userRepository.GetUserById(securityKeysPair.UserId);
if (user != null)
{
// If the keys are system generated, then we only need to check the session timeout for the user
if (securityKeysPair.SystemGenerated)
{
// Calculate for how much time is allowed in the session timeout for SystemGenerated key, saved in user
//int activeWindow = securityKeysPair.CreationDateTime.AddMinutes(user.AutoLogout.Minutes).Minute;
if (securityKeysPair.LastModified.AddMinutes(user.AutoLogout.Minutes) > DateTime.Now)
{
//update activity time
securityKeysPair.LastModified = DateTime.Now;
_persistenceRepository.SaveUpdate(securityKeysPair);
return(true);
}
else
{
_securityKeysRepository.DeleteSecurityKeysPair(securityKeysPair);
throw new InvalidOperationException("Session timeout for the API Key.");
}
}
// Else we need to check the expiration date of the keys, and whetehr the user has permissions for
// commencing with the desired operation
else
{
if (securityKeysPair.EnableExpirationDate)
{
if (securityKeysPair.ExpirationDate > DateTime.Now)
{
return(CheckPermissions(authenticateCommand, securityKeysPair));
}
throw new InvalidOperationException("Key Expired");
}
else
{
return(CheckPermissions(authenticateCommand, securityKeysPair));
}
}
}
else
{
throw new InvalidOperationException(string.Format("{0} {1}", "No user found against userId: ",
securityKeysPair.UserId));
}
}
else
{
throw new InvalidOperationException(string.Format("{0} {1}",
"No SecurityKeysPair found against the given API Key."));
}
return(false);
}
/// <summary>
/// Logs the user out
/// </summary>
/// <returns></returns>
public bool Logout(LogoutCommand logoutCommand)
{
if (logoutCommand.ApiKey != null &&
!string.IsNullOrEmpty(logoutCommand.ApiKey.Value))
{
SecurityKeysPair securityKeysPair =
_securityKeysRepository.GetByApiKey(logoutCommand.ApiKey.Value);
if (securityKeysPair != null)
{
return(_securityKeysRepository.DeleteSecurityKeysPair(securityKeysPair));
}
else
{
throw new InstanceNotFoundException("No SecurityKeysPair found for the given API key.");
}
}
else
{
throw new InvalidCredentialException("Invalid or Incomplete Logout Credentials");
}
}
