public async Task <IActionResult> SignMessage([FromQuery] string Message, [FromHeader] string APIKey)
{
try
{
#region Register Log
var user = await UserDatabaseAccess.GetUser(APIKey, base._context);
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var logString = user.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(logString, user, base._context);
#endregion
if (Message == null)
{
throw new Exception();
}
var byteMessage = Encoding.ASCII.GetBytes(Message);
var signedData = _RSA.SignData(byteMessage, new SHA1CryptoServiceProvider());
var hexMessage = EncryptionHelper.ByteArrayToHexString(signedData, true);
return(StatusCode(200, hexMessage));
}
catch (Exception)
{
return(StatusCode(400, "Bad Request"));
}
}
public async Task <IActionResult> GetSHA256([FromQuery] string message, [FromHeader] string APIKey)
{
try
{
#region Register Log
var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context);
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var Log = authUser.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(Log, authUser, base._context);
#endregion
if (message == null)
{
throw new Exception();
}
SHA256 SHA1Provider = new SHA256CryptoServiceProvider();
byte[] ASCIIByteMessage = Encoding.ASCII.GetBytes(message);
byte[] SHA1ByteMessage = SHA1Provider.ComputeHash(ASCIIByteMessage);
string Encrypted = EncryptionHelper.ByteArrayToHexString(SHA1ByteMessage, false);
return(StatusCode(200, Encrypted.ToUpper()));
}
catch (Exception)
{
return(StatusCode(400, "Bad Rquest"));
}
}
public async Task <IActionResult> GetPublicKey([FromHeader] string APIKey)
{
try
{
#region Register Log
var user = await UserDatabaseAccess.GetUser(APIKey, base._context);
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var logString = user.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(logString, user, base._context);
#endregion
_RSA.ExportParameters(false);
string xmlKey = _RSA.ToXmlStringCore22(false);
return(StatusCode(200, xmlKey));
}
catch (Exception)
{
return(StatusCode(400, "Bad Request"));
}
}
public async Task <ActionResult <User> > DeleteUser([FromHeader] string APIKey, [FromQuery] string userName)
{
try
{
if (await UserDatabaseAccess.APIKeyExists(APIKey, base._context))
{
var user = await UserDatabaseAccess.GetUser(APIKey, base._context);
#region Registering UserLog
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var logString = user.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(logString, user, base._context);
#endregion
if (user.ApiKey == APIKey && user.UserName == userName)
{
await UserDatabaseAccess.BackupLog(APIKey, base._context);
await UserDatabaseAccess.RemoveUser(user, base._context);
return(StatusCode(200, true));
}
}
throw new Exception();
}
catch (Exception)
{
return(StatusCode(200, false));
}
}
public async Task <IActionResult> AddFifty([FromQuery] string encryptedInteger, [FromQuery] string encryptedSymKey, [FromQuery] string encryptedIV, [FromHeader] string APIKey)
{
#region Register Log
var user = await UserDatabaseAccess.GetUser(APIKey, base._context);
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var logString = user.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(logString, user, base._context);
#endregion
try
{
if (encryptedInteger == null || encryptedSymKey == null || encryptedIV == null)
{
throw new Exception();
}
byte[] byteInteger = EncryptionHelper.HexaStringToByteArray(encryptedInteger);
byte[] byteAESKey = EncryptionHelper.HexaStringToByteArray(encryptedSymKey);
byte[] byteAESIV = EncryptionHelper.HexaStringToByteArray(encryptedIV);
var decryptedInt = _RSA.Decrypt(byteInteger, true);
var decryptedAESKey = _RSA.Decrypt(byteAESKey, true);
var decryptedAESIV = _RSA.Decrypt(byteAESIV, true);
var aesProvider = new AesCryptoServiceProvider();
aesProvider.IV = decryptedAESIV;
aesProvider.Key = decryptedAESKey;
int originalInt = BitConverter.ToInt32(decryptedInt, 0) + 50;
byte[] encryptedResponse = await EncryptionHelper.EncryptAES(originalInt.ToString(), aesProvider);
var hexResponse = EncryptionHelper.ByteArrayToHexString(encryptedResponse, true);
return(StatusCode(200, hexResponse));
}
catch (Exception)
{
return(StatusCode(400, "Bad Request"));
}
}
public async Task <IActionResult> UpdateRole([FromBody] User updateUser, [FromHeader] string APIKey)
{
try
{
//if (updateUser.UserName == "" || updateUser.Role == "")
// throw new Exception("NOT DONE: An error occured");
var userExists = await UserDatabaseAccess.UserExists(updateUser.UserName, base._context);
if (!userExists)
{
throw new Exception("NOT DONE: Username does not exist");
}
var user = await UserDatabaseAccess.GetUserWithName(updateUser.UserName, base._context);
string[] allowedRoles = { "Admin", "User" };
if (!allowedRoles.Contains(updateUser.Role))
{
throw new Exception("NOT DONE: Role does not exist");
}
else if (allowedRoles.Contains(updateUser.Role))
{
await UserDatabaseAccess.ChangeRole(updateUser, user, _context);
var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context);
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var Log = authUser.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(Log, authUser, base._context);
return(StatusCode(200, "DONE"));
}
throw new Exception("NOT DONE: An error occured");
}
catch (Exception e)
{
return(StatusCode(400, e.Message));
}
}
public async Task <IActionResult> GetHello([FromHeader] string APIKey)
{
try
{
var user = await UserDatabaseAccess.GetUser(APIKey, base._context);
#region Register Log
string Method = this.HttpContext.Request.Method;
string Path = this.HttpContext.Request.Path;
var Log = user.Role + " requested " + Method + " " + Path;
await UserDatabaseAccess.AddLog(Log, user, base._context);
#endregion
string Result = "Hello " + user.UserName;
return(StatusCode(200, Result));
}
catch (Exception)
{
return(StatusCode(400, "Bad Request"));
}
}
