/// <summary>
/// Evaluate user-token.
/// </summary>
/// <param name="request">object: Request.</param>
/// <returns>True: authorized, false: no authorized.</returns>
public bool IsAuthorized(Request request, AuthorizationUser authUser)
{
string token = request.Headers["token"];
AuthorizationUser generated = Session.GetUserAuthorised(token, authUser.SecretWord);
if (generated.Password.Equals(authUser.Password) && generated.Username.Equals(authUser.Username))
{
return(true);
}
return(false);
}
/// <summary>
/// This method evaluate a token if is correct according the user data.
/// </summary>
/// <param name="user">object: user</param>
/// <param name="token">string: token</param>
/// <returns>True: If is correct, false: isn't</returns>
static public AuthorizationUser GetUserAuthorised(string token, string secret)
{
if (string.IsNullOrEmpty(token) || string.IsNullOrEmpty(secret))
{
Console.WriteLine("The token was not verified. Any field of user are empty.");
return(null);
}
string tokenDecoded = JsonWebToken.Decode(token, secret);
AuthorizationUser userGenerated = JsonConvert.DeserializeObject <AuthorizationUser>(tokenDecoded);
return(userGenerated);
}
/// <summary>
/// This method verify id the time was expired.
/// </summary>
/// <param name="user">object: user</param>
/// <param name="token">string: token</param>
/// <returns>True: if was expired , false: Was not expired.</returns>
static public bool ExpiredTime(AuthorizationUser user, string token, string secret)
{
if (string.IsNullOrEmpty(user.Username) || string.IsNullOrEmpty(token) ||
string.IsNullOrEmpty(secret) || string.IsNullOrEmpty(user.Password))
{
Console.WriteLine("The lifetime of token was not evaluated. Maybe any parameter are empty.");
return(true);
}
string strJson = JsonWebToken.Decode(token, secret, false);
AuthorizationUser userGenerated = JsonConvert.DeserializeObject <AuthorizationUser>(strJson);
DateTime unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
double now = Math.Round((DateTime.Now - unixEpoch).TotalSeconds);
if (userGenerated.ExpirationTime < now)
{
return(true);
}
return(false);
}
/// <summary>
/// Execute action of Request.
/// </summary>
/// <param name="ActionRequest">Dictionary: Request action to execute.</param>
/// <returns>Object: Action with to precessed.</returns>
public object ExecuteAction(Dictionary <string, object> RequestAction)
{
ActionResult result;
if (Routes == null)
{
///TODO: resolver esto.
return("500");
}
else
{
foreach (Route route in Routes)
{
if (route.UrlPath == RequestAction["URLPath"].ToString())
{
/// TODO: si no hay metodo definido, aceptarlocomo si fuera un Get por defecto
//if (route.ControllerName != RequestAction["HttpMethod"].ToString())
// {
// return "500";
// }
// else {
BaseController baseController = new BaseController();
DirectoryInfo directoryInfo = new DirectoryInfo(AppSite.physicalPath);
FileInfo[] fileInfo = directoryInfo.GetFiles("*.dll");
foreach (FileInfo fi in fileInfo)
{
Assembly assembly = Assembly.LoadFrom(fi.FullName);
foreach (var type in assembly.GetTypes())
{
if (type != typeof(BaseController) && typeof(BaseController).IsAssignableFrom(type))
{
baseController = (BaseController)Activator.CreateInstance(type);
//for test.
string urlPath = (string)RequestAction["URLPath"];
string mehod = (string)RequestAction["HttpMethod"];
NameValueCollection header = (NameValueCollection)RequestAction["Header"];
NameValueCollection parameters = (NameValueCollection)RequestAction["Params"];
NameValueCollection QueryParams = (NameValueCollection)RequestAction["QueryParams"];
Dictionary <string, HttpFile> files = (Dictionary <string, HttpFile>)RequestAction["Files"];
baseController.Request = new Request(urlPath, mehod, header, parameters, QueryParams, files);
baseController.Route = route;
baseController.httpContext.Site.physicalPath = AppSite.physicalPath;
if (baseController.GetType().Name == route.ControllerName)
{
MethodInfo method = baseController.GetType().GetMethod(route.ActionName);
AuthorizeAttribute attribute = (AuthorizeAttribute)method.GetCustomAttribute(typeof(AuthorizeAttribute));
AuthorizationUser authorizationUser = baseController.User;
if (attribute != null)
{
if (!attribute.IsAuthorized(baseController.Request, authorizationUser))
{
Console.WriteLine("user no authorized..");
}
else
{
result = (ActionResult)method.Invoke(baseController, new object[] { });
Headers = baseController.httpContext.Headers;
return(result);
}
}
result = (ActionResult)method.Invoke(baseController, new object[] { });
Headers = baseController.httpContext.Headers;
return(result);
}
}
}
}
// }
}
}
}
return(null);
}