/* * Rotating this user's password could potentially break the current user, so ensure that the return password * is stored someplace safely. */ public async Task <string> RotateAgentPassword(string agent, string newPassword = null) { ClientSession agentSession = _sessions[agent]; CardSavrResponse <List <User> > u = await agentSession.client.GetUsersAsync(new NameValueCollection() { { "username", agent } }); if (u == null) { throw new ArgumentException($"Username {agent} does not exist"); } else if (u.Body.Count > 1) { throw new ArgumentException($"{u.Body.Count} users for ${agent}, there should only be one."); } PropertyBag bag = new PropertyBag(); bag["username"] = agent; string password = (newPassword ?? ApiUtil.GenerateStretchedPassword(agent, 20)); //bag gets mutated bag["password"] = password; CardSavrResponse <PropertyBag> response = await agentSession.client.UpdateUserPasswordAsync((int)u.Body[0].id, bag); if (response.Body != null) { return(password); } throw new ArgumentException("Couldn't update provided password."); }
public async Task <String> RotateIntegrator(string user, string integrator_name) { ClientSession agentSession = _sessions[user]; CardSavrResponse <List <Integrator> > response = await agentSession.client.GetIntegratorsAsync(new NameValueCollection() { { "name", integrator_name } }); if (response.Body == null || response.Body.Count > 1) { throw new ArgumentException($"Can't reset unknown integrator: {integrator_name}"); } Integrator integrator = response.Body[0]; CardSavrResponse <Integrator> updated = await agentSession.client.RotateIntegratorsAsync(integrator.id); return(updated.Body.current_key); }
public async Task <ClientLogin> CreateCard(string agent, Cardholder cardholder, Card card, Address address, string financialInstitution = null, string safeKey = null) { //don't need the login data ClientSession agentSession = _sessions[agent]; PropertyBag u = new PropertyBag(); u["email"] = cardholder.email; u["cuid"] = cardholder.cuid; u["custom_data"] = cardholder.custom_data; //set the missing settings for model if (String.IsNullOrEmpty(cardholder.first_name)) { u["first_name"] = address.first_name; } if (String.IsNullOrEmpty(cardholder.last_name)) { u["last_name"] = address.last_name; } if (String.IsNullOrEmpty(card.name_on_card)) { card.name_on_card = $"{u["first_name"]} {u["last_name"]}"; } CardSavrResponse <Cardholder> cardholderResponse = await agentSession.client.CreateCardholderAsync(u, safeKey, financialInstitution); if (cardholderResponse.Body == null || cardholderResponse.Body.id == null) { throw new RequestException($"No body returned Creating Cardholder: {u}"); } int cardholderId = cardholderResponse.Body.id ?? -1; address.cardholder_id = cardholderId; CardSavrResponse <Address> addressResponse = await agentSession.client.CreateAddressAsync(ApiUtil.BuildPropertyBagFromObject(address)); card.cardholder_id = cardholderId; card.address_id = addressResponse.Body.id ?? -1; card.par = ApiUtil.GenerateRandomPAR(card.pan, card.expiration_month, card.expiration_year, cardholderResponse.Body.cuid); CardSavrResponse <Card> cardResponse = await agentSession.client.CreateCardAsync(ApiUtil.BuildPropertyBagFromObject(card), safeKey); return(new ClientLogin() { grant = cardholderResponse.Body.grant, card = cardResponse.Body, address = addressResponse.Body, cardholder = cardholderResponse.Body }); }
// Could be exposed publicly to give advanced users more flexibility. private async Task <CardSavrResponse <List <T> > > ApiMultiPutDelAsync <T>( string path, string pathWithId, QueryDef qd, HttpMethod method, object body, string safeKey, Paging paging = null, HttpRequestHeaders headers = null) where T : class { // by default we just tack the id on the end (we assume no trailing slash). pathWithId = pathWithId ?? path + "/{0}"; CardSavrResponse <List <T> > result; if (qd.IsID) { // this is a singular operation, so just do it. CardSavrResponse <T> singleResponse = await ApiPutDelAsync <T>( pathWithId, qd.ID, method, body, safeKey, headers); // then transform the result into a list. result = new CardSavrResponse <List <T> >() { StatusCode = singleResponse.StatusCode, Paging = singleResponse.Paging, Body = new List <T>() { singleResponse.Body } }; } else { // get all the things implied by the query parameters, the iterate through and perform // the operation on each thing successively. result = await ApiGetAsync <List <T> >(path, qd, paging, headers); foreach (T t in result.Body) { // we have to use reflection on a generic type. string id = Convert.ToString(t.GetType().GetProperty("id").GetValue(t)); // should probably have some error handling here so we can continue on failure. await ApiPutDelAsync <T>(pathWithId, id, method, body, safeKey, headers); } } return(result); }
LoginAsync(HttpRequestHeaders headers = null) { object body = new Login() { client_public_key = _data.Ecdh.PublicKey, username = _data.UserName, password_proof = _data.Password != null?HashUtil.HmacSign(_data.StaticKey, MakePasswordKey(_data.UserName, _data.Password), true) : null }; CardSavrResponse <LoginResult> result = await ApiPostAsync <LoginResult>( "/session/login", body, null, headers); // the shared secret will be used in future encrpyted communications. _data.SessionToken = result.Body.session_token; _data.Ecdh.ComputeSharedSecret(result.Body.server_public_key, true); log.Info("received server public key; computed shared secret."); return(result); }
public async Task <ClientSession> LoginAndCreateSession(string username, string password, string trace = null) { if (_sessions.ContainsKey(username)) { return(_sessions[username]); } CardSavrHttpClient session = new CardSavrHttpClient(_rejectUnauthorized); session.Setup(_cardsavrServer, _appKey, _appName, username, password, trace); CardSavrResponse <LoginResult> login = await session.Init(); _sessions[username] = new ClientSession { client = session }; return(_sessions[username]); }