public async Task <AuthorizationResponseModel> LogInAsync(AuthorizationRequestModel logInRequestModel)
{
var response = new AuthorizationResponseModel {
IsSuccessful = false
};
UserData userData = await applicationUserRepository.FindByEmailAsync(logInRequestModel.Email.Normalize());
if (userData == null)
{
response.Message = "Account with this email doesn`t exists";
}
else if (!await applicationUserRepository.CheckPasswordAsync(
logInRequestModel.Email,
logInRequestModel.Password))
{
response.Message = "Wrong Password";
}
else
{
string token = javascriptWebTokenFactory.Create(userData.Id);
var sessionDto = new SessionData
{
UserId = userData.Id,
Token = token
};
await sessionRepository.CreateAsync(sessionDto);
response.Token = token;
response.IsSuccessful = true;
}
return(response);
}
private async Task <IActionResult> HandleImplicitGrantAsync(AuthorizationRequestModel model)
{
var command = new ImplicitGrantCommand
{
ClientId = model.ClientId,
ScopeNames = model.Scope.Split(' '),
RedirectUri = model.RedirectUri
};
if (User.Identity.IsAuthenticated)
{
command.UserName = User.Identity.Name;
}
var result = await _sagaBus.InvokeAsync <ImplicitGrantCommand, OAuth20Result>(command);
var context = _dataProtector.Protect(result.SagaId.ToString());
switch (result.State)
{
case OAuth20State.RequireSignIn:
return(View("SignIn", new OAuthSignInModel {
ProtectedOAuthContext = context
}));
case OAuth20State.RequirePermissionGrant:
return(PermissionGrantView(result));
case OAuth20State.Finished:
return(ImplictRedirect(result));
default:
return(BadRequest());
}
}
public byte[] RequestTranAuthorization(AuthorizationRequestModel msg)
{
if (string.IsNullOrEmpty(msg.Mti) || msg.Mti != "0200")
{
throw new ArgumentException("Mti is not valid for RequestTranAuthorization(0200)");
}
var model = new AS2805Model(msg.Mti);
model.SetField(3, msg.ProcessingCode);
model.SetField(4, msg.AmountTran);
model.SetField(7, msg.TranDate);
model.SetField(11, msg.Stan);
model.SetField(12, msg.TimeLocalTran);
model.SetField(13, msg.DateLocalTran);
model.SetField(15, msg.DateSettlement);
model.SetField(18, msg.MerchantType);
model.SetField(22, msg.MiscellaneousX);
model.SetField(25, msg.PosConditionCode);
model.SetField(28, msg.AmtTranFee);
model.SetField(32, msg.AcqInstIdCode);
model.SetField(35, msg.Track2);
model.SetField(37, msg.TranSeqNo);
model.SetField(41, msg.TerminalId);
model.SetField(42, msg.CardAcptIdCode);
model.SetField(43, msg.NameLocation);
model.SetField(47, msg.AddtlDataNat);
model.SetField(52, msg.PinBlock);
model.SetField(53, msg.SecControlInfo);
model.SetField(55, msg.MiscellaneousX);
model.SetField(57, msg.AmountCash);
model.SetField(64, msg.Mac64);
_log.Info(string.Format("host node build (0200) request transaction authorization ==> {0}", model));
return(model.ToBytes());
}
public async Task <IActionResult> Authorize([FromQuery] AuthorizationRequestModel model)
{
AuthorizationGrant grantType;
try
{
grantType = ParseGrantTypeFromResponseType(model.ResponseType);
}
catch (ArgumentOutOfRangeException)
{
return(BadRequest());
}
switch (grantType)
{
case AuthorizationGrant.AuthorizationCode:
return(await HandleAuthorizationCodeGrantAsync(model));
case AuthorizationGrant.Implicit:
return(await HandleImplicitGrantAsync(model));
default:
return(BadRequest());
}
}
public async Task <AuthorizationResponseModel> RegisterAsync(AuthorizationRequestModel registrationModel)
{
RoleData role = applicationRoleRepository.Get(registrationModel.Role);
RegistrationResponseModel response = new RegistrationResponseModel()
{
IsSuccessful = false, Message = string.Empty
};
var userData = new UserData
{
Email = registrationModel.Email,
Password = registrationModel.Password,
RoleId = role.Id
};
IdentityResult userCreatingResult = await applicationUserRepository.CreateAsync(userData);
if (!userCreatingResult.Succeeded)
{
// pushing message of first error in array
response.Message = GetErrorMessage(userCreatingResult);
return(response);
}
userData = await applicationUserRepository.FindByEmailAsync(userData.Email);
ClientData client = new ClientData()
{
Name = registrationModel.UserName,
Surname = registrationModel.Surname,
PhotoPath = "default/profile.png",
UserId = userData.Id
};
ClientData addedClient = await clientRepository.AddAsync(client);
if (addedClient == null)
{
response.Message = "Client not added";
}
response.IsSuccessful = true;
string token = javascriptWebTokenFactory.Create(userData.Id);
var sessionData = new SessionData
{
UserId = userData.Id,
Token = token,
};
await sessionRepository.CreateAsync(sessionData);
response.Token = token;
return(response);
}
public async Task <IHttpActionResult> Authorization(AuthorizationRequestModel model)
{
if (!ModelState.IsValid)
{
var errors = new StringBuilder();
foreach (var state in ModelState)
{
foreach (var error in state.Value.Errors)
{
errors.Append($"{error.ErrorMessage}\n");
}
}
return(BadRequest(errors.ToString()));
}
try
{
var user = await userReadService.GetUserByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest("User is not registered"));
}
else
{
var hashPassword = userWriteService.HashPassword(model.Password);
if (hashPassword == user.Password)
{
var role = user.Role;
var identity = SignIn(user.Email, user.Role.Value, user.Id.ToString());
var token = GetUserToken(identity);
return(Ok(new { token, user.Id, user.RoleId }));
}
else
{
return(BadRequest("IncorrectPassword"));
}
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public AuthorizationModel Get(AuthorizationRequestModel request)
{
var rules = new Cache <string, AuthorizationRuleModel>(r => new AuthorizationRuleModel(r));
_behaviorGraph
.Behaviors
.Each(chain =>
{
var authorizor = _authorizationDescriptor.AuthorizorFor(chain);
authorizor
.RulesDescriptions()
.Each(r => rules[r].AddRoute(new AuthorizedRouteModel(chain.UniqueId, chain.Route == null ? "(no route)" : chain.Route.Pattern)));
});
return(new AuthorizationModel
{
Rules = rules
});
}
public TranHostNodeResponseDto RequestTransaction(TranHostNodeRequestDto req)
{
ITransactionService svc = new TransactionService();
_log.Debug("Creating Transaction Request");
AuthorizationRequestModel model = svc.RequestTranAuthorization(req);
byte[] rawBytes = _responseBuilder.RequestTranAuthorization(model);
_log.Debug("Get Transaction Response");
try
{
BaseModel res = _bank.Send(rawBytes, model.Stan);
if (res is TransactionModel)
{
TransactionModel tran = res as TransactionModel;
TranHostNodeResponseDto responseDto = new TranHostNodeResponseDto
{
Stan = tran.Stan,
ResponseCode = tran.RespCode,
ResponseDescription = tran.RespDescription,
ResponseAction = tran.RespAction,
AmountTran = tran.AmountTran,
AmtTranFee = tran.AmtTranFee,
AmountCash = tran.AmountCash,
TranSeqNo = model.TranSeqNo// set from request model
};
return(responseDto);
}
else
{
throw new InvalidOperationException("incorrect responsed from Bank");
}
}
catch (Exception)
{
throw;
}
}
public AuthorizationRequestModel RequestTranAuthorization(TranHostNodeRequestDto dto)
{
_log.Debug("Creating TransactionModel Request");
string cardAcceptorId = "437586000 "; // p42_card_acceptor_id
string nationalData = @"TCC01\EFC00000000\CCI0\FBKV\"; // p47_additional_response_national
int securityBlock = 2; // 53
string destKeyRow = "29365A0400000000"; // 64
int acq_inst_id = 560258; // 32
string mti = "0200";
AuthorizationRequestModel trn = new AuthorizationRequestModel
(
mti: mti,
processingCode: dto.P3ProcessingCode,
transactionAmount: dto.P4AmountTran,
transactionDate: dto.P7TransmitDt,
stan: _rrnSequence.GetStan,
timeLocal: dto.P12TimeLocalTran,
dateLocation: dto.P13DateLocalTran,
dateSettlement: dto.P15DateSettlement,
merchantType: dto.P18MerchantType,
posConditionCode: dto.P25PosConditionCode,
transactionFee: dto.P28AmtTranFee,
acqInstIdCode: acq_inst_id,
track2: dto.P35Track2,
retRefNo: dto.TranSeqNo,
terminalId: dto.P41TerminalId,
cardAcptIdCode: cardAcceptorId,
nameLocation: dto.P43NameLocation,
addtlDataNat: nationalData,
pinBlock: dto.P52PinBlock,
secControlInfo: securityBlock,
amountCash: dto.P57AmountCash,
mac64: destKeyRow,
miscellaneousX: dto.MiscellaneousX
);
return(trn);
}
public BankRawMessage GenerateAuthorizationResponse(AuthorizationRequestModel model)
{
BankRawMessage result = new BankRawMessage(_responseBuilder.ResponseTranAuthorization(model));
return(result);
}
