private async Task authorize()
{
string jsonStr = JsonConvert.SerializeObject(_claims);
string jwtClaimSet = jsonStr.Base64();
string assertion = $"{JWT_HEADER}.{jwtClaimSet}";
byte[] shaSignature = ConvertUtil.Sha256WithRSA(assertion, _privateKey);
string jwtSignature = shaSignature.Base64();
assertion += "." + jwtSignature;
string responseStr = await authorizePost(assertion);
AuthorizeResponseModel response = JsonConvert.DeserializeObject <AuthorizeResponseModel>(responseStr);
_accessToken = response.AccessToken;
}
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel model)
{
var result = new AuthorizeResponseModel {
Success = true
};
var command = new AuthorizeTransactionCommand {
TransactionId = new Guid(model.TransactionId),
Email = model.Email,
CountryIsoCode = model.CountryIsoCode,
CurrencyIsoCode = model.CurrencyIsoCode,
Description = model.ReferenceDescription,
Order = new Payments.Application.Commands.TransactionCommand.Models.OrderModel {
FirstName = model.FirstName,
LastName = model.LastName,
OrderGroup = model.OrderGroup,
OrderId = model.OrderId,
OrderNumber = model.OrderNumber,
IdentificationNumber = model.IdentificationNumber,
IdentificationType = model.IdentificationType,
PhoneNumber = model.PhoneNumber,
SellerId = model.SellerId,
SellerName = model.SellerName
},
Card = new Payments.Application.Commands.TransactionCommand.Models.CardModel {
PlaceHolder = model.Placeholder,
CardNumber = model.CardNumber,
CardType = model.CardType,
Year = model.Year,
Month = model.Month,
Cvv = model.Cvv,
Amount = model.Amount,
Installments = model.Installments
}
};
var response = await this._mediator.Send(command);
result.Success = true;
return(result);
}
public async Task <Result <AuthorizeResponseModel> > Authorize(ApplicationUserModel model)
{
try
{
var hashedPassword = CryptographyHelper.Hash(model.Password, HASHKEY + model.Email);
var user = await _userRepository.GetSingle(u => u.Email == model.Email && u.HashedPassword == hashedPassword);
if (user != null)
{
user.LastLogin = DateTime.Now;
_userRepository.Update(user);
var role = await GetRole(model.Email);
string encodedJwt = await GetJWTToken(model, role);
user.LastLogin = DateTime.Now;
var response = new AuthorizeResponseModel()
{
AccessToken = encodedJwt,
Expires = (int)_jwtOptions.ValidFor.TotalSeconds
};
return(new Result <AuthorizeResponseModel>(response));
}
else
{
ErrorResult error = GenerateError("User not found", "Email", "Invalid email", ErrorStatus.ObjectNotFound);
return(new Result <AuthorizeResponseModel>(error));
}
}
catch (Exception ex)
{
ErrorResult error = GenerateError(ex);
return(new Result <AuthorizeResponseModel>(error));
}
}
public IActionResult Authorize
(
[FromBody, Required] AuthorizeModel model
)
{
_ = model ?? throw new NullReferenceException("No valid model was passed");
_logger.LogInformation("Authorize request received");
try
{
if (model.securityData.login.loginID != _configuration["StubLogin:loginID"] && model.securityData.login.password != _configuration["StubLogin:password"])
{
throw new ArgumentException("login is not valid");
}
if (model.accountNumber.Substring(0, 5) != _configuration["StubLogin:routePrefix"])
{
throw new ArgumentOutOfRangeException("account number is not falid");
}
Random random = new Random();
AuthorizeResponseModel authorizeResponseModel = new AuthorizeResponseModel();
if (random.Next(0, 100) > int.Parse(_configuration["StubLogin:ErrorRatio"]))
{
authorizeResponseModel = new AuthorizeResponseModel()
{
messageID = model.messageID,
responseCode = ResponseCode.APPROVED,
responseText = "Success",
structuredData = model.structuredData,
transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
customerData = new CustomerData()
{
contactNumber = "0112223344",
firstName = "STUB",
idNumber = "0099887766554",
lastName = "STUB"
},
dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME),
echoData = model.echoData,
issuerTransactionID = Guid.NewGuid().ToString()
};
}
else
{
authorizeResponseModel = new AuthorizeResponseModel()
{
messageID = model.messageID,
responseCode = ResponseCode.PAYMENT_NOT_ALLOWED,
responseText = "payment not allowed",
structuredData = model.structuredData,
transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
customerData = new CustomerData()
{
contactNumber = "0112223344",
firstName = "STUBB",
idNumber = "009988",
lastName = "STUBB"
},
dueDate = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
echoData = model.echoData,
issuerTransactionID = Guid.NewGuid().ToString()
};
}
_logger.LogInformation("Authorize request returned");
return(Ok(authorizeResponseModel));
}
catch (ArgumentOutOfRangeException ex)
{
_logger.LogError($"Authorize threw an argument excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}");
return(Ok(new AuthorizeResponseModel()
{
messageID = model.messageID,
responseCode = ResponseCode.INVALID_ACCOUNT_NUMBER,
responseText = "invalid account number",
structuredData = model.structuredData,
transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
customerData = new CustomerData()
{
contactNumber = "0112223344",
firstName = "STUB",
idNumber = "0099887766554",
lastName = "STUB"
},
dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME),
echoData = model.echoData,
issuerTransactionID = Guid.NewGuid().ToString()
}));
}
catch (ArgumentException ex)
{
_logger.LogError($"Authorize threw an argument excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}");
return(Ok(new AuthorizeResponseModel()
{
messageID = model.messageID,
responseCode = ResponseCode.INVALID_AUTHENTICATION,
responseText = "invalid authentication",
structuredData = model.structuredData,
transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
customerData = new CustomerData()
{
contactNumber = "0112223344",
firstName = "STUB",
idNumber = "0099887766554",
lastName = "STUB"
},
dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME),
echoData = model.echoData,
issuerTransactionID = Guid.NewGuid().ToString()
}));
}
catch (Exception ex)
{
_logger.LogError($"Authorize threw an excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}");
return(Ok(new AuthorizeResponseModel()
{
messageID = model.messageID,
responseCode = ResponseCode.SYSTEM_MALFUNCTION,
responseText = "inner Excpetion",
structuredData = model.structuredData,
transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME),
customerData = new CustomerData()
{
contactNumber = "0112223344",
firstName = "STUB",
idNumber = "0099887766554",
lastName = "STUB"
},
dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME),
echoData = model.echoData,
issuerTransactionID = Guid.NewGuid().ToString()
}));
}
}
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel request)
{
var securityUrl = request.Settings.GetValueOrDefault("SecurityUrl");
var userName = request.Settings.GetValueOrDefault("UserName");
var password = request.Settings.GetValueOrDefault("Password");
var authorizeUrl = request.Settings.GetValueOrDefault("AuthorizeUrl");
var merchantId = request.Settings.GetValueOrDefault("MerchantId");
var channel = request.Settings.GetValueOrDefault("Channel");
var captureType = request.Settings.GetValueOrDefault("CaptureType");
var countable = Convert.ToBoolean(request.Settings.GetValueOrDefault("Countable"));
var token = await this._visaNetSecurityTokenService.GetToken(securityUrl, userName, password);
var identificationType = "";
if (request.IdentificationType.Equals("dni", StringComparison.OrdinalIgnoreCase))
{
identificationType = "0";
}
else if (request.IdentificationType.Equals("pasaporte", StringComparison.OrdinalIgnoreCase))
{
identificationType = "2";
}
else
{
identificationType = "1";
}
var requestMessage = new
{
channel = channel,
captureType = captureType,
countable = countable,
order = new
{
purchaseNumber = request.OrderNumber,
amount = request.Amount,
installment = request.Installments,
currency = request.CurrencyIsoCode,
externalTransactionId = request.TransactionId
},
card = new
{
cardNumber = request.CardNumber,
expirationMonth = request.Month,
expirationYear = $"20{request.Year}",
cvv2 = request.Cvv
},
cardHolder = new
{
firstName = request.PlaceHolder.Split(' ')[0],
lastName = request.PlaceHolder.Split(' ')[1],
email = request.Email,
phoneNumber = request.PhoneNumber,
documentType = identificationType,
documentNumber = request.IdentificationNumber
}
};
var headers = new Dictionary <string, string>();
headers.Add("authorization", token);
using (var proxy = new HttpClient())
{
var httpRequest = new HttpRequestMessage(HttpMethod.Post, $"{authorizeUrl}/authorization/ecommerce/{merchantId}");
foreach (var h in headers)
{
httpRequest.Headers.TryAddWithoutValidation(h.Key, h.Value);
}
var json = Newtonsoft.Json.JsonConvert.SerializeObject(requestMessage);
httpRequest.Content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await proxy.SendAsync(httpRequest);
if (response.IsSuccessStatusCode)
{
var data = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeResultModel>(await response.Content.ReadAsStringAsync());
var result = new AuthorizeResponseModel
{
Success = false
};
if (data.DataMap.ECI.Equals("07") || data.DataMap.ECI.Equals("05"))
{
var transactionDate = DateTime.ParseExact(data.DataMap.TRANSACTION_DATE.ToString(), "yyMMddHHmmss", CultureInfo.InvariantCulture);
result.Success = true;
result.TransactionId = data.Order.TransactionId;
result.TransationDate = transactionDate;
result.AuthCode = data.Order.AuthorizationCode;
result.Amount = data.Order.Amount;
result.AuthorizedAmount = data.Order.AuthorizedAmount;
result.OrderNumber = data.Order.PurchaseNumber;
result.PlaceHolder = $"{requestMessage.cardHolder.firstName} {requestMessage.cardHolder.lastName}";
result.CardNumber = data.DataMap.CARD;
result.Month = requestMessage.card.expirationMonth;
result.Year = requestMessage.card.expirationYear;
result.CardType = data.DataMap.BRAND;
}
else
{
result.Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = data.DataMap.ECI, Message = data.DataMap.ECI_DESCRIPTION
}
};
}
return(result);
}
if (response.StatusCode == System.Net.HttpStatusCode.BadGateway)
{
return(new AuthorizeResponseModel
{
Success = false,
Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = "-1", Message = "BadGateway"
}
}
});
}
var jsonError = await response.Content.ReadAsStringAsync();
var errorData = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeFailedResultModel>(jsonError);
return(new AuthorizeResponseModel
{
Success = false,
Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = errorData.ErrorCode, Message = $"Code: ({errorData.Data.ACTION_CODE}) {errorData.Data.ACTION_DESCRIPTION}. {errorData.ErrorMessage}"
}
}
});
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!this.IsPostBack)
{
//code说明 : code作为换取access_token的票据,每次用户授权带上的code将不一样,code只能使用一次,5分钟未被使用自动过期。
string code = Request["code"];
string state = Request["state"];
this.lblMsg.Text = "欢迎进入迅灵矿场";
LogHelper.Instance.AddInfoLog("code:" + code + "; state: " + state);
if (state == Config.state)
{
HttpGetReturnModel resultValue = WeiXinHandler.SynGetUserAccessToken(code);
if (resultValue.Exception != null)
{
this.lblMsg.Text = "登录异常,请联系迅灵矿场管理员";
return;
}
if (resultValue.ResponseError != null)
{
Session[Config.SESSIONKEY_RESPONSEERROR] = resultValue.ResponseError;
Server.Transfer("ErrorPage.aspx");
return;
}
AuthorizeResponseModel authObj = resultValue.ResponseResult as AuthorizeResponseModel;
if (authObj != null)
{
this.lblMsg.Text = "authObj OK";
Session[Config.SESSIONKEY_AUTHORIZEOBJ] = authObj;
resultValue = WeiXinHandler.SyncGetUserInfo(authObj.access_token, authObj.openid);
}
if (resultValue.Exception != null)
{
this.lblMsg.Text = "登录异常,请联系迅灵矿场管理员";
return;
}
if (resultValue.ResponseError != null)
{
Session[Config.SESSIONKEY_RESPONSEERROR] = resultValue.ResponseError;
Server.Transfer("ErrorPage.aspx");
return;
}
WeiXinUserInfoModel userObj = resultValue.ResponseResult as WeiXinUserInfoModel;
Session[Config.SESSIONKEY_WXUSERINFO] = userObj;
string ip = System.Web.HttpContext.Current.Request.UserHostAddress;
this.lblMsg.Text = "欢迎 " + userObj.nickname + " 进入迅灵矿场";
OperResultObject resultobj = WcfClient.Instance.WeiXinLogin(userObj.openid, userObj.nickname, ip);
this.lblMsg.Text = "登录迅灵矿场,结果为:" + OperResult.GetMsg(resultobj.OperResultCode);
if (resultobj.OperResultCode == OperResult.RESULTCODE_TRUE)
{
this.lblMsg.Text = "WeiXinLogin OK";
var player = WcfClient.Instance.GetPlayerByWeiXinOpenID(userObj.openid);
this.lblMsg.Text = "player OK";
WebUserInfo userinfo = new WebUserInfo();
userinfo.xlUserID = player.SimpleInfo.UserID;
userinfo.xlUserName = player.SimpleInfo.UserName;
userinfo.wxOpenID = userObj.openid;
// 登录状态100分钟内有效
MyFormsPrincipal <WebUserInfo> .SignIn(userinfo.xlUserName, userinfo, 100);
//Session[userinfo.xlUserName] = player;
Response.Redirect("View/Index.aspx", false);
}
else if (resultobj.OperResultCode == OperResult.RESULTCODE_USER_NOT_EXIST || resultobj.OperResultCode == OperResult.RESULTCODE_USERNAME_PASSWORD_ERROR)
{
Response.Redirect("LoginPage.aspx", false);
}
else
{
string message = string.IsNullOrEmpty(resultobj.Message) ? OperResult.GetMsg(resultobj.OperResultCode) : resultobj.Message;
Response.Write("<script>alert('登录迅灵矿场失败, 原因为:" + message + "')</script>");
}
}
else
{
}
}
}
catch (Exception exc)
{
this.lblMsg.Text = "WeiXinResponse Exception. " + exc.Message;
LogHelper.Instance.AddErrorLog("WeiXinResponse Exception", exc);
}
}
