private async Task authorize() { string jsonStr = JsonConvert.SerializeObject(_claims); string jwtClaimSet = jsonStr.Base64(); string assertion = $"{JWT_HEADER}.{jwtClaimSet}"; byte[] shaSignature = ConvertUtil.Sha256WithRSA(assertion, _privateKey); string jwtSignature = shaSignature.Base64(); assertion += "." + jwtSignature; string responseStr = await authorizePost(assertion); AuthorizeResponseModel response = JsonConvert.DeserializeObject <AuthorizeResponseModel>(responseStr); _accessToken = response.AccessToken; }
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel model) { var result = new AuthorizeResponseModel { Success = true }; var command = new AuthorizeTransactionCommand { TransactionId = new Guid(model.TransactionId), Email = model.Email, CountryIsoCode = model.CountryIsoCode, CurrencyIsoCode = model.CurrencyIsoCode, Description = model.ReferenceDescription, Order = new Payments.Application.Commands.TransactionCommand.Models.OrderModel { FirstName = model.FirstName, LastName = model.LastName, OrderGroup = model.OrderGroup, OrderId = model.OrderId, OrderNumber = model.OrderNumber, IdentificationNumber = model.IdentificationNumber, IdentificationType = model.IdentificationType, PhoneNumber = model.PhoneNumber, SellerId = model.SellerId, SellerName = model.SellerName }, Card = new Payments.Application.Commands.TransactionCommand.Models.CardModel { PlaceHolder = model.Placeholder, CardNumber = model.CardNumber, CardType = model.CardType, Year = model.Year, Month = model.Month, Cvv = model.Cvv, Amount = model.Amount, Installments = model.Installments } }; var response = await this._mediator.Send(command); result.Success = true; return(result); }
public async Task <Result <AuthorizeResponseModel> > Authorize(ApplicationUserModel model) { try { var hashedPassword = CryptographyHelper.Hash(model.Password, HASHKEY + model.Email); var user = await _userRepository.GetSingle(u => u.Email == model.Email && u.HashedPassword == hashedPassword); if (user != null) { user.LastLogin = DateTime.Now; _userRepository.Update(user); var role = await GetRole(model.Email); string encodedJwt = await GetJWTToken(model, role); user.LastLogin = DateTime.Now; var response = new AuthorizeResponseModel() { AccessToken = encodedJwt, Expires = (int)_jwtOptions.ValidFor.TotalSeconds }; return(new Result <AuthorizeResponseModel>(response)); } else { ErrorResult error = GenerateError("User not found", "Email", "Invalid email", ErrorStatus.ObjectNotFound); return(new Result <AuthorizeResponseModel>(error)); } } catch (Exception ex) { ErrorResult error = GenerateError(ex); return(new Result <AuthorizeResponseModel>(error)); } }
public IActionResult Authorize ( [FromBody, Required] AuthorizeModel model ) { _ = model ?? throw new NullReferenceException("No valid model was passed"); _logger.LogInformation("Authorize request received"); try { if (model.securityData.login.loginID != _configuration["StubLogin:loginID"] && model.securityData.login.password != _configuration["StubLogin:password"]) { throw new ArgumentException("login is not valid"); } if (model.accountNumber.Substring(0, 5) != _configuration["StubLogin:routePrefix"]) { throw new ArgumentOutOfRangeException("account number is not falid"); } Random random = new Random(); AuthorizeResponseModel authorizeResponseModel = new AuthorizeResponseModel(); if (random.Next(0, 100) > int.Parse(_configuration["StubLogin:ErrorRatio"])) { authorizeResponseModel = new AuthorizeResponseModel() { messageID = model.messageID, responseCode = ResponseCode.APPROVED, responseText = "Success", structuredData = model.structuredData, transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), customerData = new CustomerData() { contactNumber = "0112223344", firstName = "STUB", idNumber = "0099887766554", lastName = "STUB" }, dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME), echoData = model.echoData, issuerTransactionID = Guid.NewGuid().ToString() }; } else { authorizeResponseModel = new AuthorizeResponseModel() { messageID = model.messageID, responseCode = ResponseCode.PAYMENT_NOT_ALLOWED, responseText = "payment not allowed", structuredData = model.structuredData, transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), customerData = new CustomerData() { contactNumber = "0112223344", firstName = "STUBB", idNumber = "009988", lastName = "STUBB" }, dueDate = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), echoData = model.echoData, issuerTransactionID = Guid.NewGuid().ToString() }; } _logger.LogInformation("Authorize request returned"); return(Ok(authorizeResponseModel)); } catch (ArgumentOutOfRangeException ex) { _logger.LogError($"Authorize threw an argument excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}"); return(Ok(new AuthorizeResponseModel() { messageID = model.messageID, responseCode = ResponseCode.INVALID_ACCOUNT_NUMBER, responseText = "invalid account number", structuredData = model.structuredData, transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), customerData = new CustomerData() { contactNumber = "0112223344", firstName = "STUB", idNumber = "0099887766554", lastName = "STUB" }, dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME), echoData = model.echoData, issuerTransactionID = Guid.NewGuid().ToString() })); } catch (ArgumentException ex) { _logger.LogError($"Authorize threw an argument excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}"); return(Ok(new AuthorizeResponseModel() { messageID = model.messageID, responseCode = ResponseCode.INVALID_AUTHENTICATION, responseText = "invalid authentication", structuredData = model.structuredData, transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), customerData = new CustomerData() { contactNumber = "0112223344", firstName = "STUB", idNumber = "0099887766554", lastName = "STUB" }, dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME), echoData = model.echoData, issuerTransactionID = Guid.NewGuid().ToString() })); } catch (Exception ex) { _logger.LogError($"Authorize threw an excpetion. Message {ex.Message}. Stacktrace {ex.StackTrace}. InnerException {ex.InnerException}"); return(Ok(new AuthorizeResponseModel() { messageID = model.messageID, responseCode = ResponseCode.SYSTEM_MALFUNCTION, responseText = "inner Excpetion", structuredData = model.structuredData, transmissionDateTime = DateTime.UtcNow.ToString(Startup.TRANSMISSIONDATEANDTIME), customerData = new CustomerData() { contactNumber = "0112223344", firstName = "STUB", idNumber = "0099887766554", lastName = "STUB" }, dueDate = DateTime.UtcNow.AddDays(2).ToString(Startup.TRANSMISSIONDATEANDTIME), echoData = model.echoData, issuerTransactionID = Guid.NewGuid().ToString() })); } }
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel request) { var securityUrl = request.Settings.GetValueOrDefault("SecurityUrl"); var userName = request.Settings.GetValueOrDefault("UserName"); var password = request.Settings.GetValueOrDefault("Password"); var authorizeUrl = request.Settings.GetValueOrDefault("AuthorizeUrl"); var merchantId = request.Settings.GetValueOrDefault("MerchantId"); var channel = request.Settings.GetValueOrDefault("Channel"); var captureType = request.Settings.GetValueOrDefault("CaptureType"); var countable = Convert.ToBoolean(request.Settings.GetValueOrDefault("Countable")); var token = await this._visaNetSecurityTokenService.GetToken(securityUrl, userName, password); var identificationType = ""; if (request.IdentificationType.Equals("dni", StringComparison.OrdinalIgnoreCase)) { identificationType = "0"; } else if (request.IdentificationType.Equals("pasaporte", StringComparison.OrdinalIgnoreCase)) { identificationType = "2"; } else { identificationType = "1"; } var requestMessage = new { channel = channel, captureType = captureType, countable = countable, order = new { purchaseNumber = request.OrderNumber, amount = request.Amount, installment = request.Installments, currency = request.CurrencyIsoCode, externalTransactionId = request.TransactionId }, card = new { cardNumber = request.CardNumber, expirationMonth = request.Month, expirationYear = $"20{request.Year}", cvv2 = request.Cvv }, cardHolder = new { firstName = request.PlaceHolder.Split(' ')[0], lastName = request.PlaceHolder.Split(' ')[1], email = request.Email, phoneNumber = request.PhoneNumber, documentType = identificationType, documentNumber = request.IdentificationNumber } }; var headers = new Dictionary <string, string>(); headers.Add("authorization", token); using (var proxy = new HttpClient()) { var httpRequest = new HttpRequestMessage(HttpMethod.Post, $"{authorizeUrl}/authorization/ecommerce/{merchantId}"); foreach (var h in headers) { httpRequest.Headers.TryAddWithoutValidation(h.Key, h.Value); } var json = Newtonsoft.Json.JsonConvert.SerializeObject(requestMessage); httpRequest.Content = new StringContent(json, Encoding.UTF8, "application/json"); var response = await proxy.SendAsync(httpRequest); if (response.IsSuccessStatusCode) { var data = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeResultModel>(await response.Content.ReadAsStringAsync()); var result = new AuthorizeResponseModel { Success = false }; if (data.DataMap.ECI.Equals("07") || data.DataMap.ECI.Equals("05")) { var transactionDate = DateTime.ParseExact(data.DataMap.TRANSACTION_DATE.ToString(), "yyMMddHHmmss", CultureInfo.InvariantCulture); result.Success = true; result.TransactionId = data.Order.TransactionId; result.TransationDate = transactionDate; result.AuthCode = data.Order.AuthorizationCode; result.Amount = data.Order.Amount; result.AuthorizedAmount = data.Order.AuthorizedAmount; result.OrderNumber = data.Order.PurchaseNumber; result.PlaceHolder = $"{requestMessage.cardHolder.firstName} {requestMessage.cardHolder.lastName}"; result.CardNumber = data.DataMap.CARD; result.Month = requestMessage.card.expirationMonth; result.Year = requestMessage.card.expirationYear; result.CardType = data.DataMap.BRAND; } else { result.Errors = new List <TransactionErrorResponseModel> { new TransactionErrorResponseModel { Code = data.DataMap.ECI, Message = data.DataMap.ECI_DESCRIPTION } }; } return(result); } if (response.StatusCode == System.Net.HttpStatusCode.BadGateway) { return(new AuthorizeResponseModel { Success = false, Errors = new List <TransactionErrorResponseModel> { new TransactionErrorResponseModel { Code = "-1", Message = "BadGateway" } } }); } var jsonError = await response.Content.ReadAsStringAsync(); var errorData = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeFailedResultModel>(jsonError); return(new AuthorizeResponseModel { Success = false, Errors = new List <TransactionErrorResponseModel> { new TransactionErrorResponseModel { Code = errorData.ErrorCode, Message = $"Code: ({errorData.Data.ACTION_CODE}) {errorData.Data.ACTION_DESCRIPTION}. {errorData.ErrorMessage}" } } }); } }
protected void Page_Load(object sender, EventArgs e) { try { if (!this.IsPostBack) { //code说明 : code作为换取access_token的票据,每次用户授权带上的code将不一样,code只能使用一次,5分钟未被使用自动过期。 string code = Request["code"]; string state = Request["state"]; this.lblMsg.Text = "欢迎进入迅灵矿场"; LogHelper.Instance.AddInfoLog("code:" + code + "; state: " + state); if (state == Config.state) { HttpGetReturnModel resultValue = WeiXinHandler.SynGetUserAccessToken(code); if (resultValue.Exception != null) { this.lblMsg.Text = "登录异常,请联系迅灵矿场管理员"; return; } if (resultValue.ResponseError != null) { Session[Config.SESSIONKEY_RESPONSEERROR] = resultValue.ResponseError; Server.Transfer("ErrorPage.aspx"); return; } AuthorizeResponseModel authObj = resultValue.ResponseResult as AuthorizeResponseModel; if (authObj != null) { this.lblMsg.Text = "authObj OK"; Session[Config.SESSIONKEY_AUTHORIZEOBJ] = authObj; resultValue = WeiXinHandler.SyncGetUserInfo(authObj.access_token, authObj.openid); } if (resultValue.Exception != null) { this.lblMsg.Text = "登录异常,请联系迅灵矿场管理员"; return; } if (resultValue.ResponseError != null) { Session[Config.SESSIONKEY_RESPONSEERROR] = resultValue.ResponseError; Server.Transfer("ErrorPage.aspx"); return; } WeiXinUserInfoModel userObj = resultValue.ResponseResult as WeiXinUserInfoModel; Session[Config.SESSIONKEY_WXUSERINFO] = userObj; string ip = System.Web.HttpContext.Current.Request.UserHostAddress; this.lblMsg.Text = "欢迎 " + userObj.nickname + " 进入迅灵矿场"; OperResultObject resultobj = WcfClient.Instance.WeiXinLogin(userObj.openid, userObj.nickname, ip); this.lblMsg.Text = "登录迅灵矿场,结果为:" + OperResult.GetMsg(resultobj.OperResultCode); if (resultobj.OperResultCode == OperResult.RESULTCODE_TRUE) { this.lblMsg.Text = "WeiXinLogin OK"; var player = WcfClient.Instance.GetPlayerByWeiXinOpenID(userObj.openid); this.lblMsg.Text = "player OK"; WebUserInfo userinfo = new WebUserInfo(); userinfo.xlUserID = player.SimpleInfo.UserID; userinfo.xlUserName = player.SimpleInfo.UserName; userinfo.wxOpenID = userObj.openid; // 登录状态100分钟内有效 MyFormsPrincipal <WebUserInfo> .SignIn(userinfo.xlUserName, userinfo, 100); //Session[userinfo.xlUserName] = player; Response.Redirect("View/Index.aspx", false); } else if (resultobj.OperResultCode == OperResult.RESULTCODE_USER_NOT_EXIST || resultobj.OperResultCode == OperResult.RESULTCODE_USERNAME_PASSWORD_ERROR) { Response.Redirect("LoginPage.aspx", false); } else { string message = string.IsNullOrEmpty(resultobj.Message) ? OperResult.GetMsg(resultobj.OperResultCode) : resultobj.Message; Response.Write("<script>alert('登录迅灵矿场失败, 原因为:" + message + "')</script>"); } } else { } } } catch (Exception exc) { this.lblMsg.Text = "WeiXinResponse Exception. " + exc.Message; LogHelper.Instance.AddErrorLog("WeiXinResponse Exception", exc); } }