public HttpResponseMessage Register1(String hsId, [FromBody] UserAuthenticationRequest hsRequest) { dynamic eo = new ExpandoObject(); HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized")); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found")); if (RegDateOfBirth.IsMatch(hsRequest.DateOfBirth)) { using (var gefae = new GetEnrollmentsForAllEmployers()) { hsRequest.LastFourSsn = hsRequest.LastFourSsn.Trim().Length > 4 ? hsRequest.LastFourSsn.Substring(hsRequest.LastFourSsn.Length - 4, 4) : hsRequest.LastFourSsn; gefae.LastName = hsRequest.LastName; gefae.LastFour = hsRequest.LastFourSsn; //DateTime birthDate = DateTime.Parse(hsRequest.DateOfBirth); //gefae.DateOfBirth = string.Format("{0}-{1}-{2}", birthDate.Year, birthDate.Month, birthDate.Day); gefae.DateOfBirth = hsRequest.DateOfBirth; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { DataRow dr = gefae.Tables[0].Rows[0]; int cchid = dr.GetData <int>("CCHID"); int employerId = dr.GetData <int>("employerid"); string connString = dr.GetData("connectionstring"); //UserAccess Check dstrickland 7/8/2015 using (var cpaa = new CheckPersonApplicationAccess(cchid, connString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture)); e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture)); e.Add("UserID", hsId); ((IDictionary <string, object>)eo)["AuthHash"] = e.ToString(); hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject)); //LogUserLoginHistory(null, cchid, connString); } } } } return(hrm); }
public HttpResponseMessage GetMemberAuthorization(int employerId, int cchId, String hsId) { dynamic eo = new ExpandoObject(); HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized")); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Member with CCH ID was Not Found")); using (GetEmployerConnString gecs = new GetEmployerConnString(employerId)) { //UserAccess Check dstrickland 7/8/2015 using (var cpaa = new CheckPersonApplicationAccess(cchId, gecs.ConnString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } using (GetKeyEmployeeInfoByCchId gkeibc = new GetKeyEmployeeInfoByCchId()) { gkeibc.CchId = cchId; gkeibc.GetData(gecs.ConnString); if (gkeibc.Tables.Count > 0 && gkeibc.Tables[0].Rows.Count > 0) { e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("CCHID", cchId.ToString()); e.Add("EmployerID", employerId.ToString()); e.Add("UserID", hsId); ((IDictionary <string, object>)eo)["AuthHash"] = e.ToString(); hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject)); //InsertAuditTrail(cchId, hsId, // "Animation CCHID Login", Request.RequestUri.Host, gecs.ConnString); string userName = gkeibc.Tables[0].Rows[0].GetData("Email"); //LogUserLoginHistory(userName, cchId, gecs.ConnString); } } } } return(hrm); }
public HttpResponseMessage PasswordReset1(UserAuthenticationRequest request) { var e = new CCHEncrypt(); dynamic data = new ExpandoObject(); using (GetEmployerConnString gecs = new GetEmployerConnString(Request.EmployerID())) { using (GetUserContentPreference gucp = new GetUserContentPreference()) { gucp.CCHID = Request.CCHID(); gucp.GetData(gecs.ConnString); data.ContactPhoneNumber = gucp.ContactPhoneNumber; } using (GetEmployeeByCchIdForCallCenter gebcfcc = new GetEmployeeByCchIdForCallCenter()) { gebcfcc.CchId = Request.CCHID(); gebcfcc.GetData(gecs.ConnString); if (request.UserName == gebcfcc.Email && request.LastFourSsn == gebcfcc.MemberSsn) { data.Success = true; e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("EmployerID", Request.EmployerID().ToString()); e.Add("UserID", Request.UserID()); e.Add("UserName", request.UserName); e.Add("CCHID", Request.CCHID().ToString()); string authHash = e.ToString(); //data.AuthHash = authHash; } else { data.Fail = true; data.ErrorMessage = "Email or SSN does Not Match"; } } } HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data); return(hrm); }
public HttpResponseMessage PostHash(String hsID, [FromBody] HandshakeRequest hsRequest) { Handshake h = new Handshake(); Boolean providerActive = false, providerIsPartner = false; int employerID = 0; string cnxString = ""; CCHEncrypt e = new CCHEncrypt(); using (ValidateMobilePartner vmp = new ValidateMobilePartner(hsID, hsRequest.OrganizationID)) { vmp.ForEachProvider(delegate(Boolean valid, Boolean isPartner, int empId, string cnx, string un) { providerActive = valid; providerIsPartner = isPartner; employerID = empId; cnxString = cnx; Request.UserName(un); MembershipUser mu = Membership.GetUser(un, true); Request.UserID(mu.ProviderUserKey.ToString()); }); } if (providerActive && providerIsPartner) { e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("UserID", Request.UserID()); e.Add("EmployerID", employerID.ToString()); using (GetPartnerEmployeeInfoByName gpeibn = new GetPartnerEmployeeInfoByName()) { gpeibn.FirstName = hsRequest.FirstName; gpeibn.LastName = hsRequest.LastName; gpeibn.DOB = hsRequest.DOB; gpeibn.SubscriberMedicalID = hsRequest.MedicalID; //gpeibn.RelationshipCode = hsRequest.RelationshipCode; gpeibn.GetData(cnxString); if (gpeibn.Tables.Count == 0 || gpeibn.Tables[0].Rows.Count == 0 || gpeibn.Tables[0].Rows[0][0].ToString() == string.Empty) { return(Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found"))); } //UserAccess Check dstrickland 7/8/2015 using (var cpaa = new CheckPersonApplicationAccess(gpeibn.CCHID, cnxString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } e.Add("CCHID", gpeibn.CCHID.ToString()); gpeibn.ForEach <Handshake.EmployeeInfoData>( delegate(Handshake.EmployeeInfoData eid) { h.EmployeeInfo = eid; } ); //CreateLoginAudit(Request.UserName(), Request.RequestUri.Host.ToString(), gpeibn.CCHID, cnxString); using (InsertUserLoginHistory iulh = new InsertUserLoginHistory()) { iulh.UserName = Request.UserName(); iulh.CCHID = gpeibn.CCHID; iulh.Domain = Request.RequestUri.Host; iulh.CchApplicationId = 2; // 1 is for Transparency App; 2 is for HR App iulh.PostData(cnxString); } } h.AuthHash = e.ToString(); return(this.Request.CreateResponse <Handshake>(HttpStatusCode.OK, h)); } else { return(this.Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
public HttpResponseMessage GetHash(String hsID) { HandshakeMobile h = new HandshakeMobile(); Boolean providerActive = false; CCHEncrypt e = new CCHEncrypt(); using (ValidateMobileProvider vmp = new ValidateMobileProvider(hsID)) vmp.ForEachProvider(delegate(Boolean valid) { if (valid) { providerActive = true; } }); if (providerActive) { e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("UserID", Request.UserID()); using (GetKeyUserInfo gkui = new GetKeyUserInfo(Request.UserName())) { e.Add("EmployerID", gkui.EmployerID); h.EmployerName = gkui.EmployerName; using (GetKeyEmployeeInfo gkei = new GetKeyEmployeeInfo()) { //UserAccess Check dstrickland 7/8/2015 using (var cpaa = new CheckPersonApplicationAccess(gkei.CCHID, gkui.CnxString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } gkei.Email = Request.UserName(); gkei.GetData(gkui.CnxString); e.Add("CCHID", gkei.CCHID.ToString()); gkei.ForEach <HandshakeMobile.EmployeeInfoData>( delegate(HandshakeMobile.EmployeeInfoData eid) { h.EmployeeInfo = eid; } ); } } using (GetEmployerConnString gecs = new GetEmployerConnString(Convert.ToInt32(e["EmployerID"]))) { using (InsertUserLoginHistory iulh = new InsertUserLoginHistory()) { iulh.UserName = Request.UserName(); iulh.Domain = Request.RequestUri.Host; iulh.CchApplicationId = 2; // 1 is for Transparency App; 2 is for HR App iulh.PostData(gecs.ConnString); } } h.AuthHash = e.ToString(); return(this.Request.CreateResponse <HandshakeMobile>(HttpStatusCode.OK, h)); } else { return(this.Request.CreateResponse(HttpStatusCode.NoContent)); } }
public HttpResponseMessage GetAuthMemberData(String hsId, [FromBody] AuthMemberDataRequest hsRequest) { HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found")); using (var gefae = new GetEnrollmentsForAllEmployers()) { gefae.LastName = hsRequest.LastName; gefae.LastFour = hsRequest.LastFourSsn; gefae.DateOfBirth = hsRequest.DateOfBirth; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { DataRow dr = gefae.Tables[0].Rows[0]; int cchid = dr.GetData <int>("CCHID"); string cnxString = dr.GetData("ConnectionString"); int employerId = dr.GetData <int>("employerid"); //UserAccess Check dstrickland 7/7/2015 using (var cpaa = new CheckPersonApplicationAccess(cchid, cnxString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture)); e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture)); string authHash = e.ToString(); if (employerId > 0) { CreateLoginAudit(hsId, Request.RequestUri.Host.ToString(CultureInfo.InvariantCulture), cchid, cnxString); hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("Video Data Not Found")); using (var gvcmi = new GetVideoCampaignMemberIdByCchId()) { gvcmi.CampaignId = hsRequest.CampaignId; gvcmi.CchId = cchid; gvcmi.GetData(cnxString); if (!gvcmi.HasThrownError && !string.IsNullOrEmpty(gvcmi.VideoCampaignMemberId)) { using (var gvcmd = new GetVideoCampaignMemberDataById()) { gvcmd.VideoCampaignMemberId = gvcmi.VideoCampaignMemberId; gvcmd.GetData(cnxString); if (!gvcmd.HasThrownError) { string videoMemberData = gvcmd.VideoMemberData; string resultset = string.Format("\"AuthHash\":\"{0}\",\"MemberData\":{1}", authHash, videoMemberData); resultset = string.Concat("{", resultset, "}"); hrm = new HttpResponseMessage(HttpStatusCode.OK) { RequestMessage = Request, Content = new StringContent(resultset), StatusCode = HttpStatusCode.OK }; } } } } } } } } return(hrm); }
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.Forbidden); TaskCompletionSource <HttpResponseMessage> tcs = new TaskCompletionSource <HttpResponseMessage>(); tcs.SetResult(response); String AuthString = ""; if (request.Headers.Contains("AuthHash")) { AuthString = request.Headers.GetValues("AuthHash").ToArray()[0].ToString(); } else { NameValueCollection nvc = request.RequestUri.ParseQueryString(); if (nvc.AllKeys.Length == 0) { return(tcs.Task); } if (!nvc.AllKeys.Contains("z")) { return(tcs.Task); } AuthString = nvc.GetValues("z")[0].ToString(); } if (String.IsNullOrWhiteSpace(AuthString)) { return(tcs.Task); } CCHEncrypt c = new CCHEncrypt( AuthString, request.EncryptionKey(), Properties.Settings.Default.SecretKey ); if (!c.Keys.Contains <String>("CCHID")) { return(tcs.Task); } request.CCHID(Convert.ToInt32(c["CCHID"].ToString())); if (!c.Keys.Contains <String>("UserID")) { return(tcs.Task); } request.UserID(c["UserID"].ToString()); if (!c.Keys.Contains <String>("EmployerID")) { return(tcs.Task); } request.EmployerID(Convert.ToInt32(c["EmployerID"].ToString())); if (c.Keys.Contains <String>("UserName")) { request.UserName(c["UserName"].ToString()); } if (c.Keys.Contains <String>("ConnectionString")) { request.ConnectionString(c["ConnectionString"].ToString()); } return(base.SendAsync(request, cancellationToken)); }
private bool ProcessAuthHash(HttpActionContext context) { var request = context.Request; var authHash = string.Empty; if (request.Headers.Contains("AuthHash")) { authHash = request.Headers.GetValues("AuthHash").ToArray()[0].ToString(); } else { var nvc = request.RequestUri.ParseQueryString(); if (nvc.AllKeys.Length == 0) { context.Response = context.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Authorization required."); return(false); } if (!nvc.AllKeys.Contains("z")) { context.Response = context.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Authorization required."); return(false); } authHash = nvc.GetValues("z")[0].ToString(); } if (string.IsNullOrWhiteSpace(authHash)) { context.Response = context.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Authorization required."); return(false); } var c = new CCHEncrypt( authHash, request.EncryptionKey(), Properties.Settings.Default.SecretKey ); if (c.Keys.Contains <String>("CCHID")) { request.CCHID(Convert.ToInt32(c["CCHID"].ToString())); } if (c.Keys.Contains <String>("UserID")) { request.UserID(c["UserID"].ToString()); } if (c.Keys.Contains <String>("EmployerID")) { request.EmployerID(Convert.ToInt32(c["EmployerID"].ToString())); } if (c.Keys.Contains <String>("UserName")) { request.UserName(c["UserName"].ToString()); } return(true); }
public HttpResponseMessage Register2(String hsId, [FromBody] UserAuthenticationRequest hsRequest) { dynamic eo = new ExpandoObject(); HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized")); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found")); using (GetEmployerConnString gecs = new GetEmployerConnString(Request.EmployerID())) { const string employeeQuery = "SELECT CONVERT(varchar(10), DateOfBirth, 111) AS DateOfBirthText, * FROM Enrollments WHERE CCHID = @CchId"; using (var employeeDb = new DataBase(employeeQuery, true)) { employeeDb.AddParameter("CchId", Request.CCHID()); employeeDb.GetData(gecs.ConnString); if (employeeDb.Tables.Count > 0 && employeeDb.Tables[0].Rows.Count > 0) { hsRequest.FirstName = employeeDb.Tables[0].Rows[0].GetData("FirstName"); hsRequest.LastName = employeeDb.Tables[0].Rows[0].GetData("LastName"); hsRequest.LastName = hsRequest.LastName.Replace("_", " "); hsRequest.DateOfBirth = employeeDb.Tables[0].Rows[0].GetData("DateOfBirthText"); hsRequest.LastFourSsn = employeeDb.Tables[0].Rows[0].GetData("MemberSsn"); hsRequest.MedicalId = employeeDb.Tables[0].Rows[0].GetData("MemberMedicalId"); string fullName = string.Format("{0} {1}", hsRequest.FirstName, hsRequest.LastName); string mobilePhone = hsRequest.MobilePhone; string alternatePhone = hsRequest.Phone; eo.UserName = hsRequest.UserName; eo.DisplayName = fullName; eo.MobilePhone = mobilePhone; eo.AlternatePhone = alternatePhone; using (GetUserContentPreference gucp = new GetUserContentPreference()) { gucp.CCHID = Request.CCHID(); gucp.GetData(gecs.ConnString); eo.SmsInd = gucp.SmsInd; eo.EmailInd = gucp.EmailInd; eo.OsBasedAlertInd = gucp.OsBasedAlertInd; eo.LocaleCode = gucp.LocaleCode; eo.PreferredContact = gucp.ContactPhoneNumber; } MembershipCreateStatus status; if (CreateNewMemberAccount(email: hsRequest.UserName, firstName: hsRequest.FirstName, lastName: hsRequest.LastName, phone: hsRequest.Phone, secretQuestionId: hsRequest.SecretQuestionId, secretAnswer: hsRequest.SecretAnswer, password: hsRequest.Password, mobilePhone: hsRequest.MobilePhone, cchid: Request.CCHID(), employerId: Request.EmployerID(), cnxString: gecs.ConnString, status: out status)) { var membershipUser = Membership.GetUser(hsRequest.UserName); if (membershipUser != null) { if (membershipUser.ProviderUserKey != null) { eo.Question = membershipUser.PasswordQuestion; string aspUserId = membershipUser.ProviderUserKey.ToString(); e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("UserID", aspUserId); e.Add("CCHID", Request.CCHID().ToString()); e.Add("EmployerID", Request.EmployerID().ToString()); e.Add("UserName", hsRequest.UserName); //((IDictionary<string, object>) eo)["AuthHash"] = e.ToString(); //hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject)); eo.AuthHash = e.ToString(); hrm = Request.CreateResponse(HttpStatusCode.OK, (object)eo); //InsertAuditTrail(Request.CCHID(), aspUserId, // "Animation Register", Request.RequestUri.Host, gecs.ConnString); LogUserLoginHistory(hsRequest.UserName, Request.CCHID(), gecs.ConnString); } } } else { switch (status) { case MembershipCreateStatus.DuplicateUserName: hrm = Request.CreateErrorResponse(HttpStatusCode.Conflict, new Exception("Member Account already exists")); break; default: hrm = Request.CreateErrorResponse(HttpStatusCode.InternalServerError, new Exception("Error in creating new Member Account")); break; } } } } } } return(hrm); }
public HttpResponseMessage PasswordReset0(UserAuthenticationRequest request) { var e = new CCHEncrypt(); dynamic data = new ExpandoObject(); using (GetUserProfileByEmail gupbe = new GetUserProfileByEmail()) { gupbe.Email = request.UserName; gupbe.GetFrontEndData(); int employerId = Convert.ToInt32(gupbe.EmployerId); using (GetEmployerConnString gecs = new GetEmployerConnString(employerId)) { using (GetKeyEmployeeInfo gkei = new GetKeyEmployeeInfo()) { gkei.Email = request.UserName; gkei.GetData(gecs.ConnString); if (gkei.Tables.Count > 0 && gkei.Tables[0].Rows.Count > 0) { int cchId = gkei.Tables[0].Rows[0].GetData <int>("CCHID"); using (GetUserContentPreference gucp = new GetUserContentPreference()) { gucp.CCHID = cchId; gucp.GetData(gecs.ConnString); data.ContactPhoneNumber = gucp.ContactPhoneNumber; } using (GetEmployeeByCchIdForCallCenter gebcfcc = new GetEmployeeByCchIdForCallCenter()) { gebcfcc.CchId = cchId; gebcfcc.GetData(gecs.ConnString); if (request.UserName.ToLower() == gebcfcc.Email.ToLower() && request.FullSsn.Trim() == gebcfcc.MemberFullSsn) { var membershipUser = Membership.GetUser(request.UserName); if (membershipUser != null) { if (membershipUser.ProviderUserKey != null) { e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("UserName", request.UserName); e.Add("CCHID", gkei.CCHID.ToString()); e.Add("EmployerID", employerId.ToString()); string aspUserId = membershipUser.ProviderUserKey.ToString(); e.Add("UserID", aspUserId); data.AuthHash = e.ToString(); data.Question = membershipUser.PasswordQuestion; data.Success = true; } else { data.Fail = true; data.ErrorMessage = "Provider User Key does Not Exist"; } } else { data.Fail = true; data.ErrorMessage = "Member Account does Not Exist"; } } else { data.Fail = true; data.ErrorMessage = "Email or SSN does Not Match"; } } } else { data.Fail = true; data.ErrorMessage = "Key Employee Info is Missing"; } } } } HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data); return(hrm); }
public HttpResponseMessage Login(String hsId, [FromBody] UserAuthenticationRequest hsRequest) { var hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized")); var e = new CCHEncrypt(); dynamic data = new ExpandoObject(); if (!ValidateConsumer.IsValidConsumer(hsId)) { LogUtil.Log(string.Format("Login failed. Inavlid Handshake Id {0}", hsId), LogLevel.Info); return(hrm); } hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User Name and Password Do Not Match")); if (!Membership.ValidateUser(hsRequest.UserName, hsRequest.Password)) { // This can also happen if the account is locked. Check to see if it is locked // and return an appropriate error message. if (IsUserLocked(hsRequest.UserName)) { LogUtil.Log(string.Format("Login failed for user {0}. Account is locked.", hsRequest.UserName), LogLevel.Info); hrm = Request.CreateErrorResponse(HttpStatusCode.Forbidden, new Exception("Account locked")); } else { LogUtil.Log(string.Format("Login failed for user {0}. Credentials failed membership validation.", hsRequest.UserName), LogLevel.Info); } return(hrm); } using (var employerDb = new DataBase(EMPLOYER_QUERY, true)) { employerDb.AddParameter("Email", hsRequest.UserName); employerDb.GetFrontEndData(); hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User Profile was Not Found")); if (employerDb.Tables.Count < 1 || employerDb.Tables[0].Rows.Count < 1) { LogUtil.Log(string.Format("Login failed for user {0}. User Profile was not found.", hsRequest.UserName), LogLevel.Info); return(hrm); } e.Add("EmployerID", employerDb.Tables[0].Rows[0].GetData("employerId")); using (var gkei = new GetKeyEmployeeInfo()) { gkei.Email = hsRequest.UserName; string cnxString = employerDb.Tables[0].Rows[0].GetData("connectionString"); gkei.GetData(cnxString); hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Employee Info on User Name was Not Found")); if (gkei.Tables.Count < 1 || gkei.Tables[0].Rows.Count < 1) { LogUtil.Log(string.Format("Login failed for user {0}. Employee Info was not found.", hsRequest.UserName), LogLevel.Info); return(hrm); } //UserAccess Check dstrickland 7/7/2015 using (var cpaa = new CheckPersonApplicationAccess(gkei.CCHID, cnxString)) { if (!cpaa.HasAccess) { LogUtil.Log(string.Format("Login failed for user {0}. User does not have acces to AppId 2.", hsRequest.UserName), LogLevel.Info); return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } var firstName = gkei.Tables[0].Rows[0].GetData("FirstName"); var lastName = gkei.Tables[0].Rows[0].GetData("LastName"); var fullName = string.Format("{0} {1}", firstName, lastName); var mobilePhone = gkei.Tables[0].Rows[0].GetData("MobilePhone"); var alternatePhone = gkei.Tables[0].Rows[0].GetData("Phone"); using (var gucp = new GetUserContentPreference()) { gucp.CCHID = gkei.CCHID; gucp.GetData(cnxString); data.SmsInd = gucp.SmsInd; data.EmailInd = gucp.EmailInd; data.OsBasedAlertInd = gucp.OsBasedAlertInd; data.LocaleCode = gucp.LocaleCode; data.PreferredContact = gucp.ContactPhoneNumber; hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data); } var membershipUser = Membership.GetUser(hsRequest.UserName); if (membershipUser != null && membershipUser.ProviderUserKey != null) { e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("UserName", hsRequest.UserName); e.Add("CCHID", gkei.CCHID.ToString()); string aspUserId = membershipUser.ProviderUserKey.ToString(); e.Add("UserID", aspUserId); string authHash = e.ToString(); data.AuthHash = authHash; data.UserName = hsRequest.UserName; data.DisplayName = fullName; data.MobilePhone = mobilePhone; data.AlternatePhone = alternatePhone; data.Question = membershipUser.PasswordQuestion; hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data); LogUserLoginHistory(hsRequest.UserName, gkei.CCHID, cnxString); //Load accumulations for all dependents Task.Run(async() => await LoadEmployeeAndDependentsAccumulationsAsync( Int32.Parse(employerDb.Tables[0].Rows[0].GetData("employerId")), Int32.Parse(gkei.CCHID.ToString()))); } } } return(hrm); }
/// <summary> /// Accepts a CCHEncrypt object that has the keys already set and encrypts the TaxId field of a data row /// </summary> /// <param name="dr">The data row containing the Tax Id field to encrypt</param> /// <param name="ce">The CCHEncrypt object used to encrypt the string</param> /// <returns>String: Encrypted Tax ID</returns> public static String EncryptTaxID(this DataRow dr, CCHEncrypt ce) { ce["TaxID"] = dr.GetData("TaxId"); return(ce.ToString()); }