public IActionResult Sign(string partnerCode, string input) { _external.SetPartnerCode(); var t1 = _external.GetInfoUser("0000000043"); var t2 = _external.PayIn("0170013731", "0000000043", 1000, "test"); _encrypt.SetKey(partnerCode); var signed = _encrypt.EncryptData(input, ""); return(Ok(signed)); }
public bool PayIn(string source, string dest, decimal amount, string message) { long timestamp = ((DateTimeOffset)DateTime.UtcNow).ToUnixTimeSeconds(); string hash = Encrypting.HMD5Hash($"{_partnerCode}|{timestamp.ToString()}|{source}|{dest}|{(int)amount}|{message}", _secretKey); _encrypt.SetKey(_setting.BankCode); var obj = new { from_account_number = source, to_account_number = dest, amount = amount, message = message }; var headers = new Dictionary <string, string>() { { "partner_code", _partnerCode }, { "timestamp", timestamp.ToString() }, { "hash", hash }, { "signature", _encrypt.EncryptData(hash, _secretKey) } }; var info = CallAPIHelper.CallAPI <ExternalBankRes <ExternalTransferMoneyResponse> >(string.Concat(_url, "api/transactions/receive_external"), "POST", obj, headers, addQueryParams: true); if (info != null) { return(info.data.is_success); } else { return(false); } }
public override List <ICardDetails> Select() { try { bool Response = new Security(UserProfileObj).AuthenticateUser(); if (Response == true) { List <ICardDetails> DecryptedCardDetailsList = new List <ICardDetails>(); foreach (ICardDetails EncryptedCardObj in CardDetailsDataLayerObj.Select()) { ICardDetails DecryptedCardDetails = new CardDetails(); AESObj.SetIV(EncryptedCardObj.GetIV()); AESObj.SetKey(EncryptedCardObj.GetDecryptionKey()); DecryptedCardDetails.SetCardID(EncryptedCardObj.GetCardID()); DecryptedCardDetails.SetName(AESObj.Decrypt(EncryptedCardObj.GetName())); DecryptedCardDetails.SetCardNumber(AESObj.Decrypt(EncryptedCardObj.GetCardNumber()).ToString()); DecryptedCardDetails.SetExpiryMonth(AESObj.Decrypt(EncryptedCardObj.GetExpiryMonth())); DecryptedCardDetails.SetExpiryYear(AESObj.Decrypt(EncryptedCardObj.GetExpiryYear())); DecryptedCardDetails.SetCvv(AESObj.Decrypt(EncryptedCardObj.GetCvv())); DecryptedCardDetailsList.Add(DecryptedCardDetails); } return(DecryptedCardDetailsList); } else { return(null); } } catch (NullReferenceException nex) { Logger.Instance().Log(Warn.Instance(), new LogInfo("Received null reference while fetching card details (Routine : AuthenticateUser), might be token manipulation. Check token : " + UserProfileObj.GetToken())); throw nex; } catch (Exception ex) { Logger.Instance().Log(Fatal.Instance(), ex); throw ex; } }
/// <summary> /// /// </summary> /// <param name="request"></param> /// <returns></returns> private Tuple <int, string> CheckBasicAuthenForPartner(HttpRequest request) { StringBuilder log = new StringBuilder(); Tuple <int, string> result = new Tuple <int, string>(1, "success"); try { try { log.AppendLine(request.Path.Value); log.AppendLine(JsonConvert.SerializeObject(request.Headers)); var task = Task.Run(() => ReadRequestBody(request)).GetAwaiter(); log.AppendLine(task.GetResult()); } catch (Exception) { log.AppendLine("null body"); } var keys = new[] { "f936792f71344a6eabf773f18e2694e4", "99793bb9137042a3a7f15950f1215950",// khuê "bkt.partner" }; long timestampReq = long.Parse(request.Query["timestamp"].ToString()); string keyReq = request.Query["partner_code"].ToString(); string checksumReq = request.Query["hash"].ToString(); // A kiểm tra lời gọi api có phải xuất phát từ B (đã đăng ký liên kết từ trước) hay không if (!keys.Any(x => x.Equals(keyReq))) { return(new Tuple <int, string>(400, "partner_code invalid")); } // A kiểm tra xem lời gọi này là mới hay là thông tin cũ đã quá hạn long timestamp = ((DateTimeOffset)DateTime.UtcNow.AddMinutes(-180)).ToUnixTimeSeconds(); if (timestamp > timestampReq) { return(new Tuple <int, string>(400, "timestamp expired")); } // Check toàn vẹn dữ liệu if (request.Method.Equals("POST")) { if (request.Path.Value.ToLower().Contains("api/transactions/receive_external".ToLower())) { var infoPartner = _linkingBank.GetLinkingBankById(new Models.Filters.LinkingBankFilter() { Code = keyReq }); if (infoPartner == null) { return(new Tuple <int, string>(500, "internal server error")); } var task = Task.Run(() => ReadRequestBody(request)).GetAwaiter(); var temp = task.GetResult(); var obj = JsonConvert.DeserializeObject <TransferMoneyRequest>(temp); string secretKey = infoPartner.SecretKey; string input = $"{keyReq}|{timestampReq}|{obj.from_account_number}|{obj.to_account_number}|{(int)obj.amount}|{obj.message}"; if (!Encrypting.HMD5Verify(input, checksumReq, secretKey)) { log.Append("Hash: false"); return(new Tuple <int, string>(400, "hash invalid")); } // Nếu là controller partners thì check thêm mã hóa bất đối xứng string encrypt = request.Query["signature"].ToString(); if (!string.IsNullOrWhiteSpace(encrypt)) { string hash = Encrypting.HMD5Hash(input, secretKey); _encrypt.SetKey(keyReq); if (_encrypt.DecryptData(encrypt, hash)) { return(result); } else { log.Append("DecryptData: false"); return(new Tuple <int, string>(400, "signature invalid")); } } else { log.Append("DecryptData: false"); return(new Tuple <int, string>(400, "signature invalid")); } } else if (request.Path.Value.ToLower().Contains("api/transactions/query_info".ToLower())) { var infoPartner = _linkingBank.GetLinkingBankById(new Models.Filters.LinkingBankFilter() { Code = keyReq }); if (infoPartner == null) { return(new Tuple <int, string>(500, "internal server error")); } var task = Task.Run(() => ReadRequestBody(request)).GetAwaiter(); var temp = task.GetResult(); var obj = JsonConvert.DeserializeObject <InfoUserRequest>(temp); string secretKey = infoPartner.SecretKey; string hash = $"{keyReq}|{timestampReq}|{obj.account_number}"; if (!Encrypting.HMD5Verify(hash, checksumReq, secretKey)) { log.Append("Hash: false"); return(new Tuple <int, string>(400, "hash invalid")); } } else { return(new Tuple <int, string>(400, "invalid url")); } } } catch (Exception ex) { log.Append(ex.Message); return(new Tuple <int, string>(500, "internal server error")); } finally { LoggingTxt.InsertLog(log.ToString()); } return(result); }