public OrganisationController(IOrganisationService organisationService,
ISessionIdentity sessionIdentity,
IUserService userService)
: base(sessionIdentity, userService)
{
this.organisationService = organisationService;
}
protected ApplicationTask(ISessionIdentity identity, Action callback, TaskPriority taskPriority, TaskType taskType)
{
Identity = identity;
Callback = callback;
TaskPriority = taskPriority;
TaskType = taskType;
}
private async Task <Session> Get(ISessionIdentity session)
{
if (session == null)
{
throw new ArgumentNullException(nameof(session));
}
return(await this.Context.Session.FirstOrDefaultAsync(x => x.Id == session.Id));
}
private async Task <string> CreateAccessToken(ISessionIdentity identity)
{
var tokenBytes = Encoding.UTF8.GetBytes(Newtonsoft.Json.JsonConvert.SerializeObject(identity));
var encryptedToken = Aes.Encrypt(tokenBytes, encryptionKey);
var hash = Sha256.Hash(tokenBytes);
var tokenSignature = (await keyVaultClient.SignAsync(signKeyIdentifier, JsonWebKeySignatureAlgorithm.RS256, hash)).Result;
return(identity.IdentityType.ToString()
+ "." + Convert.ToBase64String(encryptedToken)
+ "." + Convert.ToBase64String(tokenSignature));
}
public Session(int timeout, ISessionIdentity cqIdentity, params long[] userId)
{
Timeout = timeout;
_sessionId = new SessionId(cqIdentity, userId);
if (Sessions.Keys.Any(item => item.Contains(SessionId)))
{
throw new NotSupportedException("不支持同时两个会话操作。");
}
Sessions.TryAdd(SessionId, new Queue <RouteMessage>());
if (DaylilyCore.Current.SessionDispatcher != null)
{
DaylilyCore.Current.SessionDispatcher.SessionReceived += Session_Received;
}
}
private async Task <IUserAuthenticationToken> TryGetTokenByAcknowledgeCodeAsync(ISessionIdentity identity, IGetUserAuthenticationCodeRequest request)
{
var table = tableClient.GetTableReference(AcknowledgeCodeTableName);
var statusResult = await table.RetrieveAsync <AcknowledgeCodeStatusEntity>(request.Code, 0L.ToString("X16"));
if (statusResult.HttpStatusCode == 404)
{
throw new HttpStatusException("EntityNotFound:AcknowledgeCodeStatus", statusResult.HttpStatusCode)
{
Status = StatusCode.NotFound
}
}
;
if (statusResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:AcknowledgeCodeStatus", statusResult.HttpStatusCode);
}
var statusEntity = statusResult.Entity;
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
if (statusEntity.AvailableAfter < nowTicks)
{
throw new HttpStatusException("Expired:AcknowledgeCodeStatus")
{
Status = StatusCode.NotFound
}
}
;
var codeResult = await table.RetrieveAsync <AcknowledgeCodeEntity>(request.Code, statusEntity.CurrentRowKey);
if (codeResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:AcknowledgeCode", codeResult.HttpStatusCode);
}
var codeEntity = codeResult.Entity;
if (codeEntity.ReqDeviceId != identity.ClientDeviceId || codeEntity.ReqSessionId != identity.ClientSessionId)
{
throw new HttpStatusException(
$"NotMatch:Session(OriginalRequestDeviceId={codeEntity.ReqDeviceId}, IdentityDeviceId={identity.ClientDeviceId}, OriginalRequestSessionId={codeEntity.ReqSessionId}, IdentitySessionId={identity.ClientSessionId})")
{
Status = StatusCode.NotFound
}
}
;
if (codeEntity.ExpireIn < nowTicks)
{
throw new HttpStatusException("Expired:AcknowledgeCode")
{
Status = StatusCode.NotFound
}
}
;
if (codeEntity.Status == (int)StatusCode.Pending)
{
return new UserAuthenticationToken {
Validated = false
}
}
;
if (codeEntity.Status != (int)StatusCode.Confirmed)
{
throw new HttpStatusException($"EntityErrorStatus:AcknowledgeCode(Status={codeEntity.Status})", codeEntity.Status)
{
Status = StatusCode.NotFound
}
}
;
codeEntity.Status = (int)StatusCode.Expired;
var mergeResult = await table.MergeAsync(codeEntity);
if (mergeResult >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:AcknowledgeCode", mergeResult);
}
return(await CreateUserTokenAsync(identity, codeEntity.AckBy, UserVerificationLevel.StrongSignIn));
}
private async Task <IUserAuthenticationCode> AcknowledgeAcknowledgeCodeAsync(ISessionIdentity identity, IAcknowledgeUserAuthenticationCodeRequest request)
{
if (identity.IdentityType != IdentityType.Bot)
{
throw new HttpStatusException($"NotBot:Identity{identity.IdentityType}")
{
Status = StatusCode.Unauthorized
}
}
;
if (string.IsNullOrEmpty(request.Code))
{
throw new HttpStatusException("Empty:AcknowledgeUserAuthenticationCodeRequest.Code")
{
Status = StatusCode.BadRequest
}
}
;
var table = tableClient.GetTableReference(AcknowledgeCodeTableName);
var statusResult = await table.RetrieveAsync <AcknowledgeCodeStatusEntity>(request.Code, 0L.ToString("X16"));
if (statusResult.HttpStatusCode == 404)
{
throw new HttpStatusException("EntityNotFound:AcknowledgeCodeStatus", statusResult.HttpStatusCode)
{
Status = StatusCode.NotFound
}
}
;
if (statusResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:AcknowledgeCodeStatus", statusResult.HttpStatusCode);
}
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
var statusEntity = statusResult.Entity;
if (statusEntity.AvailableAfter < nowTicks)
{
throw new HttpStatusException("Expired:AcknowledgeCodeStatus")
{
Status = StatusCode.NotFound
}
}
;
var rowKey = statusEntity.CurrentRowKey;
var codeResult = await table.RetrieveAsync <AcknowledgeCodeEntity>(request.Code, rowKey);
if (codeResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:AcknowledgeCode", codeResult.HttpStatusCode);
}
var codeEntity = codeResult.Entity;
if (codeEntity.ExpireIn < nowTicks)
{
throw new HttpStatusException("Expired:AcknowledgeCode")
{
Status = StatusCode.NotFound
}
}
;
if (codeEntity.Status != (int)StatusCode.Pending)
{
throw new HttpStatusException("EntityErrorStatus:AcknowledgeCode", codeEntity.Status)
{
Status = StatusCode.NotFound
}
}
;
if (!string.IsNullOrEmpty(codeEntity.TargetUser) && string.Compare(codeEntity.TargetUser, request.AcknowledgeUser, true) != 0)
{
throw new HttpStatusException($"NotMatch:AcknowledgeUserAuthenticationCodeRequest.AcknowledgeUser({codeEntity.TargetUser}, {request.AcknowledgeUser})")
{
Status = StatusCode.NotFound
}
}
;
codeEntity.AckBy = request.AcknowledgeUser;
codeEntity.Ackime = nowTicks;
codeEntity.AckVia = identity.Name;
codeEntity.Status = (int)StatusCode.Confirmed;
var result = await table.MergeAsync(codeEntity);
if (result >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:AcknowledgeCode", result);
}
return(new UserAuthenticationCode
{
Code = codeEntity.PartitionKey,
ExpireIn = codeEntity.ExpireIn,
TargetUser = codeEntity.AckBy
});
}
private async Task <IUserAuthenticationCode> AcknowledgeDirectLoginCodeAsync(ISessionIdentity identity, IAcknowledgeUserAuthenticationCodeRequest request)
{
if (identity.IdentityType != IdentityType.App)
{
throw new HttpStatusException($"NotApp:Identity({identity.IdentityType})")
{
Status = StatusCode.Unauthorized
}
}
;
if (string.IsNullOrEmpty(request.Code) || request.Code.Length != 40)
{
throw new HttpStatusException($"Invalid:AcknowledgeUserAuthenticationCodeRequest.Code({request.Code})")
{
Status = StatusCode.BadRequest
}
}
;
var table = tableClient.GetTableReference(DirectLoginCodeTableName);
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
var result = await table.RetrieveAsync <DirectLoginCodeEntity>(request.Code.Substring(0, 8), request.Code);
if (result.HttpStatusCode == 404)
{
throw new HttpStatusException("EntityNotFound:DirectLoginCode", result.HttpStatusCode)
{
Status = StatusCode.NotFound
}
}
;
if (result.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:DirectLoginCode", result.HttpStatusCode);
}
var codeEntity = result.Entity;
if (codeEntity.ExpireIn < nowTicks)
{
throw new HttpStatusException("Expired:DirectLoginCode")
{
Status = StatusCode.NotFound
}
}
;
if (codeEntity.Status != (int)StatusCode.Pending)
{
throw new HttpStatusException($"EntityErrorStatus:DirectLoginCode(Status={codeEntity.Status})", codeEntity.Status)
{
Status = StatusCode.NotFound
}
}
;
codeEntity.AckDeviceId = identity.ClientDeviceId;
codeEntity.AckSessionId = identity.ClientSessionId;
codeEntity.AckTime = nowTicks;
codeEntity.Status = (int)StatusCode.Confirmed;
var mergeResult = await table.MergeAsync(codeEntity);
if (mergeResult >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:DirectLoginCode", mergeResult);
}
return(new UserAuthenticationCode
{
Code = codeEntity.RowKey,
ExpireIn = codeEntity.ExpireIn,
TargetUser = codeEntity.TargetUser
});
}
private async Task <IUserAuthenticationCode> CreateAcknowledgeCodeAsync(ISessionIdentity identity, ICreateUserAuthenticationCodeRequest request)
{
if (identity.IdentityType != IdentityType.App)
{
throw new HttpStatusException($"NotApp:Identity({identity.IdentityType})")
{
Status = StatusCode.Unauthorized
}
}
;
var table = tableClient.GetTableReference(AcknowledgeCodeTableName);
var retry = true;
while (retry)
{
retry = false;
var code = GenerateCode(6);
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
var expireIn = now.AddMinutes(1).Ticks;
var availableAfter = now.AddMinutes(5).Ticks;
var rowKey = nowTicks.ToString("X16");
var result = await table.RetrieveAsync <AcknowledgeCodeStatusEntity>(code, 0L.ToString("X16"));
if (result.HttpStatusCode >= 400 && result.HttpStatusCode != 404)
{
throw new HttpStatusException("EntityErrorRetrieve:AcknowledgeCodeStatus", result.HttpStatusCode);
}
var statusEntity = result.Entity;
if (statusEntity == null || statusEntity.AvailableAfter < nowTicks)
{
if (statusEntity == null)
{
statusEntity = new AcknowledgeCodeStatusEntity
{
PartitionKey = code,
RowKey = 0L.ToString("X16"),
};
}
statusEntity.CurrentRowKey = rowKey;
statusEntity.AvailableAfter = availableAfter;
var status = await table.InsertOrMergeAsync(statusEntity);
if (status >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:AcknowledgeCodeStatus", status);
}
}
else
{
// not available, just retry
retry = true;
continue;
}
var codeEntity = new AcknowledgeCodeEntity
{
PartitionKey = code,
RowKey = rowKey,
ExpireIn = expireIn,
Status = (int)StatusCode.Pending,
TargetUser = request.TargetUser,
ReqDeviceId = identity.ClientDeviceId,
ReqSessionId = identity.ClientSessionId
};
var insertStatus = await table.InsertAsync(codeEntity);
if (insertStatus >= 400)
{
throw new HttpStatusException("EntityErrorInsert:AcknowledgeCode", insertStatus);
}
return(new UserAuthenticationCode
{
Code = code,
ExpireIn = expireIn,
TargetUser = codeEntity.TargetUser
});
}
throw new NotImplementedException();
}
private async Task <IUserAuthenticationCode> CreateDirectLoginCodeAsync(ISessionIdentity identity, ICreateUserAuthenticationCodeRequest request)
{
if (identity.IdentityType != IdentityType.Bot)
{
throw new HttpStatusException($"NotBot:Identity{identity.IdentityType}")
{
Status = StatusCode.Unauthorized
}
}
;
if (string.IsNullOrEmpty(request.TargetUser))
{
throw new HttpStatusException("Empty:CreateUserAuthenticationCodeRequest.TargetUser")
{
Status = StatusCode.BadRequest
}
}
;
var table = tableClient.GetTableReference(DirectLoginCodeTableName);
var retry = true;
while (retry)
{
retry = false;
var now = DateTime.UtcNow;
var prefix = now.ToString("yyyyMMdd");
var code = prefix + GenerateCode(32);
var expireIn = now.AddMinutes(1).Ticks;
var codeEntity = new DirectLoginCodeEntity
{
PartitionKey = prefix,
RowKey = code,
TargetUser = request.TargetUser,
ExpireIn = expireIn,
ReqVia = identity.Name,
Status = (int)StatusCode.Pending
};
var status = await table.InsertAsync(codeEntity);
if (status == 409)
{
retry = true;
continue;
}
if (status >= 400)
{
throw new HttpStatusException("EntityErrorInsert:DirectLoginCode", status);
}
return(new UserAuthenticationCode
{
Code = code,
ExpireIn = expireIn,
TargetUser = codeEntity.TargetUser
});
}
throw new NotImplementedException();
}
private ISessionIdentity ValidateTokenBearer(ISession session, string token)
{
var parts = token.Split('.');
if (parts.Length != 3)
{
throw new HttpStatusException($"Invalid:Token(Token={token})")
{
Status = StatusCode.Unauthorized
}
}
;
var identityType = IdentityType.Unknown;
switch (parts[0])
{
case "App":
identityType = IdentityType.App;
break;
case "Usr":
identityType = IdentityType.User;
break;
case "Bot":
identityType = IdentityType.Bot;
break;
default:
throw new HttpStatusException($"Invalid:Token.IdentityType(Token={token})")
{
Status = StatusCode.Unauthorized
};
}
var encryptedToken = Convert.FromBase64String(parts[1]);
var decryptedToken = default(byte[]);
try
{
decryptedToken = Aes.Decrypt(encryptedToken, encryptionKey);
}
catch (Exception e)
{
throw new HttpStatusException($"UnableDecrypt:Token(Token={token})", e)
{
Status = StatusCode.Unauthorized
};
}
var hash = Sha256.Hash(decryptedToken);
var sign = Convert.FromBase64String(parts[2]);
if (!Rsa.VerifySha256Hash(hash, sign, jwk.N, jwk.E))
{
throw new HttpStatusException($"ValidateFail:Signature(Token={token})")
{
Status = StatusCode.Unauthorized
}
}
;
var tokenString = Encoding.UTF8.GetString(decryptedToken);
ISessionIdentity identity = default(AnonymousIdentity);
switch (identityType)
{
case IdentityType.App:
identity = Newtonsoft.Json.JsonConvert.DeserializeObject <AppIdentity>(tokenString);
break;
case IdentityType.User:
identity = Newtonsoft.Json.JsonConvert.DeserializeObject <UserIdentity>(tokenString);
break;
case IdentityType.Bot:
//identity = Newtonsoft.Json.JsonConvert.DeserializeObject<BotI>
break;
default:
throw new HttpStatusException($"Invalid:Token.IdentityType(Token={token})")
{
Status = StatusCode.Unauthorized
};
}
//if (identity == null) throw new HttpStatusException("Null:Identity") { Status = StatusCode.Unauthorized };
if (identity.ClientDeviceId != session.ClientDeviceId || identity.ClientSessionId != session.ClientSessionId)
{
throw new HttpStatusException(
$"NotMatch:Session(IdentityDeviceId={identity.ClientDeviceId}, CurrentDeviceId={session.ClientDeviceId}, IdentitySessionId={identity.ClientSessionId}, CurrentSessionId={session.ClientSessionId})")
{
Status = StatusCode.Unauthorized
}
}
;
if (identity.ExpireIn < DateTime.UtcNow.Ticks)
{
throw new HttpStatusException("Expired:Identity")
{
Status = StatusCode.Unauthorized
}
}
;
return(identity);
}
protected ApplicationTask(ISessionIdentity identity, Action callback, TaskType taskType) : this(identity, callback, TaskPriority.Normal, taskType)
{
Identity = identity;
Callback = callback;
}
public DatabaseLogger(ISessionIdentity sessionIdentity)
{
this.sessionIdentity = sessionIdentity;
}
public PipelineController(ISessionIdentity sessionIdentity,
IUserService userService)
: base(sessionIdentity, userService)
{
}
public SessionId(ISessionIdentity identity, long[] userId)
{
Identity = identity;
UserId = userId;
}
public Session(int timeout, ISessionIdentity cqIdentity, params string[] userId) : this(timeout, cqIdentity,
userId.Select(long.Parse).ToArray())
{
}
public SocialPipelineBaseController(ISessionIdentity sessionIdentity, IUserService userService)
{
this.SessionIdentity = sessionIdentity;
this.UserService = userService;
}
public async Task <CinemaApp.Domain.Session> GetAsync(ISessionIdentity session)
{
var result = await this.Get(session);
return(this.Mapper.Map <CinemaApp.Domain.Session>(result));
}
public AuthController(IAuthenticationService authenticationService,
ISessionIdentity sessionIdentity,
IUserService userService)
{
this.authenticationService = authenticationService;
}
private async Task <IUserAuthenticationToken> TryGetTokenByDirectLoginCodeAsync(ISessionIdentity identity, IGetUserAuthenticationCodeRequest request)
{
if (string.IsNullOrEmpty(request.Code) || request.Code.Length != 40)
{
throw new HttpStatusException($"BadRequest:GetUserAuthenticationCodeRequest.Code({request.Code})")
{
Status = StatusCode.BadRequest
}
}
;
var table = tableClient.GetTableReference(DirectLoginCodeTableName);
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
var codeResult = await table.RetrieveAsync <DirectLoginCodeEntity>(request.Code.Substring(0, 8), request.Code);
if (codeResult.HttpStatusCode == 404)
{
throw new HttpStatusException("EntityNotFound:DirectLoginCode", codeResult.HttpStatusCode)
{
Status = StatusCode.NotFound
}
}
;
if (codeResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:DirectLoginCode", codeResult.HttpStatusCode);
}
var codeEntity = codeResult.Entity;
if (codeEntity.ExpireIn < nowTicks)
{
throw new HttpStatusException("Expired:DirectLoginCode")
{
Status = StatusCode.NotFound
}
}
;
if (codeEntity.Status != (int)StatusCode.Confirmed)
{
throw new HttpStatusException($"EntityErrorStatus:DirectLoginCode(Status={codeEntity.Status})", codeEntity.Status)
{
Status = StatusCode.NotFound
}
}
;
codeEntity.Status = (int)StatusCode.Expired;
var mergeResult = await table.MergeAsync(codeEntity);
if (mergeResult >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:DirectLoginCode", mergeResult);
}
return(await CreateUserTokenAsync(identity, codeEntity.TargetUser, UserVerificationLevel.StrongSignIn));
}
public ScheduleTask(ISessionIdentity identity, Action callback, params DateTime[] triggerTime)
: base(identity, callback, TaskType.ScheduleTask)
{
_triggerTimes = new HashSet <DateTime>(triggerTime);
}
public async Task <IUserAuthenticationToken> RefreshTokenAsync(ISessionIdentity identity, IRefreshUserAuthenticationTokenRequest request)
{
if (identity == null || !identity.IsAuthenticated)
{
throw new HttpStatusException("Unauthorized:Identity")
{
Status = StatusCode.Unauthorized
}
}
;
if (identity.IdentityType != IdentityType.App)
{
throw new HttpStatusException($"NotApp:Identity({identity.IdentityType})")
{
Status = StatusCode.Unauthorized
}
}
;
var token = request.RefreshToken;
if (string.IsNullOrEmpty(token) || token.Length != 32)
{
throw new HttpStatusException($"BadRequest:RefreshUserAuthenticationTokenRequest.RefreshToken({token})")
{
Status = StatusCode.BadRequest
}
}
;
var partitionKey = token.Substring(0, 8);
var now = DateTime.UtcNow;
var nowTicks = now.Ticks;
var table = tableClient.GetTableReference(RefreshTokenTableName);
var tokenResult = await table.RetrieveAsync <RefreshTokenEntity>(partitionKey, token);
if (tokenResult.HttpStatusCode == 404)
{
throw new HttpStatusException("EntityNotFound:RefreshToken", tokenResult.HttpStatusCode)
{
Status = StatusCode.NotFound
}
}
;
if (tokenResult.HttpStatusCode >= 400)
{
throw new HttpStatusException("EntityErrorRetrieve:RefreshToken", tokenResult.HttpStatusCode);
}
var tokenEntity = tokenResult.Entity;
if (tokenEntity.ClaimTime != 0L)
{
throw new HttpStatusException($"EntityErrorStatus:RefreshToken(ClaimTime={tokenEntity.ClaimTime})")
{
Status = StatusCode.NotFound
}
}
;
if (tokenEntity.ExpireTime < nowTicks)
{
throw new HttpStatusException("Expired:RefreshToken")
{
Status = StatusCode.NotFound
}
}
;
tokenEntity.ClaimTime = nowTicks;
var mergeResult = await table.MergeAsync(tokenEntity);
if (mergeResult >= 400)
{
throw new HttpStatusException("EntityErrorUpdate:RefreshToken", mergeResult);
}
return(await CreateUserTokenAsync(identity, tokenEntity.TargetUser, identity.ClientSessionId == tokenEntity.SessionId?UserVerificationLevel.StrongSignIn : UserVerificationLevel.AutoSignIn));
}
public Task <Session> GetAsync(ISessionIdentity id)
{
return(this.SessionDAL.GetAsync(id));
}
public IntervalTask(ISessionIdentity identity, Action callback, TimeSpan interval) : base(identity, callback, TaskType.IntervalTask)
{
Interval = interval;
}
public UsersController(ISessionIdentity sessionIdentity,
IUserService userService)
: base(sessionIdentity, userService)
{
this.userService = userService;
}
