/// <summary> /// Generates an authentication token if the payload and credentails are valid. /// <para> /// @author: Brian Fann /// @updated: 4/24/18 /// </para> /// </summary> /// <returns>An authentication token with the user's data</returns> public ResponseDto <AuthenticationTokenDto> ManageLoginToken() { var mappingResult = MapRequestJwtPayloadToSsoJwtPayload(); if (mappingResult.Error != null) { // Store invalid token into database StoreInvalidToken(); return(new ResponseDto <AuthenticationTokenDto>() { Error = mappingResult.Error }); } _ssoToken.SsoTokenPayloadDto = mappingResult.Data; // Validate payload var payload = _ssoToken.SsoTokenPayloadDto; var payloadValidationStrategy = new SsoTokenRegistrationValidationStrategy(_ssoToken); var payloadResult = payloadValidationStrategy.ExecuteStrategy(); if (!payloadResult.Data) { StoreInvalidToken(); return(new ResponseDto <AuthenticationTokenDto>() { Error = payloadResult.Error }); } // Validate user's credentials var isCredentialsValid = ValidateCredentials(payload); if (!isCredentialsValid.Data) { return(new ResponseDto <AuthenticationTokenDto>() { Error = isCredentialsValid.Error }); } // Ensure token is only used once. var isTokenUnused = StoreValidToken(); if (!isTokenUnused.Data) { return(new ResponseDto <AuthenticationTokenDto>() { Error = isTokenUnused.Error }); } return(new AuthenticationTokenManager().CreateToken(payload.Username)); }
/// <summary> /// The ManageToken method. /// Applies business logic to a token coming from the Single Sign On client for registration. /// <para> /// @author: Jennifer Nguyen /// @updated: 03/22/2018 /// </para> /// </summary> /// <returns>ResponseDto with a UserAccountDto</returns> public ResponseDto <UserAccountDto> ManageRegistrationToken() { // Map payload keys to SsoPayload model var mappingResult = MapRequestJwtPayloadToSsoJwtPayload(); if (mappingResult.Error != null) { // Store invalid token into database StoreInvalidToken(); return(new ResponseDto <UserAccountDto>() { Error = mappingResult.Error }); } _ssoToken.SsoTokenPayloadDto = mappingResult.Data; // Validate token after applying business logic var ssoTokenRegistrationValidationStrategy = new SsoTokenRegistrationValidationStrategy(_ssoToken); var result = ssoTokenRegistrationValidationStrategy.ExecuteStrategy(); if (!result.Data) { // Store invalid token into database StoreInvalidToken(); return(new ResponseDto <UserAccountDto>() { Error = result.Error }); } // Store valid token into database using (var ssoGateway = new SsoGateway()) { var gatewayResult = ssoGateway.StoreValidSsoToken(new ValidSsoToken(_ssoToken.Token)); if (gatewayResult.Error != null) { return(new ResponseDto <UserAccountDto>() { Error = gatewayResult.Error }); } } // Send back a new UserAccountDto return(new ResponseDto <UserAccountDto>() { Data = new UserAccountDto(username: _ssoToken.SsoTokenPayloadDto.Username, password: _ssoToken.SsoTokenPayloadDto.Password, roleType: _ssoToken.SsoTokenPayloadDto.RoleType) }); }