public async Task <Response> PostSignup(AccountProtection.SignUp signup, string correlationId, string envId)
        {
            string endpoint = string.Format(_settings.Endpoints.SignupAP, signup.Metadata.SignUpId);

            var response = await PostAsync(endpoint, signup, correlationId, envId);

            return(await Read <ResponseSuccess>(response));
        }
コード例 #2
0
        private AccountProtection.SignUp CreateSignupAPEvent(RegisterViewModel model)
        {
            var signupUser = new AccountProtection.User()
            {
                Username      = model.User.Email,
                FirstName     = model.User.FirstName,
                LastName      = model.User.LastName,
                CountryRegion = model.Address.CountryRegion,
                ZipCode       = model.Address.ZipCode,
                TimeZone      = new TimeSpan(0, 0, -model.DeviceFingerPrinting.ClientTimeZone, 0).ToString(),
                Language      = "EN-US",
                UserType      = AccountProtection.UserType.Consumer,
            };

            var customerEmail = new AccountProtection.CustomerEmail()
            {
                EmailType        = AccountProtection.EmailType.Primary,
                EmailValue       = model.User.Email,
                IsEmailValidated = false,
                IsEmailUsername  = true
            };

            var customerPhone = new AccountProtection.CustomerPhone()
            {
                PhoneType              = AccountProtection.PhoneType.Primary,
                PhoneNumber            = model.User.Phone,
                IsPhoneNumberValidated = false,
                IsPhoneUsername        = false
            };

            var address = new AccountProtection.Address()
            {
                AddressType   = AccountProtection.AddressType.Primary,
                FirstName     = model.User.FirstName,
                LastName      = model.User.LastName,
                PhoneNumber   = model.User.Phone,
                Street1       = model.Address.Address1,
                Street2       = model.Address.Address2,
                City          = model.Address.City,
                State         = model.Address.State,
                ZipCode       = model.Address.ZipCode,
                CountryRegion = model.Address.CountryRegion
            };

            var device = new AccountProtection.DeviceContext()
            {
                DeviceContextId = model.DeviceFingerPrinting.SessionId,
                IpAddress       = _contextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString(),
                Provider        = DeviceContextProvider.DFPFingerPrinting.ToString()
            };

            var metadata = new AccountProtection.EventMetadataAccountCreate()
            {
                TrackingId        = Guid.NewGuid().ToString(),
                SignUpId          = Guid.NewGuid().ToString(),
                CustomerLocalDate = DateTime.Now,
                MerchantTimeStamp = DateTime.Now,
                AssessmentType    = AssessmentType.Evaluate
            };

            AccountProtection.SignUp signupEvent = new AccountProtection.SignUp()
            {
                Name    = "AP.AccountCreation",
                Version = "0.5",
                User    = signupUser,
                Email   = new List <AccountProtection.CustomerEmail>()
                {
                    customerEmail
                },
                Phone = new List <AccountProtection.CustomerPhone>()
                {
                    customerPhone
                },
                Address = new List <AccountProtection.Address>()
                {
                    address
                },
                Device   = device,
                Metadata = metadata
            };
            return(signupEvent);
        }
コード例 #3
0
        private async Task <IActionResult> RegisterUser(RegisterViewModel model, string returnUrl, bool useAP)
        {
            //Create the user object and validate it before calling Fraud Protection
            var user = new ApplicationUser
            {
                UserName      = model.User.Email,
                Email         = model.User.Email,
                FirstName     = model.User.FirstName,
                LastName      = model.User.LastName,
                PhoneNumber   = model.User.Phone,
                Address1      = model.Address.Address1,
                Address2      = model.Address.Address2,
                City          = model.Address.City,
                State         = model.Address.State,
                ZipCode       = model.Address.ZipCode,
                CountryRegion = model.Address.CountryRegion
            };

            foreach (var v in _userManager.UserValidators)
            {
                var validationResult = await v.ValidateAsync(_userManager, user);

                if (!validationResult.Succeeded)
                {
                    AddErrors(validationResult);
                }
            }
            ;

            foreach (var v in _userManager.PasswordValidators)
            {
                var validationResult = await v.ValidateAsync(_userManager, user, model.Password);

                if (!validationResult.Succeeded)
                {
                    AddErrors(validationResult);
                }
            }
            ;

            if (ModelState.ErrorCount > 0)
            {
                return(View("Register", model));
            }

            #region Fraud Protection Service
            var correlationId = _fraudProtectionService.NewCorrelationId;

            // Ask Fraud Protection to assess this signup/registration before registering the user in our database, etc.
            if (useAP)
            {
                AccountProtection.SignUp signupEvent = CreateSignupAPEvent(model);

                var signupAssessment = await _fraudProtectionService.PostSignupAP(signupEvent, correlationId);

                //Track Fraud Protection request/response for display only
                var fraudProtectionIO = new FraudProtectionIOModel(correlationId, signupEvent, signupAssessment, "Signup");
                TempData.Put(FraudProtectionIOModel.TempDataKey, fraudProtectionIO);

                bool rejectSignup = false;
                if (signupAssessment is AccountProtection.ResponseSuccess signupResponse)
                {
                    rejectSignup = signupResponse.ResultDetails.FirstOrDefault()?.Decision != AccountProtection.DecisionName.Approve;
                }

                if (rejectSignup)
                {
                    ModelState.AddModelError("", "Signup rejected by Fraud Protection. You can try again as it has a random likelihood of happening in this sample site.");
                    return(View("Register", model));
                }
            }
            else
            {
                SignUp signupEvent = CreateSignupEvent(model);

                var signupAssessment = await _fraudProtectionService.PostSignup(signupEvent, correlationId);

                //Track Fraud Protection request/response for display only
                var fraudProtectionIO = new FraudProtectionIOModel(correlationId, signupEvent, signupAssessment, "Signup");

                //2 out of 3 signups will succeed on average. Adjust if you want more or less signups blocked for tesing purposes.
                var rejectSignup     = new Random().Next(0, 3) != 0;
                var signupStatusType = rejectSignup ? SignupStatusType.Rejected.ToString() : SignupStatusType.Approved.ToString();

                var signupStatus = new SignupStatusEvent
                {
                    SignUpId   = signupEvent.SignUpId,
                    StatusType = signupStatusType,
                    StatusDate = DateTimeOffset.Now,
                    Reason     = "User is " + signupStatusType
                };

                if (!rejectSignup)
                {
                    signupStatus.User = new SignupStatusUser {
                        UserId = model.User.Email
                    };
                }

                var signupStatusResponse = await _fraudProtectionService.PostSignupStatus(signupStatus, correlationId);

                fraudProtectionIO.Add(signupStatus, signupStatusResponse, "Signup Status");

                TempData.Put(FraudProtectionIOModel.TempDataKey, fraudProtectionIO);

                if (rejectSignup)
                {
                    ModelState.AddModelError("", "Signup rejected by Fraud Protection. You can try again as it has a random likelihood of happening in this sample site.");
                    return(View("Register", model));
                }
            }
            #endregion

            var result = await _userManager.CreateAsync(user, model.Password);

            if (!result.Succeeded)
            {
                AddErrors(result);
                return(View("Register", model));
            }

            await _signInManager.SignInAsync(user, isPersistent : false);

            await TransferBasketToEmailAsync(user.Email);

            return(RedirectToLocal(returnUrl));
        }
        private async Task <IActionResult> RegisterUser(RegisterViewModel model, string returnUrl)
        {
            //Create the user object and validate it before calling Fraud Protection
            var user = new ApplicationUser
            {
                UserName      = model.User.Email,
                Email         = model.User.Email,
                FirstName     = model.User.FirstName,
                LastName      = model.User.LastName,
                PhoneNumber   = model.User.Phone,
                Address1      = model.Address.Address1,
                Address2      = model.Address.Address2,
                City          = model.Address.City,
                State         = model.Address.State,
                ZipCode       = model.Address.ZipCode,
                CountryRegion = model.Address.CountryRegion
            };

            foreach (var v in _userManager.UserValidators)
            {
                var validationResult = await v.ValidateAsync(_userManager, user);

                if (!validationResult.Succeeded)
                {
                    AddErrors(validationResult);
                }
            }
            ;

            foreach (var v in _userManager.PasswordValidators)
            {
                var validationResult = await v.ValidateAsync(_userManager, user, model.Password);

                if (!validationResult.Succeeded)
                {
                    AddErrors(validationResult);
                }
            }
            ;

            if (ModelState.ErrorCount > 0)
            {
                return(View("Register", model));
            }

            #region Fraud Protection Service
            var correlationId = _fraudProtectionService.NewCorrelationId;

            // Ask Fraud Protection to assess this signup/registration before registering the user in our database, etc.
            AccountProtection.SignUp signupEvent = CreateSignupAPEvent(model);

            var signupAssessment = await _fraudProtectionService.PostSignup(signupEvent, correlationId, HttpContext.Session.GetString("envId"));

            //Track Fraud Protection request/response for display only
            var fraudProtectionIO = new FraudProtectionIOModel(correlationId, signupEvent, signupAssessment, "Signup");
            TempData.Put(FraudProtectionIOModel.TempDataKey, fraudProtectionIO);

            bool rejectSignup = false;
            if (signupAssessment is ResponseSuccess signupResponse)
            {
                rejectSignup = signupResponse.ResultDetails.FirstOrDefault()?.Decision != DecisionName.Approve;
            }

            if (rejectSignup)
            {
                ModelState.AddModelError("", "Signup rejected by Fraud Protection. You can try again as it has a random likelihood of happening in this sample site.");
                return(View("Register", model));
            }
            #endregion

            var result = await _userManager.CreateAsync(user, model.Password);

            if (!result.Succeeded)
            {
                AddErrors(result);
                return(View("Register", model));
            }

            await _signInManager.SignInAsync(user, isPersistent : false);

            await TransferBasketToEmailAsync(user.Email);

            return(RedirectToLocal(returnUrl));
        }