private String GetPasswordProof(Profile profile, AuthRequest request, ProofType type, bool client_to_server) { List <String> challenges = new List <String>(); StringBuilder sb = new StringBuilder(); string password = null; if (profile != null && profile.User != null) { password = profile.User.Password; } switch (type) { case ProofType.ProofType_NickEmail: if (profile.User.Partnercode != CoreWeb.Models.User.PARTNERID_GAMESPY) { sb.Append(profile.User.Partnercode.ToString()); sb.Append("@"); sb.Append(profile.Nick); sb.Append("@"); sb.Append(profile.User.Email); } else { sb.Append(profile.Nick); sb.Append("@"); sb.Append(profile.User.Email); } break; case ProofType.ProofType_Unique: if (profile.User.Partnercode != CoreWeb.Models.User.PARTNERID_GAMESPY) { sb.Append(profile.User.Partnercode.ToString()); sb.Append("@"); sb.Append(profile.Uniquenick); } else { sb.Append(profile.Uniquenick); } break; case ProofType.ProofType_PreAuth: password = request.client_response; sb.Append(request.auth_token); break; case ProofType.ProofType_LoginTicket: password = request.login_ticket; sb.Append(request.login_ticket); break; } if (client_to_server) { challenges.Add(request.client_challenge); challenges.Add(request.server_challenge); } else { challenges.Add(request.server_challenge); challenges.Add(request.client_challenge); } return(GetProofString(sb.ToString(), challenges, password)); }
public Task <AuthResponse> NickEmailAuth([FromBody] AuthRequest authRequest) { return(handleAuthRequest(authRequest, ProofType.ProofType_NickEmail)); }
public Task <AuthResponse> UniqueNickAuth([FromBody] AuthRequest authRequest) { return(handleAuthRequest(authRequest, ProofType.ProofType_Unique)); }
public async Task <AuthResponse> PreAuth([FromBody] AuthRequest authRequest) { Dictionary <string, string> dict = await sessionRepository.decodeAuthToken(authRequest.auth_token); if (dict == null) { throw new AuthInvalidCredentialsException(); } DateTime expireTime; AuthResponse response = new AuthResponse(); if (dict.Keys.Contains("expiresAt")) { long expiresAtTS; if (!long.TryParse(dict["expiresAt"], out expiresAtTS)) { throw new AuthInvalidCredentialsException(); } System.DateTime dtDateTime = new DateTime(1970, 1, 1, 0, 0, 0, 0, System.DateTimeKind.Utc); expireTime = dtDateTime.AddSeconds(expiresAtTS).ToLocalTime(); if (DateTime.UtcNow > expireTime) { throw new AuthInvalidCredentialsException(); } } ProfileLookup profileLookup = new ProfileLookup(); UserLookup userLookup = new UserLookup(); int profileId; int.TryParse(dict["profileId"], out profileId); profileLookup.id = profileId; User user = null; if (dict.ContainsKey("userId")) { int.TryParse(dict["userId"], out profileId); userLookup.id = profileId; user = (await userRepository.Lookup(userLookup)).First(); } response.profile = (await profileRepository.Lookup(profileLookup)).First(); response.success = true; if (user == null) { userLookup.id = response.profile.Userid; user = (await userRepository.Lookup(userLookup)).First(); } response.user = user; //authRequest.client_response = authRequest.auth_token_challenge; var client_response = authRequest.client_response; authRequest.client_response = dict["true_signature"]; //test validity of auth token... confirm the users token is signed against "true_signature" if (client_response.CompareTo(GetPasswordProof(response.profile, authRequest, ProofType.ProofType_PreAuth, true)) != 0) { throw new AuthInvalidCredentialsException(); } response.server_response = GetPasswordProof(response.profile, authRequest, ProofType.ProofType_PreAuth, false); response.session = await generateSessionKey(response.profile); response.success = true; return(response); }