/// <summary>Get secure user command.</summary>
public static CloudMessage NewMessage(CloudAction action, string localRsaPublicKey = null, string remoteRsaPublicKey = null, string username = null, string password = null)
{
var cmd = new CloudMessage(action);
if (!string.IsNullOrEmpty(localRsaPublicKey))
{
// Include local RSA public key which will be used by remote side to encrypt reply data.
cmd.Values.Add(CloudKey.RsaPublicKey, localRsaPublicKey);
}
if (!string.IsNullOrEmpty(remoteRsaPublicKey))
{
// Use cloud RSA key to generate random AES-256 password inside.
cmd.Values.AddRandomPassword(remoteRsaPublicKey);
}
if (!string.IsNullOrEmpty(username))
{
// Add encrypted username.
cmd.Values.Add(CloudKey.Username, username, true);
}
if (!string.IsNullOrEmpty(password))
{
// Add encrypted password.
cmd.Values.Add(CloudKey.Password, password, true);
}
return(cmd);
}
/// <summary>
/// Decrypt message and get cloud key value as GUID.
/// </summary>
public static Guid?GetGuidId(string cloudKey, CloudMessage input, out string error)
{
var values = input.Values;
error = null;
if (values == null)
{
error = "Input message is null";
return(null);
}
var randomPasswordEncrypted = values.GetValue <string>(CloudKey.RandomPassword);
if (string.IsNullOrEmpty(randomPasswordEncrypted))
{
return(null);
}
// Decrypt random password supplied by the user.
var rsa = new JocysCom.ClassLibrary.Security.Encryption(CloudKey.Cloud);
input.Values.DecryptRandomPassword(rsa.RsaPublicKeyValue, rsa.RsaPrivateKeyValue);
// Try to get computer id.
var guidId = input.Values.GetValue(cloudKey, Guid.Empty, true);
if (guidId == Guid.Empty)
{
error = string.Format("{0} value is empty", cloudKey);
return(null);
}
return(guidId);
}
public static JocysCom.WebSites.Engine.Security.Data.User GetUser(CloudMessage message)
{
var values = message.Values;
if (values == null)
{
return(null);
}
var randomPasswordEncrypted = values.GetValue <string>(CloudKey.RandomPassword);
if (string.IsNullOrEmpty(randomPasswordEncrypted))
{
return(null);
}
// Decrypt random password supplied by the user.
var rsa = new JocysCom.ClassLibrary.Security.Encryption(CloudKey.Cloud);
message.Values.DecryptRandomPassword(rsa.RsaPublicKeyValue, rsa.RsaPrivateKeyValue);
var username = values.GetValue <string>(CloudKey.Username, null, true);
var password = values.GetValue <string>(CloudKey.Password, null, true);
// If user password is not valid then return
if (!Membership.ValidateUser(username, password))
{
return(null);
}
var user = JocysCom.WebSites.Engine.Security.Data.User.GetUser(username);
return(user);
}
/// <summary>Execute INSERT/UPDATE commands on database.</summary>
public static void Upsert(CloudMessage command, List <string> messages)
{
messages.Add(Upsert(command.UserGames));
messages.Add(Upsert(command.UserDevices));
messages.Add(Upsert(command.UserInstances));
// UPSERT settings last, because it depends on other records.
messages.Add(Upsert(command.UserSettings));
}
/// <summary>Execute DELETE commands on database.</summary>
public static void Delete(CloudMessage command, List <string> messages)
{
// Delete user settings first, because it links to other records.
messages.Add(Delete(command.UserSettings));
// Delete user instances because it links to used devices.
messages.Add(Delete(command.UserInstances));
// Delete other records.
messages.Add(Delete(command.UserGames));
messages.Add(Delete(command.UserDevices));
}
/// <summary>
/// Decrypt message and get user if supplied user name and password is valid.
/// </summary>
public static JocysCom.WebSites.Engine.Security.Data.User GetUser(CloudMessage input, out string error)
{
var values = input.Values;
error = null;
if (values == null)
{
error = "Input message is null";
return(null);
}
var randomPasswordEncrypted = values.GetValue <string>(CloudKey.RandomPassword);
if (string.IsNullOrEmpty(randomPasswordEncrypted))
{
return(null);
}
// Decrypt random password supplied by the user.
var rsa = new JocysCom.ClassLibrary.Security.Encryption(CloudKey.Cloud);
input.Values.DecryptRandomPassword(rsa.RsaPublicKeyValue, rsa.RsaPrivateKeyValue);
// Try to get user by user name.
var username = values.GetValue <string>(CloudKey.Username, null, true);
var password = values.GetValue <string>(CloudKey.Password, null, true);
if (string.IsNullOrEmpty(username))
{
error = "User name is empty";
return(null);
}
if (string.IsNullOrEmpty(password))
{
error = "Password is empty";
return(null);
}
// If user password is valid then...
if (!Membership.ValidateUser(username, password))
{
error = "Invalid user credentials";
}
// Return user.
return(JocysCom.WebSites.Engine.Security.Data.User.GetUser(username));
}
/// <summary>Get secure user command.</summary>
public static void ApplySecurity(CloudMessage message, string localRsaPublicKey = null, string remoteRsaPublicKey = null, string username = null, string password = null)
{
if (!string.IsNullOrEmpty(localRsaPublicKey))
{
// Include local RSA public key which will be used by remote side to encrypt reply data.
message.Values.Add(CloudKey.RsaPublicKey, localRsaPublicKey);
}
if (!string.IsNullOrEmpty(remoteRsaPublicKey))
{
// Use cloud RSA key to generate random AES-256 password inside.
message.Values.AddRandomPassword(remoteRsaPublicKey);
}
if (!string.IsNullOrEmpty(username))
{
// Add encrypted user name.
message.Values.Add(CloudKey.Username, username, true);
}
if (!string.IsNullOrEmpty(password))
{
// Add encrypted password.
message.Values.Add(CloudKey.Password, password, true);
}
}
/// <summary>Get secure user command.</summary>
public static void ApplySecurity(CloudMessage message, string localRsaPublicKey = null, string remoteRsaPublicKey = null, string username = null, string password = null)
{
// Add local RSA public key which will be used by remote side to encrypt reply password.
if (!string.IsNullOrEmpty(localRsaPublicKey))
{
message.Values.Add(CloudKey.RsaPublicKey, localRsaPublicKey, false, true);
}
// Create and add random pasword and encrypt with remote RSA public key.
// Password will be used to encrypt sensitive data with AES-256 symetric encryption.
if (!string.IsNullOrEmpty(remoteRsaPublicKey))
{
message.Values.UpsertRandomPassword(remoteRsaPublicKey);
}
// Add encrypted user name.
if (!string.IsNullOrEmpty(username))
{
message.Values.Add(CloudKey.Username, username, true, true);
}
// Add encrypted x360ce site password.
if (!string.IsNullOrEmpty(password))
{
message.Values.Add(CloudKey.Password, password, true, true);
}
}
public void ExecuteAsync(CloudMessage command, object userState = null)
{
InvokeAsync("Execute", ExecuteCompleted, userState, new object[] { command });
}
public CloudMessage Execute(CloudMessage command)
{
return(Invoke <CloudMessage>("Execute", command));
}
public static void Select(CloudMessage command, CloudMessage results, List <string> messages, out string error)
{
var computerId = CloudHelper.GetGuidId(CloudKey.ComputerId, command, out error).Value;
var profileId = CloudHelper.GetGuidId(CloudKey.ProfileId, command, out error).Value;
// Get all user games.
if (command.UserGames != null)
{
UserGame[] userGames;
error = Select(computerId, profileId, command.UserGames, out userGames);
messages.Add(error);
results.UserGames = FilterByChecksum(userGames, command.Checksums, out error);
if (!string.IsNullOrEmpty(error))
{
messages.Add(error);
}
}
// Get all user devices.
if (command.UserDevices != null)
{
UserDevice[] userDevices;
error = Select(computerId, profileId, command.UserDevices, out userDevices);
messages.Add(error);
results.UserDevices = FilterByChecksum(userDevices, command.Checksums, out error);
if (!string.IsNullOrEmpty(error))
{
messages.Add(error);
}
}
//// Get all user computers.
//if (command.UserComputers != null)
//{
// UserComputer[] userComputers;
// error = Select(computerId, profileId, command.UserComputers, out userComputers);
// messages.Add(error);
// results.UserComputers = FilterByChecksum(userComputers, command.Checksums, out error);
// if (!string.IsNullOrEmpty(error))
// messages.Add(error);
//}
// Get all user instances.
if (command.UserInstances != null)
{
UserInstance[] userInstances;
error = Select(computerId, profileId, command.UserInstances, out userInstances);
messages.Add(error);
results.UserInstances = FilterByChecksum(userInstances, command.Checksums, out error);
if (!string.IsNullOrEmpty(error))
{
messages.Add(error);
}
}
// Get all user instances.
if (command.UserSettings != null)
{
UserSetting[] userSettings;
error = Select(computerId, profileId, command.UserSettings, out userSettings);
messages.Add(error);
results.UserSettings = userSettings;
//results.UserSettings = FilterByChecksum(userSettings, command.Checksums, out error);
if (!string.IsNullOrEmpty(error))
{
messages.Add(error);
}
}
}
public CloudMessage Execute(CloudMessage command)
{
object[] results = Invoke("Execute", new object[] { command });
return((CloudMessage)results[0]);
}
