/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
var hashCode = 41;
// Suitable nullity checks etc, of course :)
if (AuthorizationMode != null)
{
hashCode = hashCode * 59 + AuthorizationMode.GetHashCode();
}
if (DecryptedPaymentData != null)
{
hashCode = hashCode * 59 + DecryptedPaymentData.GetHashCode();
}
if (EncryptedPaymentData != null)
{
hashCode = hashCode * 59 + EncryptedPaymentData.GetHashCode();
}
if (RequiresApproval != null)
{
hashCode = hashCode * 59 + RequiresApproval.GetHashCode();
}
if (SkipFraudService != null)
{
hashCode = hashCode * 59 + SkipFraudService.GetHashCode();
}
if (TransactionId != null)
{
hashCode = hashCode * 59 + TransactionId.GetHashCode();
}
return(hashCode);
}
}
public AuthorizationAttribute(bool disabled)
{
_actionId = string.Empty;
_schemaId = string.Empty;
_mode = disabled ? AuthorizationMode.Disabled : AuthorizationMode.Identity;
}
public AuthorizationAttribute()
{
_actionId = string.Empty;
_schemaId = string.Empty;
_mode = AuthorizationMode.Identity;
}
public AuthorizationAttribute(bool disabled)
{
_actionId = string.Empty;
_schemaId = string.Empty;
_mode = disabled ? AuthorizationMode.Disabled : AuthorizationMode.Identity;
}
public AuthorizationAttribute()
{
_actionId = string.Empty;
_schemaId = string.Empty;
_mode = AuthorizationMode.Identity;
}
public static bool RefreshToken()
{
RefreshTokenMode refresh = new RefreshTokenMode();
refresh.appId = AppID;
refresh.secret = AppSecret;
refresh.refreshToken = Auth.RefreshToken;
string json = Newtonsoft.Json.JsonConvert.SerializeObject(refresh, Newtonsoft.Json.Formatting.Indented);
// 利用北向接口获取信息
string RefreshString = GetNorthAPIContent("sec/v1.1.0/refreshToken", "POST", json);
if (string.IsNullOrEmpty(RefreshString))
{
LogHelper.log.Error(" 详细:请求返回结果为空,刷新Token失败!!!");
return(false);
}
Auth = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizationMode>(RefreshString);
Console.WriteLine(value: " refresh_OK");
return(true);
}
public AuthorizationAttribute(string schemaId, string actionId)
{
_actionId = actionId ?? string.Empty;
_schemaId = schemaId ?? string.Empty;
_mode = AuthorizationMode.Required;
}
public AuthorizationAttribute(string schemaId, string actionId)
{
_actionId = actionId ?? string.Empty;
_schemaId = schemaId ?? string.Empty;
_mode = AuthorizationMode.Requires;
}
public AuthorizationAttribute()
{
_actionId = string.Empty;
_schemaId = string.Empty;
_mode = AuthorizationMode.Required;
}
public AuthorizationAttribute(string[] roles)
{
if(roles == null || roles.Length == 0)
throw new ArgumentNullException("roles");
_roles = roles;
_mode = AuthorizationMode.Identity;
}
public KeyVaultProvider(string keyVaultName, string authToken)
{
_vaultName = keyVaultName;
_token = authToken;
_authorizationMode = AuthorizationMode.Token;
_cache = new InMemoryCache();
_keyVaultClient = new KeyVaultClient(GetTokenAsync);
}
public AuthorizationAttribute(string[] roles)
{
if (roles == null || roles.Length == 0)
{
throw new ArgumentNullException("roles");
}
_roles = roles;
_mode = AuthorizationMode.Identity;
}
/// <summary>
/// Gets the hash code
/// </summary>
/// <returns>Hash code</returns>
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
var hashCode = 41;
// Suitable nullity checks etc, of course :)
if (AuthorizationMode != null)
{
hashCode = hashCode * 59 + AuthorizationMode.GetHashCode();
}
if (CustomerReference != null)
{
hashCode = hashCode * 59 + CustomerReference.GetHashCode();
}
if (RecurringPaymentSequenceIndicator != null)
{
hashCode = hashCode * 59 + RecurringPaymentSequenceIndicator.GetHashCode();
}
if (RequiresApproval != null)
{
hashCode = hashCode * 59 + RequiresApproval.GetHashCode();
}
if (SkipAuthentication != null)
{
hashCode = hashCode * 59 + SkipAuthentication.GetHashCode();
}
if (SkipFraudService != null)
{
hashCode = hashCode * 59 + SkipFraudService.GetHashCode();
}
if (Token != null)
{
hashCode = hashCode * 59 + Token.GetHashCode();
}
if (Tokenize != null)
{
hashCode = hashCode * 59 + Tokenize.GetHashCode();
}
if (TransactionChannel != null)
{
hashCode = hashCode * 59 + TransactionChannel.GetHashCode();
}
if (UnscheduledCardOnFileIndicator != null)
{
hashCode = hashCode * 59 + UnscheduledCardOnFileIndicator.GetHashCode();
}
if (UnscheduledCardOnFileRequestor != null)
{
hashCode = hashCode * 59 + UnscheduledCardOnFileRequestor.GetHashCode();
}
return(hashCode);
}
}
public KeyVaultProvider(string keyVaultName, string adClientId, string adClientSecret)
{
_vaultName = keyVaultName;
_vaultUri = string.Format("https://{0}.vault.azure.net", _vaultName);
_azureAdClientId = adClientId;
_azureAdClientSecret = adClientSecret;
_authorizationMode = AuthorizationMode.ClientSecret;
_cache = new InMemoryCache();
_authorizationContext = new AuthContextUtility(_azureAdClientId, _azureAdClientSecret);
_keyVaultClient = new KeyVaultClient(_authorizationContext.GetTokenUsingClientSecretAsync);
}
public async Task InvokeAsync_OpaReturnsFalse_RequestDenied(AuthorizationMode mode, bool opaReturnValue,
int expectedStatusCode)
{
mConfiguration.Mode = mode;
mOpenPolicyAgent.Setup(x => x.Query(mConfiguration.QueryPath, It.IsAny <OpenPolicyAgentQueryRequest>()))
.Returns(Task.FromResult(new OpenPolicyAgentQueryResponse {
Result = opaReturnValue
}));
await mTarget.InvokeAsync(mHttpContext);
Assert.Equal(expectedStatusCode, mHttpContext.Response.StatusCode);
}
bool ICredentialConfirmationDialogService.Invoke(string functionName, AuthorizationMode authorizationMode)
{
CredentialConfirmationDialog dialog = new CredentialConfirmationDialog();
dialog.AuthorizationMode = authorizationMode;
dialog.txtFunctionName.Text = functionName;
if (dialog.ShowDialog() == true)
{
// TODO: Validate password
return true;
}
return false;
}
public async Task InvokeAsync_OpaRequestFailure_FailureHandled(
AuthorizationMode mode,
int expectedStatusCode)
{
mConfiguration.Mode = mode;
var exception = new Exception("");
mOpenPolicyAgent.Setup(x => x.Query(mConfiguration.QueryPath, It.IsAny <OpenPolicyAgentQueryRequest>()))
.Throws(exception);
await mTarget.InvokeAsync(mHttpContext);
Assert.Equal(expectedStatusCode, mHttpContext.Response.StatusCode);
}
bool ICredentialConfirmationDialogService.Invoke(string functionName, AuthorizationMode authorizationMode)
{
CredentialConfirmationDialog dialog = new CredentialConfirmationDialog();
dialog.AuthorizationMode = authorizationMode;
dialog.txtFunctionName.Text = functionName;
if (dialog.ShowDialog() == true)
{
// TODO: Validate password
return(true);
}
return(false);
}
public static bool Login()
{
// 利用北向接口获取信息
string lContent = GetNorthAPIContent("sec/v1.1.0/login", "POST", $"appId={AppID}&secret={AppSecret}");
if (string.IsNullOrEmpty(lContent))
{
LogHelper.log.Error("!!! 请求响应的状态码:" + httpStatusCode + " 详细:请求返回结果为空");
return(false);
}
LogHelper.log.Info("请求响应的状态码:" + lContent);
// lContent 里包含了 Json 格式的 accessToken 等信息,可获取用于后续操作。最好存在全局静态变量中。
Auth = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizationMode>(lContent);
return(true);
}
public KeyVaultProvider(string keyVaultName, string adClientId, string certificateThumbprint, StoreLocation certificateStoreLocation = StoreLocation.LocalMachine, StoreName certificateStore = StoreName.My)
{
_vaultName = keyVaultName;
_vaultUri = string.Format("https://{0}.vault.azure.net", _vaultName);
_azureAdClientId = adClientId;
_appCertificateThumbprint = certificateThumbprint;
_certificateStoreLocation = certificateStoreLocation;
_certificateStoreName = certificateStore;
_authorizationMode = AuthorizationMode.Certificate;
_cache = new InMemoryCache();
_certificateService = new CertificateService();
_authorizationContext = new AuthContextUtility(_azureAdClientId, _appCertificateThumbprint, _certificateService, _certificateStoreLocation, _certificateStoreName);
_keyVaultClient = new KeyVaultClient(_authorizationContext.GetTokenUsingCertificateAsync);
}
/// <summary>
/// Returns true if MobilePaymentMethodSpecificInput instances are equal
/// </summary>
/// <param name="other">Instance of MobilePaymentMethodSpecificInput to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(MobilePaymentMethodSpecificInput other)
{
if (ReferenceEquals(null, other))
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
AuthorizationMode == other.AuthorizationMode ||
AuthorizationMode != null &&
AuthorizationMode.Equals(other.AuthorizationMode)
) &&
(
DecryptedPaymentData == other.DecryptedPaymentData ||
DecryptedPaymentData != null &&
DecryptedPaymentData.Equals(other.DecryptedPaymentData)
) &&
(
EncryptedPaymentData == other.EncryptedPaymentData ||
EncryptedPaymentData != null &&
EncryptedPaymentData.Equals(other.EncryptedPaymentData)
) &&
(
RequiresApproval == other.RequiresApproval ||
RequiresApproval != null &&
RequiresApproval.Equals(other.RequiresApproval)
) &&
(
SkipFraudService == other.SkipFraudService ||
SkipFraudService != null &&
SkipFraudService.Equals(other.SkipFraudService)
) &&
(
TransactionId == other.TransactionId ||
TransactionId != null &&
TransactionId.Equals(other.TransactionId)
));
}
/// <summary>
/// Returns true if AbstractCardPaymentMethodSpecificInput instances are equal
/// </summary>
/// <param name="other">Instance of AbstractCardPaymentMethodSpecificInput to be compared</param>
/// <returns>Boolean</returns>
public bool Equals(AbstractCardPaymentMethodSpecificInput other)
{
if (ReferenceEquals(null, other))
{
return(false);
}
if (ReferenceEquals(this, other))
{
return(true);
}
return
((
AuthorizationMode == other.AuthorizationMode ||
AuthorizationMode != null &&
AuthorizationMode.Equals(other.AuthorizationMode)
) &&
(
CustomerReference == other.CustomerReference ||
CustomerReference != null &&
CustomerReference.Equals(other.CustomerReference)
) &&
(
RecurringPaymentSequenceIndicator == other.RecurringPaymentSequenceIndicator ||
RecurringPaymentSequenceIndicator != null &&
RecurringPaymentSequenceIndicator.Equals(other.RecurringPaymentSequenceIndicator)
) &&
(
RequiresApproval == other.RequiresApproval ||
RequiresApproval != null &&
RequiresApproval.Equals(other.RequiresApproval)
) &&
(
SkipAuthentication == other.SkipAuthentication ||
SkipAuthentication != null &&
SkipAuthentication.Equals(other.SkipAuthentication)
) &&
(
SkipFraudService == other.SkipFraudService ||
SkipFraudService != null &&
SkipFraudService.Equals(other.SkipFraudService)
) &&
(
Token == other.Token ||
Token != null &&
Token.Equals(other.Token)
) &&
(
Tokenize == other.Tokenize ||
Tokenize != null &&
Tokenize.Equals(other.Tokenize)
) &&
(
TransactionChannel == other.TransactionChannel ||
TransactionChannel != null &&
TransactionChannel.Equals(other.TransactionChannel)
) &&
(
UnscheduledCardOnFileIndicator == other.UnscheduledCardOnFileIndicator ||
UnscheduledCardOnFileIndicator != null &&
UnscheduledCardOnFileIndicator.Equals(other.UnscheduledCardOnFileIndicator)
) &&
(
UnscheduledCardOnFileRequestor == other.UnscheduledCardOnFileRequestor ||
UnscheduledCardOnFileRequestor != null &&
UnscheduledCardOnFileRequestor.Equals(other.UnscheduledCardOnFileRequestor)
));
}
public AuthorizationAttribute(AuthorizationMode mode)
{
_mode = mode;
}
/// <summary>
/// Begins performing a standard OpenID authentiction request.
/// </summary>
public override void BeginAuth()
{
HttpContext.Current.Trace.Write("Beginning standard authentication check");
// Check to ensure Identity is set, and the server name
// can be retrieved.
if (Identity == null)
{
ErrorStore.Store(Errors.NoIdSpecified);
HttpContext.Current.Trace.Write("No OpenID specified, ending check");
return;
}
OpenIDServer = GetOpenIDServer();
if (OpenIDServer == null)
{
if (!IsError())
{
ErrorStore.Store(Errors.NoServersFound);
HttpContext.Current.Trace.Write("No OpenID Server found.");
}
return;
}
HttpContext.Current.Trace.Write("OpenID Version Discovered: " + AuthVersion.ToString());
// If a association handle request has turned out to be unsatisfactory, force dumb mode.
if (DumbMode == true)
{
authmode = AuthorizationMode.Stateless;
HttpContext.Current.Trace.Write("Dumb mode forced, switching to Stateless mode");
}
// Perform stateless (dumb) authentication
if (authmode == AuthorizationMode.Stateless)
{
if (OpenIDServer != "")
{
HttpContext.Current.Trace.Write("Redirecting using Stateless URL");
Redirect(RedirectURLStateless);
}
}
// Perform stateful (smart) authentication
else if (authmode == AuthorizationMode.Stateful)
{
if (OpenIDServer != "")
{
if (ShareKey() == true)
{
HttpContext.Current.Trace.Write("Redirecting using Stateful URL");
Redirect(RedirectURLStateful);
}
else
{
DumbMode = true;
HttpContext.Current.Trace.Write("Stateful key exchange failed, forcing Dumb mode and re-running authentication");
BeginAuth();
}
}
}
}
/// <summary>
/// Provides a new OpenIDConsumer object with default settings.
/// </summary>
public OpenIDConsumer()
{
// Set Defaults
Init();
this.DumbMode = false;
this.authmode = AuthorizationMode.Stateful;
this.keyenc = KeyEncryption.DHSHA256;
CleanupAssociations();
}
public AuthorizationAspect(AuthorizationMode mode = AuthorizationMode.All)
{
_mode = mode;
}
public CustomApiAuthorize(AuthorizationMode mode, params RoleEnum[] roles)
{
_mode = mode;
_roles = roles;
}
/// <summary>
/// Validates regular (non-immediate) OpenID authentication responses.
/// </summary>
/// <remarks>
/// <para>
/// To determine if this method should be used, look at the value
/// of the RequestedMode property, which detects the operational mode
/// requested by the current HTTP request.
/// </para>
/// <para>
/// If RequestedMode is set to RequestedMode.IdResolution, the request
/// is an authentication response from an OpenID Provider.
/// </para>
/// <para>
/// Therefore, either Validate() or ValidateImmediate() should be used to verify
/// the validity of the response.
/// </para>
/// </remarks>
/// <returns>True if successfully authenticated, false if not.</returns>
public override bool Validate()
{
if (DumbMode == true)
{
HttpContext.Current.Trace.Write("Dumb mode has been forced, switching to stateless authentication");
authmode = AuthorizationMode.Stateless;
}
if (authmode == AuthorizationMode.Stateless)
{
HttpContext.Current.Trace.Write("Stateless mode enabled, beginning validation request with server");
return ValidateWithServer(false);
}
if (authmode == AuthorizationMode.Stateful)
{
HttpContext.Current.Trace.Write("Stateful mode enabled, beginning validation check using shared key");
bool success = ValidateWithSharedKey();
if (success)
{
return true;
}
else
{
HttpContext.Current.Trace.Write("Validation failed, performing stateless validation check");
authmode = AuthorizationMode.Stateless;
return ValidateWithServer(true);
}
}
HttpContext.Current.Trace.Write("Request refused, authentication failed");
ErrorStore.Store(Errors.RequestRefused);
return false;
}
public AuthorizationAttribute(AuthorizationMode mode)
{
_mode = mode;
}
