/// <summary>
/// Converts to authorize request model.
/// </summary>
/// <param name="authorizeRequestModel">The authorize request model.</param>
/// <returns></returns>
public PayfortAuthorizationInfoRequest ConvertToAuthorizeRequestModel(AuthorizeRequestModel authorizeRequestModel)
{
try
{
return(new PayfortAuthorizationInfoRequest()
{
RequestPhrase = PayfortConfigurationModel.RequestPhrase,
AccessCode = PayfortConfigurationModel.AccessCode,
Amount = authorizeRequestModel.Amount.ToString(),
Command = PaymentCommandType.AUTHORIZATION.ToString(),
Currency = authorizeRequestModel.Currency,
CustomerEmail = authorizeRequestModel.CustomerEmail,
CustomerIp = authorizeRequestModel.IPAddress,
CustomerName = authorizeRequestModel.CustomerName,
Language = authorizeRequestModel.Language,
MerchantIdentifier = PayfortConfigurationModel.MerchantIdentifier,
MerchantReference = PayfortConfigurationModel.MerchantReference,
RememberMe = "YES",
ReturnUrl = PayfortConfigurationModel.ReturnUrl,
TokenName = authorizeRequestModel.Token,
MerchantExtra = authorizeRequestModel.BookingNumber,
Url = PayfortConfigurationModel.URL
});
}
catch (Exception ex)
{
throw ex;
}
}
private AuthorizeRequestModel MapOrderToAuthorizeRequest(OrderResponseModel order, PlaceOrderModel placeOrder)
{
var model = new AuthorizeRequestModel
{
TransactionId = order.TransactionId,
FirstName = order.Client.FirstName,
LastName = order.Client.LastName,
Email = order.Client.Email,
IdentificationType = order.Client.IdentificationType,
IdentificationNumber = order.Client.IdentificationNumber,
PhoneNumber = order.Client.Phone,
Amount = order.Total,
CountryIsoCode = order.CountryIsoCode,
CurrencyIsoCode = order.CurrencyIsoCode,
OrderId = order.SaleOrderId,
OrderGroup = order.OrderGroup,
OrderNumber = order.SaleOrderId.ToString("D8"),
SellerId = order.SellerId,
SellerName = order.SellerName,
Placeholder = placeOrder.Payment.Card.Placeholder,
CardNumber = placeOrder.Payment.Card.CardNumber,
Year = placeOrder.Payment.Card.Year,
Month = placeOrder.Payment.Card.Month,
Cvv = placeOrder.Payment.Card.Cvv,
Installments = placeOrder.Payment.Card.Installments == 0 ? 1 : placeOrder.Payment.Card.Installments
};
return(model);
}
public bool Match(AuthorizeRequestModel model, int userId)
{
var client = _clientManager.GetClientByApplicationId(model.client_id);
var receivedurls = model.redirect_uri.Split('?');
Logger.Information("检查client_id,client_id={0},redirect-uri={1}", model.client_id, receivedurls[0]);
var clientt = (Client)client;
// if (client == null || client.Callback.ToLower() != receivedurls[0].ToLower())
if (client == null || clientt.HostInfos.All(m => m.Callback.ToUpper() != receivedurls[0].ToUpper())) //增加多个客户端查询
throw new QsTechException("请求的应用不存在或者返回地址错误!"){ NoAuthorizeLayout = true};
return _accountClientManager.CheckClientAccess(userId,client.Id);
}
/// <summary>
/// Authorizes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns></returns>
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel request)
{
try
{
return(new AuthorizeResponseModel());
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Routes the authorize.
/// </summary>
/// <param name="authorizeRequestModel">The authorize request model.</param>
/// <returns></returns>
public async Task <AuthorizeResponseModel> RouteAuthorize(AuthorizeRequestModel authorizeRequestModel)
{
try
{
return(await _paymentProcessor(authorizeRequestModel.Engine).Authorize(authorizeRequestModel));
}
catch (Exception ex)
{
_logger.LogError($"Error - {ex.Message} occurred while routing Authorization for Engine-{((PaymentEngine)authorizeRequestModel.Engine).ToString()}");
throw ex;
}
}
public bool Macth(AuthorizeRequestModel model)
{
Logger.Information("检查URL{0}",model.redirect_uri);
var _clientlist = _clientManager.GetClients();
if (_clientlist == null)
return false;
foreach (var item in _clientlist)
{
Logger.Information("检查URL,callback={0},url={1}", item.Callback, model.redirect_uri);
var isMatch = ExcuteDefaultAccessPolicy(item, model);
if (isMatch)
return true;
}
return false;
}
public string GetAuthorizeReponseUrl(IAccount account, AuthorizeRequestModel authorizeModel)
{
var code = _authorizationCodeManager.CreateAndReturnAuthorizationCode(account);
if (string.IsNullOrEmpty(authorizeModel.redirect_uri))
return _ssoSetting.DefaultUrl;
var returnUrl = authorizeModel.redirect_uri;
try
{
returnUrl = EncodeReturnUrl(returnUrl);
returnUrl = returnUrl.AppendUrlParam("code", code);
returnUrl = returnUrl.AppendUrlParam("state", authorizeModel.state);
return returnUrl;
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel model)
{
var result = new AuthorizeResponseModel {
Success = true
};
var command = new AuthorizeTransactionCommand {
TransactionId = new Guid(model.TransactionId),
Email = model.Email,
CountryIsoCode = model.CountryIsoCode,
CurrencyIsoCode = model.CurrencyIsoCode,
Description = model.ReferenceDescription,
Order = new Payments.Application.Commands.TransactionCommand.Models.OrderModel {
FirstName = model.FirstName,
LastName = model.LastName,
OrderGroup = model.OrderGroup,
OrderId = model.OrderId,
OrderNumber = model.OrderNumber,
IdentificationNumber = model.IdentificationNumber,
IdentificationType = model.IdentificationType,
PhoneNumber = model.PhoneNumber,
SellerId = model.SellerId,
SellerName = model.SellerName
},
Card = new Payments.Application.Commands.TransactionCommand.Models.CardModel {
PlaceHolder = model.Placeholder,
CardNumber = model.CardNumber,
CardType = model.CardType,
Year = model.Year,
Month = model.Month,
Cvv = model.Cvv,
Amount = model.Amount,
Installments = model.Installments
}
};
var response = await this._mediator.Send(command);
result.Success = true;
return(result);
}
/// <summary>
/// Authorizes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns></returns>
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel request)
{
try
{
var payfortRequest = _payfortRequestParser.ConvertToAuthorizeRequestModel(request);
var stopwatch = new Stopwatch();
stopwatch.Start();
var gatewayResponse = _payfortService.Authorize(payfortRequest);
//Add profiler
return(_payfortResponseParser.MapAuthorizationResponse(gatewayResponse));
}
catch (Exception ex)
{
_logger.LogError($"Exception occured in authorize process in payfort ");
throw ex;
}
}
public string GetAuthorizeReponseUrl(IAccount account, AuthorizeRequestModel authorizeModel)
{
if (string.IsNullOrEmpty(authorizeModel.redirect_uri))
return _ssoSetting.DefaultUrl;
return authorizeModel.redirect_uri;
}
public ActionResult MLogOn(AuthorizeRequestModel model)
{
return View();
}
public ActionResult LogOn(LogOnModel model, AuthorizeRequestModel requestModel)
{
CheckReturnUrl(requestModel);
if (ModelState.IsValid && CheckValidateCode(model))
{
model.AccountName = model.AccountName.Trim();
IAccount account;
if (_svcAuth.Login(model.AccountName, model.Password, out account))
{
CheckClient(requestModel, account.Id); //判断用户有无权限访问应用 暂时注释;2012-8/1
_svcAuthentication.SignIn(account, model.RememberMe);
var returnUrl= _authorizationCodeHolder.GetAuthorizationProvider(requestModel.response_type??"").GetAuthorizeReponseUrl(account, requestModel);
return GetReturlUrl(requestModel, returnUrl);
}
else
{
ModelState.AddModelError("", _translation.T("loginFormAccountError"));
}
}
if (model.SourceType == 1)
return View("MLogOn", model);
else
return View(model);
}
private bool ExcuteDefaultAccessPolicy(IClient client,AuthorizeRequestModel model)
{
var receivedurls = model.redirect_uri.Split('?');
if (receivedurls != null)
{
//return client.Callback.ToUpper() == receivedurls[0].ToUpper();//&&client.ApplicationId==model.Client_Id;
var clientt = (Client) client;
return clientt.HostInfos.Any(m => m.Callback.ToUpper() == receivedurls[0].ToUpper());
}
return false;
}
private string GetTicketReturnUrl(string ticketData, AuthorizeRequestModel authorizeModel)
{
if (string.IsNullOrEmpty(authorizeModel.redirect_uri))
return _ssoSetting.DefaultUrl;
var returnUrl = authorizeModel.redirect_uri;
if (!IsCurrentUrl(authorizeModel.redirect_uri))
{
try
{
returnUrl=EncodeReturnUrl(returnUrl);
returnUrl = returnUrl.AppendUrlParam("code", ticketData);
returnUrl = returnUrl.AppendUrlParam("state", authorizeModel.state);
return returnUrl;
}
catch(Exception ex) {
Logger.Error("跳转回应用时发生错误:{0}!",ex.ToString());
throw ex;
}
}
else
return returnUrl;
}
private ActionResult GetReturlUrl(AuthorizeRequestModel model,string returnUrl)
{
if (string.IsNullOrEmpty(model.redirect_uri))
return Redirect(_ssoSetting.DefaultUrl);
if (!IsCurrentUrl(model.redirect_uri))
{
var client = _clientManager.GetClientByApplicationId(model.client_id);
if (client.IsClient)
{
CookieHelper.AddCookie("url", returnUrl);
CookieHelper.AddCookie("requestmodel", JsonHelper.ConvertToJson(model));
CookieHelper.AddCookie("client", JsonHelper.ConvertToJson(client));
return Redirect(_ssoSetting.GetClientInfoUrl);
}
return Redirect(returnUrl);
}
return Redirect(model.redirect_uri);
}
private void CheckReturnUrl(AuthorizeRequestModel model)
{
#if DEBUG
return ;
#endif
if (string.IsNullOrEmpty(model.redirect_uri))
return;
if (!IsCurrentUrl(model.redirect_uri))
{//如果不是本地的URL
var isMatch = _clientVerifier.Macth(model);
if (!isMatch)
{
Logger.Error(string.Format("不是有效的return_uri={0}", model.redirect_uri));
throw new QsTechException("不是有效的return_uri") { NoAuthorizeLayout = true };
}
}
}
private void CheckClient(AuthorizeRequestModel model, int userId)
{
if (string.IsNullOrEmpty(model.redirect_uri))
return;
if (!IsCurrentUrl(model.redirect_uri))
{//如果不是本地的URL
var reuslt = _clientVerifier.Match(model, userId);
if (!reuslt)
{
throw new QsTechException("没有访问权限应用!"){NoAuthorizeLayout = true};
}
}
}
private string AutoLogOn(AuthorizeRequestModel model)
{
if (HttpContext.Request.IsAuthenticated)
{
Logger.Information(string.Format("{0}自动登录!", HttpContext.User.Identity.Name));
var account = _svcAuthentication.GetAuthenticatedAccount(); //_svcAuthentication.GetAuthenticatedUser();
var data = _authorizationCodeManager.CreateAndReturnAuthorizationCode(account);
var returnUrl = GetTicketReturnUrl(data, model);
Logger.Information(string.Format("自动登录返回:{0}", returnUrl));
return returnUrl;
}
return null;
}
public async Task <AuthorizeResponseModel> Authorize(AuthorizeRequestModel request)
{
var securityUrl = request.Settings.GetValueOrDefault("SecurityUrl");
var userName = request.Settings.GetValueOrDefault("UserName");
var password = request.Settings.GetValueOrDefault("Password");
var authorizeUrl = request.Settings.GetValueOrDefault("AuthorizeUrl");
var merchantId = request.Settings.GetValueOrDefault("MerchantId");
var channel = request.Settings.GetValueOrDefault("Channel");
var captureType = request.Settings.GetValueOrDefault("CaptureType");
var countable = Convert.ToBoolean(request.Settings.GetValueOrDefault("Countable"));
var token = await this._visaNetSecurityTokenService.GetToken(securityUrl, userName, password);
var identificationType = "";
if (request.IdentificationType.Equals("dni", StringComparison.OrdinalIgnoreCase))
{
identificationType = "0";
}
else if (request.IdentificationType.Equals("pasaporte", StringComparison.OrdinalIgnoreCase))
{
identificationType = "2";
}
else
{
identificationType = "1";
}
var requestMessage = new
{
channel = channel,
captureType = captureType,
countable = countable,
order = new
{
purchaseNumber = request.OrderNumber,
amount = request.Amount,
installment = request.Installments,
currency = request.CurrencyIsoCode,
externalTransactionId = request.TransactionId
},
card = new
{
cardNumber = request.CardNumber,
expirationMonth = request.Month,
expirationYear = $"20{request.Year}",
cvv2 = request.Cvv
},
cardHolder = new
{
firstName = request.PlaceHolder.Split(' ')[0],
lastName = request.PlaceHolder.Split(' ')[1],
email = request.Email,
phoneNumber = request.PhoneNumber,
documentType = identificationType,
documentNumber = request.IdentificationNumber
}
};
var headers = new Dictionary <string, string>();
headers.Add("authorization", token);
using (var proxy = new HttpClient())
{
var httpRequest = new HttpRequestMessage(HttpMethod.Post, $"{authorizeUrl}/authorization/ecommerce/{merchantId}");
foreach (var h in headers)
{
httpRequest.Headers.TryAddWithoutValidation(h.Key, h.Value);
}
var json = Newtonsoft.Json.JsonConvert.SerializeObject(requestMessage);
httpRequest.Content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await proxy.SendAsync(httpRequest);
if (response.IsSuccessStatusCode)
{
var data = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeResultModel>(await response.Content.ReadAsStringAsync());
var result = new AuthorizeResponseModel
{
Success = false
};
if (data.DataMap.ECI.Equals("07") || data.DataMap.ECI.Equals("05"))
{
var transactionDate = DateTime.ParseExact(data.DataMap.TRANSACTION_DATE.ToString(), "yyMMddHHmmss", CultureInfo.InvariantCulture);
result.Success = true;
result.TransactionId = data.Order.TransactionId;
result.TransationDate = transactionDate;
result.AuthCode = data.Order.AuthorizationCode;
result.Amount = data.Order.Amount;
result.AuthorizedAmount = data.Order.AuthorizedAmount;
result.OrderNumber = data.Order.PurchaseNumber;
result.PlaceHolder = $"{requestMessage.cardHolder.firstName} {requestMessage.cardHolder.lastName}";
result.CardNumber = data.DataMap.CARD;
result.Month = requestMessage.card.expirationMonth;
result.Year = requestMessage.card.expirationYear;
result.CardType = data.DataMap.BRAND;
}
else
{
result.Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = data.DataMap.ECI, Message = data.DataMap.ECI_DESCRIPTION
}
};
}
return(result);
}
if (response.StatusCode == System.Net.HttpStatusCode.BadGateway)
{
return(new AuthorizeResponseModel
{
Success = false,
Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = "-1", Message = "BadGateway"
}
}
});
}
var jsonError = await response.Content.ReadAsStringAsync();
var errorData = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizeFailedResultModel>(jsonError);
return(new AuthorizeResponseModel
{
Success = false,
Errors = new List <TransactionErrorResponseModel> {
new TransactionErrorResponseModel {
Code = errorData.ErrorCode, Message = $"Code: ({errorData.Data.ACTION_CODE}) {errorData.Data.ACTION_DESCRIPTION}. {errorData.ErrorMessage}"
}
}
});
}
}
public ActionResult LogOn(AuthorizeRequestModel model)
{
CheckReturnUrl(model);
var directurl = AutoLogOn(model);
if (!string.IsNullOrEmpty(directurl))
{
return Redirect(directurl);
}
if (IsMobileBrowser())
return RedirectToAction("MLogOn", model);
return View();
}
