public async Task <CreateMessangerSessionResponse> MakeSessionAsync(CreateMessangerSessionRequest model, string userId, string sessionId) { var strongKey = await strongKeyProvider.GetModelBySearchPredicate(x => x.UserId == userId); string decryptedPublicKey = await aesCypher.DecryptString(strongKey.CypherId, model.PublicKey); var serverKeys = rsaCypher.GenerateKeys(); var serverSession = new Session() { ClientPublicKey = decryptedPublicKey, ServerPrivateKey = serverKeys.privateKey, ServerPublicKey = serverKeys.publicKey, SessionId = sessionId, UserId = userId }; await sessionProvider.CreateOrUpdateAsync(serverSession); string cryptedPublicKey = await aesCypher.Crypt(strongKey.CypherId, serverKeys.publicKey); string cryptedSessionId = await aesCypher.Crypt(strongKey.CypherId, serverSession.SessionId); return(new CreateMessangerSessionResponse() { ServerPublicKey = cryptedPublicKey, SessionId = cryptedSessionId }); }
public async Task <IActionResult> CreateSessionAsync([FromBody] CreateMessangerSessionRequest model) { var user = await GetUserAsync(); var resutl = await sessionService.MakeSessionAsync(model, user.Id, TokenId); return(Ok(resutl)); }
public async Task MakeSessionAsync(string acessToken, string refreshToken = null) { var rsa = new RsaService(); var aes = new AesCrypt(); var rsaPair = rsa.GenerateKeys(); var strongKeyRequest = new { publicKey = rsaPair.publicKey }; var authRequest = new AuthRequest(acessToken); string strongKeyJsonRequest = JsonConvert.SerializeObject(strongKeyRequest); var strongKeyRequestMessage = authRequest.BuildRequestMessage(ConfigurationManager.AppSettings.Get("devUrl") + Urls.GetStrongKeyUrl, HttpMethod.Post, strongKeyJsonRequest); var strongKeyResponseMessage = await authRequest.httpClient.SendAsync(strongKeyRequestMessage); if (strongKeyResponseMessage.StatusCode == HttpStatusCode.NotFound) { var firstSessionRequestModel = new CreateMessangerSessionRequest() { PublicKey = rsaPair.publicKey }; string jsonRequest = JsonConvert.SerializeObject(firstSessionRequestModel); var firstSessionResponse = await authRequest.GetStringFromHttpResultAsync(ConfigurationManager.AppSettings.Get("devUrl") + Urls.CreateFirstSessionUrl, HttpMethod.Post, jsonRequest); var response = JsonConvert.DeserializeObject <CreateFirstMessangerSessionResponse>(firstSessionResponse); string decryptedAesKey = rsa.Decrypt(rsaPair.privateKey, response.CryptedAes); byte[] decryptedAesKeyBuffer = decryptedAesKey.FromUrlSafeBase64(); await userProvider.CreateStrongKeyAsync(UserId, decryptedAesKeyBuffer); string newToken = await tokenService.MakeAuthTokenAsync(UserId, true); authRequest = new AuthRequest(newToken); rsaPair = rsa.GenerateKeys(); string cryptedPublicKey = aes.Crypt(decryptedAesKeyBuffer.ToUrlSafeBase64(), rsaPair.publicKey); var sessionRequestModel = new CreateMessangerSessionRequest() { PublicKey = cryptedPublicKey }; jsonRequest = JsonConvert.SerializeObject(sessionRequestModel); var httpRequest = authRequest.BuildRequestMessage(ConfigurationManager.AppSettings.Get("devUrl") + Urls.CreateSessionUrl, HttpMethod.Post, jsonRequest); var sessionResponse = await authRequest.httpClient.SendAsync(httpRequest); sessionResponse.EnsureSuccessStatusCode(); var session = JsonConvert.DeserializeObject <CreateMessangerSessionResponse>(await sessionResponse.Content.ReadAsStringAsync()); string decryptedServerPublicKey = aes.Decrypt(decryptedAesKey, session.ServerPublicKey); string decryptedSessionId = aes.Decrypt(decryptedAesKey, session.SessionId); await userProvider.CreateSessionAsync(new Session() { ClientPrivateKey = rsaPair.privateKey, ServerPublicKey = decryptedServerPublicKey, ClientPublicKey = rsaPair.publicKey, UserId = UserId, SessionId = decryptedSessionId }); } else if (!string.IsNullOrEmpty(refreshToken) && strongKeyResponseMessage.StatusCode == HttpStatusCode.OK) { var strongKeyResponse = JsonConvert.DeserializeObject <GetStrongKeyResponse>( await strongKeyResponseMessage.Content.ReadAsStringAsync() ); var decryptedStrongKey = rsa.Decrypt(rsaPair.privateKey, strongKeyResponse.StrongKey); await userProvider.CreateStrongKeyAsync(UserId, decryptedStrongKey.FromUrlSafeBase64()); rsaPair = rsa.GenerateKeys(); var cryptedPublicKey = aes.Crypt(decryptedStrongKey, rsaPair.publicKey); var sessionRequest = new CreateMessangerSessionRequest() { PublicKey = cryptedPublicKey }; string jsonSessionRequest = JsonConvert.SerializeObject(sessionRequest); var sessionResponse = await authRequest.MakeRequestAsync <CreateMessangerSessionResponse>(ConfigurationManager.AppSettings.Get("devUrl") + Urls.CreateSessionUrl, HttpMethod.Post, jsonSessionRequest); string decryptedPublicKey = aes.Decrypt(decryptedStrongKey, sessionResponse.ServerPublicKey); string decryptedSessionId = aes.Decrypt(decryptedStrongKey, sessionResponse.SessionId); await userProvider.CreateSessionAsync(new Session() { ClientPrivateKey = rsaPair.privateKey, ClientPublicKey = rsaPair.publicKey, ServerPublicKey = decryptedPublicKey, UserId = UserId, SessionId = decryptedSessionId }); } }
public async Task <CreateFirstMessangerSessionResponse> MakeFirstSessionAsync(CreateMessangerSessionRequest model, string userId, string sessionId) { var savedSessions = await sessionProvider.GetModelBySearchPredicate(x => x.SessionId == sessionId && x.UserId == userId); if (savedSessions != null) { throw new ApiError(new ServerException("This session is alredy exist")); } var serverKeys = rsaCypher.GenerateKeys(); var user = await userManager.Users.FirstOrDefaultAsync(x => x.Id == userId); var serverSession = new Session() { ClientPublicKey = model.PublicKey, ServerPrivateKey = serverKeys.privateKey, ServerPublicKey = serverKeys.publicKey, SessionId = sessionId, UserId = userId }; var savedStrongKey = await strongKeyProvider.GetModelBySearchPredicate(x => x.UserId == userId); if (savedStrongKey != null) { var savedCypher = await cypherProvider.GetModelBySearchPredicate(x => x.Id == savedStrongKey.CypherId); await sessionProvider.CreateOrUpdateAsync(serverSession); return(new CreateFirstMessangerSessionResponse() { ServerPublicKey = serverKeys.publicKey, CryptedAes = rsaCypher.Crypt(model.PublicKey, savedCypher.Secret.ToUrlSafeBase64()) }); } else { await using (var transaction = await transactionProvider.BeginTransactionAsync()) { try { await sessionProvider.CreateOrUpdateAsync(serverSession); var savedRole = await roleManager.Roles.FirstOrDefaultAsync(x => x.Name == "ProtocoledUsers"); await userManager.AddToRoleAsync(user, savedRole.Name); byte[] strongKey = CryptoRandomizer.GenerateSecurityKey(16); var cypher = await cypherProvider.CreateOrUpdateAsync(new Cypher() { Secret = strongKey }); var key = await strongKeyProvider.CreateOrUpdateAsync(new StrongKey() { CypherId = cypher.Id, UserId = user.Id }); string strongKeyToCrypt = strongKey.ToUrlSafeBase64(); string cryptedAesKey = rsaCypher.Crypt(model.PublicKey, strongKeyToCrypt); await transaction.CommitAsync(); return(new CreateFirstMessangerSessionResponse() { ServerPublicKey = serverKeys.publicKey, CryptedAes = cryptedAesKey }); } catch (Exception ex) { await transaction.RollbackAsync(); throw new ApiError(new ServerException(ex.Message)); } } } }