public static KeyValidationResultLite ToLite(this KeyValidationResult val)
{
var result = new KeyValidationResultLite()
{
KeyId = val.KeyId,
IsValid = val.IsValid,
InnerValidationResult = val.InnerValidationResult
};
return(result);
}
public async Task <KeyValidationResult> IsValid(string pubKey, string secret)
{
var result = new KeyValidationResult();
if (string.IsNullOrWhiteSpace(pubKey) || string.IsNullOrWhiteSpace(secret))
{
result.IsValid = false;
result.Message = _localizer["Client key or secret cannot be blank"];
}
else
{
if (_keySecretCache.IsValidOnCache(pubKey, secret, out var keyId))
{
var log = _localizer["Login successful based on Cache for: "] + pubKey;
_logger.LogInformation(LogEvents.LoginSuccess, log);
result.KeyId = keyId;
result.IsValid = true;
}
else
{
var key = await _keyManager.GetByPublicKey(pubKey);
if (key == null || key.IsDisabled ||
!(key.GetSecret1() == secret ||
key.GetSecret2() == secret ||
key.GetSecret3() == secret))
{
result.IsValid = false;
result.Message = _localizer["Key and/or secret is not valid"];
}
else
{
var log = _localizer["Login successful for: "] + pubKey;
_logger.LogInformation(LogEvents.LoginSuccess, log);
result.KeyId = key.Id;
result.IsValid = true;
// Store in cache
await _keySecretCache.StoreValidationResultCache(pubKey, key.Id, secret);
}
}
}
return(result);
}
public async Task <KeyValidationResult> IsClientApiKeyValidAsync(string apiKey, string apiSecret,
string serviceName, string apiName, string httpAction)
{
var validationResult = new KeyValidationResult();
try
{
var url = _settings.AuthApiEndPoint;
if (!url.EndsWith("/", StringComparison.Ordinal))
{
url += "/";
}
url += $"{serviceName}?api={apiName}&httpMethod={httpAction}";
var request = new HttpRequestMessage(HttpMethod.Get, url);
request.Headers.Add(ApiHttpHeaders.ApiKey, apiKey);
request.Headers.Add(ApiHttpHeaders.ApiSecret, apiSecret);
var client = _clientFactory.CreateClient();
var response = await client.SendAsync(request);
var content = await response.Content.ReadAsStringAsync();
validationResult = JsonConvert.DeserializeObject <KeyValidationResult>(content);
if (response.StatusCode != HttpStatusCode.OK)
{
validationResult.IsValid = false;
validationResult.Message += Environment.NewLine + " Unexpected status code: " +
response.StatusCode;
}
}
catch (Exception ex)
{
validationResult.IsValid = false;
validationResult.Message = ex.Message;
}
return(validationResult);
}
public async Task <KeyValidationResult> IsValid(KeyChallenge keyChallenge, string httpMethod, string serviceName, string apiNameOrUrl)
{
// Validate client key
var clientKeyResult = await IsKeyValid(keyChallenge);
var publicKey = keyChallenge.Properties[ApiKeyPropertyNames.PublicKey];
if (!clientKeyResult.IsValid)
{
// Client key validation failed
return(new KeyValidationResult
{
InnerValidationResult = clientKeyResult,
IsValid = false,
Message = _localizer["Client key validation failed"]
});
}
// Key validation passed. Now check if client has the right permission to access the api/url
var result = new KeyValidationResult();
ServiceModel service = null;
if (serviceName.ToLower() == AppConstants.SysApiServiceName.ToLower())
{
// Its a core service (eg. manage key, service, role, etc. All active clients can use this service)
service = await _serviceManager.GetSysService();
}
else
{
service = await _serviceManager.GetByName(publicKey, serviceName);
}
if (service == null)
{
result.Message = _localizer["Service not found. Service name or api key is invalid."];
result.IsValid = false;
return(result);
}
ApiModel api;
if (serviceName.ToLower() == AppConstants.SysApiServiceName.ToLower())
{
// System API
api = await _apiManager.GetByApiName(service.Id, httpMethod, apiNameOrUrl);
}
else
{
// User API
api = await _apiManager.GetByApiName(publicKey, service.Id, httpMethod, apiNameOrUrl);
}
if (api == null && !string.IsNullOrEmpty(apiNameOrUrl))
{
api = await _apiManager.GetByApiUrl(publicKey, service.Id, httpMethod, apiNameOrUrl);
}
if (api == null)
{
api = await _apiManager.GetByApiName(publicKey, service.Id, httpMethod, string.Empty);
}
if (api == null)
{
result.Message = _localizer["Api not found"];
result.IsValid = false;
return(result);
}
var clientKeyWithRoles = await _keyManager.GetByPublicKey(publicKey);
foreach (var role in api.Roles)
{
result.IsValid = clientKeyWithRoles.Roles.SingleOrDefault(x => x.Id == role.Id && !role.IsDisabled) != null;
if (result.IsValid)
{
break;
}
}
if (result.IsValid == false)
{
result.Message = _localizer["Access denied."];
}
result.ApiId = api.Id;
result.KeyId = clientKeyResult.KeyId;
result.ServiceId = api.ServiceId;
return(result);
}
