public IActionResult Authentication(MultiFactorAuthenticationRequest multiFactorAuthenticationRequest) { var account = multiFactorAuthenticationRequest.Account; Guid authId = multiFactorAuthenticationRequest.AuthId; var factorCombination = _authenticationRepository.GetFactorCombination(account, authId); if (factorCombination == null) { var simDevice = _authenticationRepository.GetSimDevice(authId); if (simDevice == null) { return(Unauthorized(NotMatchAuthId)); } _radiusRepository.UpdateRadreply(simDevice, null, false); CreateMultiFactorAuthenticationLogFail(simDevice); return(Unauthorized(NotMatchMultiFactor)); } _radiusRepository.UpdateRadreply(factorCombination.SimDevice, factorCombination, true); CreateMultiFactorAuthenticationLogSuccess(factorCombination); // factorCombination によって 認証状態を検索する すでに登録したら MultiFactorAuthenticationStateDone を更新します CreateMultiFactorAuthenticationStateDone(factorCombination); var multiFactorAuthenticationResponse = CreateMultiFactorAuthenticationResponse(factorCombination); return(Ok(multiFactorAuthenticationResponse)); }
public IActionResult Authentication(SimDeviceAuthenticationRequest simDeviceAuthenticationRequest) { var simMsisdn = simDeviceAuthenticationRequest.SimMsisdn; var simImsi = simDeviceAuthenticationRequest.SimImsi; var simIccId = simDeviceAuthenticationRequest.SimIccId; var deviceImei = simDeviceAuthenticationRequest.DeviceImei; var simDevice = _authenticationRepository.GetSimDevice(simMsisdn, simImsi, simIccId, deviceImei); if (simDevice == null) { Sim sim = _authenticationRepository.GetSim(simMsisdn, simImsi, simIccId); CreateSimDeviceAuthenticationFail(sim); _radiusDbRepository.UpdateRadreply(sim, false); return(Unauthorized(NotMatchSimDevice)); } // 認証成功のSimDeviceによって それに対応する LoginできるUser を検索します var canLogonUsers = _authenticationRepository.GetLoginUsers(simDevice); _radiusDbRepository.UpdateRadreply(simDevice.Sim, true); CreateSimDeviceAuthenticationSuccess(simDevice); // SimDeviceによって 認証状態を検索する すでに登録したら SimDeviceAuthenticationStateDone を更新します var simDeviceAuthenticationStateDone = CreateSimDeviceAuthenticationStateDone(simDevice); var simDeviceAuthenticationResponse = CreateSimDeviceAuthenticationResponse(simDeviceAuthenticationStateDone, simDevice, canLogonUsers); return(Ok(simDeviceAuthenticationResponse)); }
public IActionResult Authentication(SimDeviceAuthenticationRequest simDeviceAuthenticationRequest) { var simMsisdn = simDeviceAuthenticationRequest.SimMsisdn; var simImsi = simDeviceAuthenticationRequest.SimImsi; var simIccId = simDeviceAuthenticationRequest.SimIccId; var certBase64String = simDeviceAuthenticationRequest.ClientCertificationBase64; var subjectCn = CertificateUtil.GetSubjectCommonNameByCertificationBase64(certBase64String); if (subjectCn == null) { var validationProblemDetails = ProblemDetailsFactory.CreateValidationProblemDetails(HttpContext, ModelState); validationProblemDetails.Errors.Add(new KeyValuePair <string, string[]>("ClientCertificationBase64", new[] { "certification_invalid" })); return(BadRequest(validationProblemDetails)); } var simDevice = _authenticationRepository.GetSimDevice(simMsisdn, simImsi, simIccId, subjectCn); if (simDevice == null) { Sim sim = _authenticationRepository.GetSim(simMsisdn, simImsi, simIccId); if (sim == null) { _logger.LogWarning($"Not Found SIM:{simMsisdn}"); } else { CreateSimAndDeviceAuthenticationFailureLog(sim); _radiusDbRepository.UpdateRadreply(sim.UserName + "@" + sim.SimGroup.UserNameSuffix); } return(Unauthorized(NotMatchSimDevice)); } // 認証成功のSimDeviceによって それに対応する LoginできるUser を検索します var canLogonUsers = _authenticationRepository.GetLoginUsers(subjectCn); _radiusDbRepository.UpdateRadreply(simDevice.Sim.UserName + "@" + simDevice.Sim.SimGroup.UserNameSuffix, simDevice.IsolatedNw2Ip); CreateSimAndDeviceAuthenticationSuccessLog(simDevice); // SimDeviceによって 認証状態を検索する すでに登録したら SimAndDeviceAuthenticated を更新します var simDeviceAuthenticationStateDone = CreateSimAndDeviceAuthenticated(simDevice); var simDeviceAuthenticationResponse = CreateSimDeviceAuthenticationResponse(simDeviceAuthenticationStateDone, simDevice, canLogonUsers); return(Ok(simDeviceAuthenticationResponse)); }
public void Main( [Option("organization_code", "organization code")] int organizationCode ) { _logger.LogInformation($"{GetType().FullName} Start"); try { var expiredSimAndDeviceAuthenticatedList = _authenticationRepository.GetExpiredSimAndDeviceAuthenticatedList(organizationCode); foreach (var simAndDeviceAuthenticated in expiredSimAndDeviceAuthenticatedList) { var multiFactorAuthenticatedList = _authenticationRepository.GetExpiredMultiFactorAuthenticatedListBySimAndDeviceId(simAndDeviceAuthenticated .SimAndDevice.Id); if (multiFactorAuthenticatedList != null) { foreach (var multiFactorAuthenticated in multiFactorAuthenticatedList) { var deauthenticationLog = CreateDeauthenticationLog(multiFactorAuthenticated); _authenticationRepository.Create(deauthenticationLog); } _radiusRepository.UpdateRadreply(simAndDeviceAuthenticated.SimAndDevice.Sim.UserName + "@" + simAndDeviceAuthenticated.SimAndDevice.Sim.SimGroup.UserNameSuffix, simAndDeviceAuthenticated.SimAndDevice.IsolatedNw2Ip); foreach (var multiFactorAuthenticated in multiFactorAuthenticatedList) { _authenticationRepository.DeleteAuthenticationState(multiFactorAuthenticated); } } _authenticationRepository.DeleteAuthenticationState(simAndDeviceAuthenticated); } _logger.LogInformation($"{GetType().FullName} Success"); } catch (Exception e) { _logger.LogError(e.Message, e); _logger.LogInformation($"{GetType().FullName} Error"); } }