public IActionResult Authentication(MultiFactorAuthenticationRequest multiFactorAuthenticationRequest)
{
var account = multiFactorAuthenticationRequest.Account;
Guid authId = multiFactorAuthenticationRequest.AuthId;
var factorCombination = _authenticationRepository.GetFactorCombination(account, authId);
if (factorCombination == null)
{
var simDevice = _authenticationRepository.GetSimDevice(authId);
if (simDevice == null)
{
return(Unauthorized(NotMatchAuthId));
}
_radiusRepository.UpdateRadreply(simDevice, null, false);
CreateMultiFactorAuthenticationLogFail(simDevice);
return(Unauthorized(NotMatchMultiFactor));
}
_radiusRepository.UpdateRadreply(factorCombination.SimDevice, factorCombination, true);
CreateMultiFactorAuthenticationLogSuccess(factorCombination);
// factorCombination によって 認証状態を検索する すでに登録したら MultiFactorAuthenticationStateDone を更新します
CreateMultiFactorAuthenticationStateDone(factorCombination);
var multiFactorAuthenticationResponse = CreateMultiFactorAuthenticationResponse(factorCombination);
return(Ok(multiFactorAuthenticationResponse));
}
public IActionResult Authentication(SimDeviceAuthenticationRequest simDeviceAuthenticationRequest)
{
var simMsisdn = simDeviceAuthenticationRequest.SimMsisdn;
var simImsi = simDeviceAuthenticationRequest.SimImsi;
var simIccId = simDeviceAuthenticationRequest.SimIccId;
var deviceImei = simDeviceAuthenticationRequest.DeviceImei;
var simDevice = _authenticationRepository.GetSimDevice(simMsisdn, simImsi, simIccId, deviceImei);
if (simDevice == null)
{
Sim sim = _authenticationRepository.GetSim(simMsisdn, simImsi, simIccId);
CreateSimDeviceAuthenticationFail(sim);
_radiusDbRepository.UpdateRadreply(sim, false);
return(Unauthorized(NotMatchSimDevice));
}
// 認証成功のSimDeviceによって それに対応する LoginできるUser を検索します
var canLogonUsers = _authenticationRepository.GetLoginUsers(simDevice);
_radiusDbRepository.UpdateRadreply(simDevice.Sim, true);
CreateSimDeviceAuthenticationSuccess(simDevice);
// SimDeviceによって 認証状態を検索する すでに登録したら SimDeviceAuthenticationStateDone を更新します
var simDeviceAuthenticationStateDone = CreateSimDeviceAuthenticationStateDone(simDevice);
var simDeviceAuthenticationResponse =
CreateSimDeviceAuthenticationResponse(simDeviceAuthenticationStateDone, simDevice, canLogonUsers);
return(Ok(simDeviceAuthenticationResponse));
}
public IActionResult Authentication(SimDeviceAuthenticationRequest simDeviceAuthenticationRequest)
{
var simMsisdn = simDeviceAuthenticationRequest.SimMsisdn;
var simImsi = simDeviceAuthenticationRequest.SimImsi;
var simIccId = simDeviceAuthenticationRequest.SimIccId;
var certBase64String = simDeviceAuthenticationRequest.ClientCertificationBase64;
var subjectCn = CertificateUtil.GetSubjectCommonNameByCertificationBase64(certBase64String);
if (subjectCn == null)
{
var validationProblemDetails = ProblemDetailsFactory.CreateValidationProblemDetails(HttpContext, ModelState);
validationProblemDetails.Errors.Add(new KeyValuePair <string, string[]>("ClientCertificationBase64", new[] { "certification_invalid" }));
return(BadRequest(validationProblemDetails));
}
var simDevice = _authenticationRepository.GetSimDevice(simMsisdn, simImsi, simIccId, subjectCn);
if (simDevice == null)
{
Sim sim = _authenticationRepository.GetSim(simMsisdn, simImsi, simIccId);
if (sim == null)
{
_logger.LogWarning($"Not Found SIM:{simMsisdn}");
}
else
{
CreateSimAndDeviceAuthenticationFailureLog(sim);
_radiusDbRepository.UpdateRadreply(sim.UserName + "@" + sim.SimGroup.UserNameSuffix);
}
return(Unauthorized(NotMatchSimDevice));
}
// 認証成功のSimDeviceによって それに対応する LoginできるUser を検索します
var canLogonUsers = _authenticationRepository.GetLoginUsers(subjectCn);
_radiusDbRepository.UpdateRadreply(simDevice.Sim.UserName + "@" + simDevice.Sim.SimGroup.UserNameSuffix, simDevice.IsolatedNw2Ip);
CreateSimAndDeviceAuthenticationSuccessLog(simDevice);
// SimDeviceによって 認証状態を検索する すでに登録したら SimAndDeviceAuthenticated を更新します
var simDeviceAuthenticationStateDone = CreateSimAndDeviceAuthenticated(simDevice);
var simDeviceAuthenticationResponse =
CreateSimDeviceAuthenticationResponse(simDeviceAuthenticationStateDone, simDevice, canLogonUsers);
return(Ok(simDeviceAuthenticationResponse));
}
public void Main(
[Option("organization_code", "organization code")]
int organizationCode
)
{
_logger.LogInformation($"{GetType().FullName} Start");
try
{
var expiredSimAndDeviceAuthenticatedList = _authenticationRepository.GetExpiredSimAndDeviceAuthenticatedList(organizationCode);
foreach (var simAndDeviceAuthenticated in expiredSimAndDeviceAuthenticatedList)
{
var multiFactorAuthenticatedList = _authenticationRepository.GetExpiredMultiFactorAuthenticatedListBySimAndDeviceId(simAndDeviceAuthenticated
.SimAndDevice.Id);
if (multiFactorAuthenticatedList != null)
{
foreach (var multiFactorAuthenticated in multiFactorAuthenticatedList)
{
var deauthenticationLog = CreateDeauthenticationLog(multiFactorAuthenticated);
_authenticationRepository.Create(deauthenticationLog);
}
_radiusRepository.UpdateRadreply(simAndDeviceAuthenticated.SimAndDevice.Sim.UserName + "@" + simAndDeviceAuthenticated.SimAndDevice.Sim.SimGroup.UserNameSuffix,
simAndDeviceAuthenticated.SimAndDevice.IsolatedNw2Ip);
foreach (var multiFactorAuthenticated in multiFactorAuthenticatedList)
{
_authenticationRepository.DeleteAuthenticationState(multiFactorAuthenticated);
}
}
_authenticationRepository.DeleteAuthenticationState(simAndDeviceAuthenticated);
}
_logger.LogInformation($"{GetType().FullName} Success");
}
catch (Exception e)
{
_logger.LogError(e.Message, e);
_logger.LogInformation($"{GetType().FullName} Error");
}
}
