public LoginResult GetAccessToken(bool sisi, out Token accessToken) { Token checkToken = sisi ? SisiToken : TranquilityToken; if (checkToken != null && !checkToken.IsExpired) { accessToken = checkToken; return(LoginResult.Success); } // need SecurePassword. if (SecurePassword == null || SecurePassword.Length == 0) { DecryptPassword(true); if (SecurePassword == null || SecurePassword.Length == 0) { Windows.EVELogin el = new Windows.EVELogin(this, true); bool? dialogResult = el.ShowDialog(); if (SecurePassword == null || SecurePassword.Length == 0) { // password is required, sorry dude accessToken = null; return(LoginResult.InvalidUsernameOrPassword); } App.Settings.Store(); } } var uri = RequestResponse.GetLoginUri(sisi, state.ToString(), challengeHash); string RequestVerificationToken = string.Empty; var result = GetRequestVerificationToken(uri, sisi, out RequestVerificationToken); var req = RequestResponse.CreatePostRequest(uri, sisi, true, "URL", Cookies); using (SecureBytesWrapper body = new SecureBytesWrapper()) { byte[] body1 = Encoding.ASCII.GetBytes(String.Format("__RequestVerificationToken={1}&UserName={0}&Password="******"UserName={0}&Password=", Uri.EscapeDataString(Username))); using (SecureStringWrapper ssw = new SecureStringWrapper(SecurePassword, Encoding.ASCII)) { using (SecureBytesWrapper escapedPassword = new SecureBytesWrapper()) { escapedPassword.Bytes = System.Web.HttpUtility.UrlEncodeToBytes(ssw.ToByteArray()); body.Bytes = new byte[body1.Length + escapedPassword.Bytes.Length]; System.Buffer.BlockCopy(body1, 0, body.Bytes, 0, body1.Length); System.Buffer.BlockCopy(escapedPassword.Bytes, 0, body.Bytes, body1.Length, escapedPassword.Bytes.Length); req.SetBody(body); } } } return(GetAccessToken(sisi, req, out accessToken)); }
public LoginResult GetAuthenticatorChallenge(bool sisi, out Token accessToken) { Windows.AuthenticatorChallengeWindow acw = new Windows.AuthenticatorChallengeWindow(this); acw.ShowDialog(); if (!acw.DialogResult.HasValue || !acw.DialogResult.Value) { SecurePassword = null; accessToken = null; return(LoginResult.InvalidAuthenticatorChallenge); } var uri = RequestResponse.GetAuthenticatorUri(sisi, state.ToString(), challengeHash); var req = RequestResponse.CreatePostRequest(uri, sisi, true, uri.ToString(), Cookies); using (SecureBytesWrapper body = new SecureBytesWrapper()) { body.Bytes = Encoding.ASCII.GetBytes(String.Format("Challenge={0}&RememberTwoFactor={1}&command={2}", Uri.EscapeDataString(acw.AuthenticatorCode), "true", "Continue")); req.ContentLength = body.Bytes.Length; try { using (Stream reqStream = req.GetRequestStream()) { reqStream.Write(body.Bytes, 0, body.Bytes.Length); } } catch (System.Net.WebException e) { switch (e.Status) { case WebExceptionStatus.Timeout: { accessToken = null; return(LoginResult.Timeout); } default: throw; } } } LoginResult result = GetAccessToken(sisi, req, out accessToken); if (result == LoginResult.Success) { // successful authenticator challenge, make sure we save the cookies. App.Settings.Store(); } return(result); }
/// <summary> /// Decrypts the currently EncryptedCharacterName if possible, populating SecureCharacterName (which can then be used to log in...) /// </summary> public void DecryptCharacterName(bool allowPopup) { if (string.IsNullOrEmpty(EncryptedCharacterName) || string.IsNullOrEmpty(EncryptedCharacterNameIV)) { // no CharacterName stored to decrypt. return; } // CharacterName is indeed encrypted if (!App.Settings.HasPasswordMasterKey) { // Master CharacterName not yet entered if (!allowPopup) { // can't ask for it right now return; } // ok, ask for it if (!App.Settings.RequestMasterPassword()) { // not entered. can't decrypt. return; } } using (RijndaelManaged rjm = new RijndaelManaged()) { rjm.IV = Convert.FromBase64String(EncryptedCharacterNameIV); using (SecureBytesWrapper sbwKey = new SecureBytesWrapper(App.Settings.PasswordMasterKey, true)) { rjm.Key = sbwKey.Bytes; using (ICryptoTransform decryptor = rjm.CreateDecryptor()) { byte[] pass = Convert.FromBase64String(EncryptedCharacterName); using (SecureBytesWrapper sbw = new SecureBytesWrapper()) { sbw.Bytes = decryptor.TransformFinalBlock(pass, 0, pass.Length); SecureCharacterName = new System.Security.SecureString(); foreach (char c in Encoding.Unicode.GetChars(sbw.Bytes)) { SecureCharacterName.AppendChar(c); } SecureCharacterName.MakeReadOnly(); } } } } }
public static void SetBody(this HttpWebRequest webRequest, SecureBytesWrapper body) { webRequest.ContentLength = body.Bytes.Length; try { using (Stream reqStream = webRequest.GetRequestStream()) { reqStream.Write(body.Bytes, 0, body.Bytes.Length); } } catch (Exception e) { } }
/// <summary> /// Sets the encrypted CharacterName to the given SecureString, if possible /// </summary> /// <param name="CharacterName"></param> void SetEncryptedCharacterName(System.Security.SecureString CharacterName) { if (!App.Settings.UseMasterKey || CharacterName == null) { ClearEncryptedCharacterName(); return; } if (!App.Settings.RequestMasterPassword()) { System.Windows.MessageBox.Show("Your configured Master Password is required in order to save EVE Account Character Names and passwords. It can be reset or disabled by un-checking 'Save passwords (securely)', and then all currently saved EVE Account Character Names will be lost."); return; } using (RijndaelManaged rjm = new RijndaelManaged()) { if (string.IsNullOrEmpty(EncryptedCharacterNameIV)) { rjm.GenerateIV(); EncryptedCharacterNameIV = Convert.ToBase64String(rjm.IV); } else { rjm.IV = Convert.FromBase64String(EncryptedCharacterNameIV); } using (SecureBytesWrapper sbwKey = new SecureBytesWrapper(App.Settings.PasswordMasterKey, true)) { rjm.Key = sbwKey.Bytes; using (ICryptoTransform encryptor = rjm.CreateEncryptor()) { using (SecureStringWrapper ssw2 = new SecureStringWrapper(CharacterName, Encoding.Unicode)) { byte[] inblock = ssw2.ToByteArray(); byte[] encrypted = encryptor.TransformFinalBlock(inblock, 0, inblock.Length); EncryptedCharacterName = Convert.ToBase64String(encrypted); } } } } }
public LoginResult GetCharacterChallenge(bool sisi, out Token accessToken) { // need SecureCharacterName. if (SecureCharacterName == null || SecureCharacterName.Length == 0) { DecryptCharacterName(true); if (SecureCharacterName == null || SecureCharacterName.Length == 0) { Windows.CharacterChallengeWindow ccw = new Windows.CharacterChallengeWindow(this); bool?result = ccw.ShowDialog(); if (string.IsNullOrWhiteSpace(ccw.CharacterName)) { // CharacterName is required, sorry dude accessToken = null; // SecurePassword = null; SecureCharacterName = null; return(LoginResult.InvalidCharacterChallenge); } SecureCharacterName = new System.Security.SecureString(); foreach (char c in ccw.CharacterName) { SecureCharacterName.AppendChar(c); } SecureCharacterName.MakeReadOnly(); EncryptCharacterName(); App.Settings.Store(); } } var uri = RequestResponse.GetCharacterChallengeUri(sisi, state.ToString(), challengeHash); var req = RequestResponse.CreatePostRequest(uri, sisi, true, uri.ToString(), Cookies); using (SecureBytesWrapper body = new SecureBytesWrapper()) { byte[] body1 = Encoding.ASCII.GetBytes(String.Format("RememberCharacterChallenge={0}&Challenge=", "true")); using (SecureStringWrapper ssw = new SecureStringWrapper(SecureCharacterName, Encoding.ASCII)) { using (SecureBytesWrapper escapedCharacterName = new SecureBytesWrapper()) { escapedCharacterName.Bytes = System.Web.HttpUtility.UrlEncodeToBytes(ssw.ToByteArray()); body.Bytes = new byte[body1.Length + escapedCharacterName.Bytes.Length]; System.Buffer.BlockCopy(body1, 0, body.Bytes, 0, body1.Length); System.Buffer.BlockCopy(escapedCharacterName.Bytes, 0, body.Bytes, body1.Length, escapedCharacterName.Bytes.Length); } } req.ContentLength = body.Bytes.Length; try { using (Stream reqStream = req.GetRequestStream()) { reqStream.Write(body.Bytes, 0, body.Bytes.Length); } } catch (System.Net.WebException e) { switch (e.Status) { case WebExceptionStatus.Timeout: { accessToken = null; return(LoginResult.Timeout); } default: throw; } } } return(GetAccessToken(sisi, req, out accessToken)); }
public LoginResult GetEULAChallenge(bool sisi, string responseBody, Uri referer, out Token accessToken) { Windows.EVEEULAWindow eulaWindow = new Windows.EVEEULAWindow(responseBody); eulaWindow.ShowDialog(); if (!eulaWindow.DialogResult.HasValue || !eulaWindow.DialogResult.Value) { SecurePassword = null; accessToken = null; return(LoginResult.EULADeclined); } //string uri = "https://login.eveonline.com/OAuth/Eula"; //if (sisi) //{ // uri = "https://sisilogin.testeveonline.com/OAuth/Eula"; //} var uri = RequestResponse.GetEulaUri(sisi, state.ToString(), challengeHash); HttpWebRequest req = RequestResponse.CreatePostRequest(uri, sisi, true, referer.ToString(), Cookies); using (SecureBytesWrapper body = new SecureBytesWrapper()) { string eulaHash = RequestResponse.GetEulaHashFromBody(responseBody); string returnUrl = RequestResponse.GetEulaReturnUrlFromBody(responseBody); string formattedString = String.Format("eulaHash={0}&returnUrl={1}&action={2}", Uri.EscapeDataString(eulaHash), Uri.EscapeDataString(returnUrl), "Accept"); body.Bytes = Encoding.ASCII.GetBytes(formattedString); req.ContentLength = body.Bytes.Length; try { using (Stream reqStream = req.GetRequestStream()) { reqStream.Write(body.Bytes, 0, body.Bytes.Length); } } catch (System.Net.WebException e) { switch (e.Status) { case WebExceptionStatus.Timeout: { accessToken = null; return(LoginResult.Timeout); } default: throw; } } } LoginResult result; try { result = GetAccessToken(sisi, req, out accessToken); } catch (System.Net.WebException) { result = GetAccessToken(sisi, out accessToken); } result = GetAccessToken(sisi, req, out accessToken); if (result == LoginResult.Success) { // successful verification code challenge, make sure we save the cookies. App.Settings.Store(); } return(result); }
public LoginResult GetRefreshToken(bool sisi, out string refreshToken) { string checkToken = sisi ? SisiRefreshToken : TranquilityRefreshToken; if (!string.IsNullOrEmpty(checkToken)) { refreshToken = checkToken; return(LoginResult.Success); } // need PlaintextPassword. if (SecurePassword == null || SecurePassword.Length == 0) { Windows.EVELogin el = new Windows.EVELogin(this, false); bool? result = el.ShowDialog(); if (SecurePassword == null || SecurePassword.Length == 0) { // password is required, sorry dude refreshToken = null; return(LoginResult.InvalidUsernameOrPassword); } } string uri = "https://login.eveonline.com/Account/LogOn?ReturnUrl=%2Foauth%2Fauthorize%2F%3Fclient_id%3DeveLauncherTQ%26lang%3Den%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Flogin.eveonline.com%2Flauncher%3Fclient_id%3DeveLauncherTQ%26scope%3DeveClientToken%2520user"; if (sisi) { uri = "https://sisilogin.testeveonline.com/Account/LogOn?ReturnUrl=%2Foauth%2Fauthorize%2F%3Fclient_id%3DeveLauncherTQ%26lang%3Den%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fsisilogin.testeveonline.com%2Flauncher%3Fclient_id%3DeveLauncherTQ%26scope%3DeveClientToken%2520user"; } HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(uri); req.Timeout = 5000; req.AllowAutoRedirect = true; if (!sisi) { req.Headers.Add("Origin", "https://login.eveonline.com"); } else { req.Headers.Add("Origin", "https://sisilogin.testeveonline.com"); } req.Referer = uri; req.CookieContainer = Cookies; req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; using (SecureBytesWrapper body = new SecureBytesWrapper()) { byte[] body1 = Encoding.ASCII.GetBytes(String.Format("UserName={0}&Password="******"Invalid username / password")) { refreshToken = null; return(LoginResult.InvalidUsernameOrPassword); } /* * <span id="ValidationContainer"><div class="validation-summary-errors"><span>Login failed. Possible reasons can be:</span> * <ul><li>Invalid username / password</li> * </ul></div></span> */ // https://login.eveonline.com/launcher?client_id=eveLauncherTQ#access_token=l4nGki1CTUI7pCQZoIdnARcCLqL6ZGJM1X1tPf1bGKSJxEwP8lk_shS19w3sjLzyCbecYAn05y-Vbs-Jm1d1cw2&token_type=Bearer&expires_in=43200 //accessToken = new Token(resp.ResponseUri); refreshCode = HttpUtility.ParseQueryString(resp.ResponseUri.Query).Get("code"); // String expires_in = HttpUtility.ParseQueryString(fromUri.Fragment).Get("expires_in"); } GetTokensFromCode(sisi, refreshCode); throw new NotImplementedException(); if (!sisi) { TranquilityRefreshToken = refreshToken; } else { SisiRefreshToken = refreshToken; } return(LoginResult.Success); }