public async Task <List <Claim> > GetDeviceInfo(string token)
{
Dictionary <string, object> deviceInfo;
try
{
deviceInfo = await openAmIntegration.ValidateDevice(token);
}
catch (Exception)
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.SystemUnavailable, null);
}
var camsClaims = ClaimsManager.ParseClaims(deviceInfo);
var codedClaims = new List <Claim>()
.TryAddClaim(ClaimsNames.Language, "en-us") // set language to en-us...it is not provided
.TryAddClaim(ClaimsNames.Roles, MgiAwRole.Dt4Device) // set role to Dt4Device
.TryAddClaim(ClaimsNames.DSL, DeviceSecurityLevel.Fifty); // set DSL to fifty
var claims = camsClaims.Concat(codedClaims).ToList();
var missingClaims = ClaimsInventoryHelper.CheckCamsDeviceClaims(claims);
if (missingClaims.Any())
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidUserProfile, missingClaims);
}
return(claims);
}
public string GetAgentPassword(string token, string agentId, string posNumber)
{
var agentPasswordCacheKey = string.Format(AuthCacheKeys.PARTNERSERVICECLAIMS, token);
var partnerServiceCached = cacheManager.Contains <CachedObjectResponseContainer <string> >(agentPasswordCacheKey,
CacheRegion.Global);
if (partnerServiceCached.Exists)
{
// no password is cached
if (string.IsNullOrEmpty(partnerServiceCached.CachedObj.DataObject))
{
// We have incomplete data. Invalidate cache
partnerServiceCached.Exists = false;
cacheManager.Remove(agentPasswordCacheKey, CacheRegion.Global);
}
else
{
// Cache exists and there are no missing claims, use cached claims
return(partnerServiceCached.CachedObj.DataObject);
}
}
var agentPassword = "";
try
{
agentPassword = GetAgentPassword(agentId, posNumber);
}
catch (Exception ex)
{
if (ex is CommunicationException)
{
// Unreachable.
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.PartnerService,
LocalizationKeys.SystemUnavailable, null);
}
// Reachable but has a problem.
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.PartnerService,
LocalizationKeys.InvalidAgentProfile, null);
}
if (string.IsNullOrEmpty(agentPassword))
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.PartnerService,
LocalizationKeys.InvalidAgentProfile, new List <string> {
"agentPassword"
});
}
var partnerServiceClaimsCacheContainer = CacheAheadHelper.PopulateCacheMetadata <string>(agentPassword, CachePolicies.FourHours);
cacheManager.Save(agentPasswordCacheKey, partnerServiceClaimsCacheContainer, CacheRegion.Global,
CachePolicies.FourHours);
return(agentPassword);
}
public List <Claim> GetAgentProfileClaims(string agentId, string posNumber, string password, string language, string sessionId)
{
var agentProfileKey = string.Format(AuthCacheKeys.AGENTPROFILECLAIMS, sessionId);
var agentProfileCachedClaims = cacheManager.Contains <CachedObjectResponseContainer <List <Tuple <string, string> > > >(agentProfileKey, CacheRegion.Global);
if (agentProfileCachedClaims.Exists)
{
var missingClaimsInCache = ClaimsInventoryHelper.CheckAgentProfileClaims(agentProfileCachedClaims.CachedObj.DataObject.ToClaims());
if (missingClaimsInCache.Any())
{
agentProfileCachedClaims.Exists = false;
var agentProfileKeyFormatted = string.Format(AuthCacheKeys.AGENTPROFILEKEY, agentId, posNumber);
cacheManager.Remove(agentProfileKey, CacheRegion.Global);
cacheManager.Remove(agentProfileKeyFormatted, CacheRegion.Global);
}
else
{
// Cache exists and there are no missing claims, use cached claims
return(agentProfileCachedClaims.CachedObj.DataObject.ToClaims());
}
}
try
{
var agentProfile = GetAgentProfile(agentId, posNumber, password, language);
var agentProfileClaims = ParseClaimsFromAgentProfile(agentProfile);
var missingClaims = ClaimsInventoryHelper.CheckAgentProfileClaims(agentProfileClaims);
if (missingClaims.Any())
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidAgentProfile, missingClaims);
}
var agentProfileClaimsCacheContainer = CacheAheadHelper.PopulateCacheMetadata <List <Tuple <string, string> > >(agentProfileClaims.ToTupleList(), CachePolicies.FourHours);
cacheManager.Save(agentProfileKey, agentProfileClaimsCacheContainer, CacheRegion.Global, CachePolicies.FourHours);
return(agentProfileClaims);
}
catch (Exception ex)
{
if (ex is CommunicationException)
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.SystemUnavailable, null);
}
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidAgentProfile, null);
}
}
public async Task <List <Claim> > GetUserInfo(string token)
{
var camsClaimsKey = string.Format(AuthCacheKeys.CAMSCLAIMS, token);
var cachedCamsClaims = cacheManager.Contains <CachedObjectResponseContainer <List <Tuple <string, string> > > >(camsClaimsKey,
CacheRegion.Global);
// Check if claims are missing first
if (cachedCamsClaims.Exists)
{
var missingClaimsInCache = ClaimsInventoryHelper.CheckCamsClaims(cachedCamsClaims.CachedObj.DataObject.ToClaims());
if (missingClaimsInCache.Any())
{
// We have incomplete data. Invalidate cache
cachedCamsClaims.Exists = false;
cacheManager.Remove(camsClaimsKey, CacheRegion.Global);
}
else
{
return(cachedCamsClaims.CachedObj.DataObject.ToClaims());
}
}
Dictionary <string, object> userInfo = null;
try
{
userInfo = await openAmIntegration.GetUserInfo(token);
}
catch (Exception)
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.SystemUnavailable, null);
}
var camsClaims = ClaimsManager.ParseClaims(userInfo);
var missingClaims = ClaimsInventoryHelper.CheckCamsClaims(camsClaims);
if (missingClaims.Any())
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidUserProfile, missingClaims);
}
var camsClaimsCacheContainer = CacheAheadHelper.PopulateCacheMetadata <List <Tuple <string, string> > >(camsClaims.ToTupleList(), CachePolicies.FourHours);
cacheManager.Save(camsClaimsKey, camsClaimsCacheContainer, CacheRegion.Global,
CachePolicies.FourHours);
return(camsClaims);
}
public static void SetUnauthorizedResponse()
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm, "User is not authorized to access this resource.", null, HttpStatusCode.Unauthorized);
}
public static void SetNonTransactionalDeviceInUse()
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.NonTransactionalDevice, LocalizationKeys.NonTransactionalDeviceInUse, null, HttpStatusCode.Forbidden);
}
public static void SetForbiddenResponse()
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm, LocalizationKeys.Unauthorized, null, HttpStatusCode.Forbidden);
}
public static void SetNotInRoleResponse()
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm, LocalizationKeys.UserNotInRole, null, HttpStatusCode.Forbidden);
}
public static void SetUnauthenticatedResponse()
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm, LocalizationKeys.UserUnauthenticated, null, HttpStatusCode.Unauthorized);
}
