/// <summary>
/// Retrieves the hash and salt stored in the database for a given email
/// </summary>
/// <param name="email"></param>
/// <returns>Tuple of (hash, salt)</returns>
public static async Task <(string, string)> GetDBHashAndSalt(string email)
{
string hash = string.Empty;
string salt = string.Empty;
using (SqlConnection conn = new SqlConnection(await AzureKeyVaultService.GetKeyFromVault()))
{
await conn.OpenAsync();
using (SqlCommand cmd = new SqlCommand("SELECT userPass, userSalt from UserAccounts WHERE emailAddress = @email", conn))
{
cmd.Parameters.AddWithValue("email", email);
using (SqlDataReader reader = await cmd.ExecuteReaderAsync())
{
while (await reader.ReadAsync())
{
hash = reader.GetString(0);
salt = reader.GetString(1);
}
}
}
}
return(hash, salt);
}
public static async Task <bool> VerifyLogin(string email, string password)
{
string storedHash = string.Empty;
using (SqlConnection conn = new SqlConnection(await AzureKeyVaultService.GetKeyFromVault()))
{
await conn.OpenAsync();
using (SqlCommand cmd = new SqlCommand("SELECT userPass from UserAccounts WHERE emailAddress = @email", conn))
{
cmd.Parameters.AddWithValue("email", email);
storedHash = (await cmd.ExecuteScalarAsync()).ToString();
if (storedHash == null || storedHash == string.Empty)
{
return(false);
}
}
//Hash the entered password
var result = PasswordHasher.HashPassword(password);
//Compare hashes
return((storedHash == result.Item1) ? true : false);
}
}
public static IServiceCollection AddChatbotSecretServiceCollection(this IServiceCollection services,
string keyVaultAppId, string keyVaultCertThumbPrint, string keyVaultBaseUrl)
{
var secretService = new AzureKeyVaultService(keyVaultAppId, keyVaultCertThumbPrint, keyVaultBaseUrl);
secretService.Initialize().Wait();
services.AddSingleton <ISecretService, AzureKeyVaultService>(provider => secretService);
return(services);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton <AzureKeyVaultService>();
var azureKeyVaultService = new AzureKeyVaultService(Configuration);
var sqlDatabaseConnectionString = azureKeyVaultService.GetConnectionString("SqlDatabaseConnectionString");
services.AddControllersWithViews();
services.AddDbContext <DatabaseContext>(f => f.UseSqlServer(sqlDatabaseConnectionString));
services.AddSingleton <StorageAccountService>();
}
public static async Task <(X509Certificate2 ActiveCertificate, X509Certificate2 SecondaryCertificate)> GetCertificates(AzureKeyVaultConfiguration certificateConfiguration)
{
(X509Certificate2 ActiveCertificate, X509Certificate2 SecondaryCertificate)certs = (null, null);
if (!string.IsNullOrEmpty(certificateConfiguration.AzureKeyVaultEndpoint))
{
var keyVaultCertificateService = new AzureKeyVaultService(certificateConfiguration);
certs = await keyVaultCertificateService.GetCertificatesFromKeyVault().ConfigureAwait(false);
}
return(certs);
}
public static async Task <bool> IsGUIDConflict(Guid id)
{
using (SqlConnection conn = new SqlConnection(await AzureKeyVaultService.GetKeyFromVault()))
{
await conn.OpenAsync();
using (SqlCommand cmd = new SqlCommand("SELECT userID FROM UserAccounts WHERE userID = @id", conn))
{
cmd.Parameters.AddWithValue("id", id);
var match = await cmd.ExecuteScalarAsync();
return((match != null) ? true : false);
}
}
}
public static async Task InsertUser(Guid id, string pass, string salt, string email, string first, string last)
{
using (SqlConnection conn = new SqlConnection(await AzureKeyVaultService.GetKeyFromVault()))
{
await conn.OpenAsync();
using (SqlCommand cmd = new SqlCommand("INSERT INTO UserAccounts(userID, userPass, userSalt, emailAddress, firstName, lastName) VALUES(@id, @pass, @salt, @email, @first, @last);", conn))
{
cmd.Parameters.AddWithValue("id", id.ToString());
cmd.Parameters.AddWithValue("pass", pass);
cmd.Parameters.AddWithValue("salt", salt);
cmd.Parameters.AddWithValue("email", email);
cmd.Parameters.AddWithValue("first", first);
cmd.Parameters.AddWithValue("last", last);
await cmd.ExecuteNonQueryAsync();
}
}
}
/// <summary>
/// Determines if a user has already registered an email address
/// </summary>
/// <param name="email"></param>
/// <returns>Boolean</returns>
public static async Task <bool> IsEmailTaken(string email)
{
using (SqlConnection conn = new SqlConnection(await AzureKeyVaultService.GetKeyFromVault()))
{
await conn.OpenAsync();
using (SqlCommand cmd = new SqlCommand("SELECT COUNT(emailAddress) from UserAccounts WHERE emailAddress = @email", conn))
{
cmd.Parameters.AddWithValue("email", email);
using (SqlDataReader reader = await cmd.ExecuteReaderAsync())
{
await reader.ReadAsync();
return((reader.GetInt32(0) > 0) ? true : false);
}
}
}
}
public void ConfigureServices(IServiceCollection services)
{
var configService = new ConfigService();
services.AddOptions();
services.AddMemoryCache();
services.AddChatbotConfigService();
var secretService = new AzureKeyVaultService(
configService.Get <string>("KeyVaultAppId"),
configService.Get <string>("KeyVaultCertThumbprint"),
configService.Get <string>("KeyVaultBaseUrl"));
secretService.Initialize().Wait();
services.AddSingleton <ISecretService, AzureKeyVaultService>(provider => secretService);
services
.AddDbContextFactory()
.AddChatbotNLog()
.AddTwitchServices()
.AddApplicationServices()
.AddSolr(secretService)
.AddRabbitConnectionServices()
.AddPrintfulClient(secretService)
.AddFactories();
services.AddSignalR();
services.AddRouting();
services.AddAuthentication(op =>
{
op.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
op.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme;
op.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
});
services.AddOptions <JwtBearerOptions>(JwtBearerDefaults.AuthenticationScheme)
.Configure <ISecretService>((options, secrets) =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey =
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secrets.GetSecret <string>("ApiSecretSymmetricKey"))),
ValidateIssuer = true,
ValidIssuer = secrets.GetSecret <string>("ApiValidIssuer"),
ValidateAudience = true,
ValidAudience = secrets.GetSecret <string>("ApiValidAudience")
};
});
services.AddAuthorization(options =>
{
options.AddPolicy(JwtBearerDefaults.AuthenticationScheme, builder =>
{
builder.RequireAuthenticatedUser()
.Build();
});
});
services.AddControllers().AddNewtonsoftJson(x =>
x.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore);
}
/// <summary>
/// Initializes a new instance of the <see cref="RestClient"/> class.
/// </summary>
/// <param name="configuration">Application configuration.</param>
/// <param name="serviceLocator">Service locator.</param>
/// <param name="azureKeyVaultService">Azure Key Vault instance for the application.</param>
public RestClient(IConfiguration configuration, IServiceLocator serviceLocator, AzureKeyVaultService azureKeyVaultService)
{
this.serviceLocator = serviceLocator;
if (configuration != null && azureKeyVaultService != null)
{
var mtoaApiKey = azureKeyVaultService.GetSecretByName(configuration.GetSection("AzureKeyVaultSettings:SecretNames")["MtoaApiKey"]);
var mtoaJwtToken = azureKeyVaultService.GetSecretByName(configuration.GetSection("AzureKeyVaultSettings:SecretNames")["MtoaJwtToken"]);
Client.DefaultRequestHeaders.TryAddWithoutValidation("app-jwt", mtoaJwtToken);
Client.DefaultRequestHeaders.TryAddWithoutValidation("api-key", mtoaApiKey);
}
}
public AzureKeyVaultTests()
{
this.azureKeyVaultService = InitializeServices.GetAzureKeyVaultService();
}
public MtoaFileServiceTest()
{
this.azureKeyVaultService = InitializeServices.GetAzureKeyVaultService();
this.mtoaFileService = new MtoaFileService(azureKeyVaultService);
}
