Exemplo n.º 1
0
        public ActionResult CheckBase5UserId(string code = "")
        {
            if (code.Length != 5)
            {
                return(RedirectToAction("Index", "home"));
            }
            string UserGID   = User.Identity.GetUserId();
            string strUserID = UserGID.Replace("-", "").ToUpper();
            string Base3     = code.Substring(0, 3).ToUpper();

            string ipAddress = string.Empty;

            if (!String.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"]))
            {
                ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"];
            }
            else
            {
                ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            }

            try
            {
                using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
                {
                    //0"PTTID"
                    Verification VID = DBObj.Verification.Where(x => (x.PTTID == User.Identity.Name) && (x.VerifyType == 0)).FirstOrDefault();

                    if ((VID == null) || (VID.Base5.IndexOf(Base3) != 0))
                    {
                        return(RedirectToAction("Index", "home"));
                    }
                    VID.IsConfirmed        = true;
                    VID.AvailableDate      = DateTime.Now.AddYears(1);
                    VID.ModifyDate         = DateTime.Now;
                    VID.ModifyDateIP       = ipAddress;
                    DBObj.Entry(VID).State = EntityState.Modified;

                    var ID = DBObj.AspNetUsers.Where(x => x.UserName == User.Identity.Name).FirstOrDefault();
                    ID.VerifyType0        = true;
                    DBObj.Entry(ID).State = EntityState.Modified;

                    DBObj.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                string meg = $"/Account/CheckBase5UserId";
                logger.Debug(meg);
                logger.Debug($"[Exception]{ex.Message}.{ex.InnerException.Message}");
                logger.Debug(ex.StackTrace);
            }
            return(RedirectToAction("Index", "home"));
        }
Exemplo n.º 2
0
        /// <summary>
        /// Send Base5 UserId for verify check PTTID.
        /// </summary>
        /// <param name="PTTID"></param>
        /// <param name="UserGID"></param>
        /// <param name="ipAddress"></param>
        /// <param name="CreateDate"></param>
        /// <param name="ModifyDate"></param>
        private async void SendBase5UserId(string PTTID, string UserGID, string ipAddress)
        {
            string PTTMail = string.Format("{0}[email protected]", PTTID);

            string strUserID  = UserGID.Replace("-", "").ToUpper();
            int    iUserIDlen = strUserID.Length - 3;
            Random random     = new Random();
            int    iIndex     = random.Next(0, iUserIDlen);
            string Base5      = string.Format("{0}{1}", strUserID.Substring(iIndex, 3), iIndex.ToString("00"));

            IdentityMessage IM = new IdentityMessage();

            IM.Subject     = "TWID.app PTTID Verification code";
            IM.Body        = Base5;
            IM.Destination = PTTMail;

            try
            {
                EmailService ES = new EmailService();
                await ES.SendAsyncBodyANSI(IM);

                using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
                {
                    bool isNewPTTID = false;
                    //0"PTTID"
                    Verification VID = DBObj.Verification.Where(x => (x.PTTID == PTTID) && (x.VerifyType == 0)).FirstOrDefault();

                    if (VID == null)
                    {
                        VID              = new Verification();
                        VID.PTTID        = PTTID;
                        VID.CreateDate   = DateTime.Now;
                        VID.CreateDateIP = ipAddress;
                        VID.VerifyType   = 0;
                        isNewPTTID       = true;
                    }
                    VID.Base5 = Base5;

                    if (isNewPTTID)
                    {
                        DBObj.Verification.Add(VID);
                    }
                    else
                    {
                        DBObj.Entry(VID).State = EntityState.Modified;
                    }
                    DBObj.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                string meg = $"/Account/SendBase5UserId";
                logger.Debug(meg);
                logger.Debug($"[Exception]{ex.Message}.{ex.InnerException.Message}");
                logger.Debug(ex.StackTrace);
            }
        }
Exemplo n.º 3
0
        public ActionResult PKCS7Verify(string b64SignedData = "", string digitalSignature = "")
        {
            if (string.IsNullOrEmpty(b64SignedData) || string.IsNullOrEmpty(digitalSignature))
            {
                return(RedirectToAction("Index", "home"));
            }

            string UserGID   = User.Identity.GetUserId();
            string strUserID = UserGID.Replace("-", "").ToUpper();
            string Nonce     = string.Empty;

            string ipAddress = string.Empty;

            if (!String.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"]))
            {
                ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"];
            }
            else
            {
                ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            }

            try
            {
                using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
                {
                    //1"MOICA"   VID.VerifyType = 1;
                    Verification VID = DBObj.Verification.Where(x => (x.PTTID == User.Identity.Name) && (x.VerifyType == 1)).FirstOrDefault();

                    if ((VID == null))
                    {
                        return(RedirectToAction("Index", "home"));
                    }
                    Nonce = $"Nonce:{VID.Base5}";

                    string url = "https://gpkiapi.nat.gov.tw/PKCS7Verify/VerifyPKCS7.jsp";

                    MyWebClient client = new MyWebClient();
                    client.Encoding = Encoding.UTF8; // 設定Webclient.Encoding

                    string html = "未知";

                    // 指定 WebClient 編碼
                    client.Encoding = Encoding.UTF8;
                    // 指定 WebClient 的 Content-Type header
                    client.Headers.Add(HttpRequestHeader.ContentType, "application/x-www-form-urlencoded");

                    //要傳送的資料內容(依字串表示)
                    NameValueCollection nc = new NameValueCollection();
                    nc["b64SignedData"] = b64SignedData;
                    // 執行 post 動作
                    var result = client.UploadValues(url, nc);
                    html = Encoding.GetEncoding("UTF-8").GetString(result);

                    if (html.IndexOf(Nonce) == -1)
                    {
                        return(RedirectToAction("Index", "home"));
                    }

                    VID.IsConfirmed   = true;
                    VID.AvailableDate = DateTime.Now.AddYears(1);
                    VID.ModifyDate    = DateTime.Now;
                    VID.ModifyDateIP  = ipAddress;

                    DBObj.Entry(VID).State = EntityState.Modified;

                    var ID = DBObj.AspNetUsers.Where(x => x.UserName == User.Identity.Name).FirstOrDefault();
                    ID.VerifyType1        = true;
                    DBObj.Entry(ID).State = EntityState.Modified;


                    string Subject      = string.Empty;
                    string SerialNumber = string.Empty;
                    int    iCN          = 0;
                    int    iC           = 0;
                    int    iCNtoC       = 0;

                    foreach (var s in html.Split('\n'))
                    {
                        if (s.IndexOf("Subject:") > -1)
                        {
                            iCN    = s.IndexOf("CN=") + 3;
                            iC     = s.IndexOf("C=");
                            iCNtoC = iC - iCN;
                            if (iCNtoC > 0)
                            {
                                Subject = s.Substring(iCN, iCNtoC).TrimEnd().TrimEnd(',');
                            }
                        }
                        if (s.IndexOf("Card Number:") > -1)
                        {
                            string[] CN = s.Split(':');

                            if (CN.Length > 1)
                            {
                                SerialNumber = CN[1].Replace("<br/>", "");
                            }
                        }
                    }

                    MOICASN mSN = DBObj.MOICASN.Where(x => x.SN == SerialNumber).FirstOrDefault();

                    if ((mSN != null) || string.IsNullOrEmpty(SerialNumber))
                    {
                        return(RedirectToAction("Index", "home"));
                    }
                    mSN    = new MOICASN();
                    mSN.no = Guid.NewGuid();
                    mSN.SN = SerialNumber;
                    DBObj.MOICASN.Add(mSN);

                    string      HMACSHA256 = SHA256Hash($"{Subject}|{digitalSignature}");
                    MOICASHA256 mSHA       = DBObj.MOICASHA256.Where(x => x.HMACSHA256 == HMACSHA256).FirstOrDefault();

                    if ((mSHA != null))
                    {
                        return(RedirectToAction("Index", "home"));
                    }
                    mSHA            = new MOICASHA256();
                    mSHA.no         = Guid.NewGuid();
                    mSHA.HMACSHA256 = HMACSHA256;
                    DBObj.MOICASHA256.Add(mSHA);

                    DBObj.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            return(RedirectToAction("Index", "home"));
        }
Exemplo n.º 4
0
        /// <summary>
        /// Send Nonce for verify check MOICA.
        /// </summary>
        /// <param name="PTTID"></param>
        /// <param name="UserGID"></param>
        /// <param name="ipAddress"></param>
        /// <param name="CreateDate"></param>
        /// <param name="ModifyDate"></param>
        private async void SendNonce(string PTTID, string UserGID, string ipAddress, DateTime?CreateDate, DateTime?ModifyDate)
        {
            string PTTMail = string.Format("{0}[email protected]", PTTID);

            string strUserID  = UserGID.Replace("-", "").ToUpper();
            int    iUserIDlen = strUserID.Length - 3;
            Random random     = new Random();
            int    iIndex     = random.Next(0, iUserIDlen);
            string Base5      = string.Format("{0}{1}", strUserID.Substring(iIndex, 3), iIndex.ToString("00"));

            IdentityMessage IM = new IdentityMessage();

            IM.Subject     = "TWID.app MOICA Verification code";
            IM.Body        = Base5;
            IM.Destination = PTTMail;

            try
            {
                EmailService ES = new EmailService();
                await ES.SendAsyncBodyANSI(IM);

                using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
                {
                    bool isNewPTTID = false;

                    Verification VID = DBObj.Verification.Where(x => (x.PTTID == PTTID) && (x.VerifyType == 1)).FirstOrDefault();

                    if (VID == null)
                    {
                        VID               = new Verification();
                        VID.PTTID         = PTTID;
                        VID.VerifyType    = 1; //1"MOICA"
                        isNewPTTID        = true;
                        VID.CreateDate    = DateTime.Now;
                        VID.CreateDateIP  = ipAddress;
                        VID.AvailableDate = DateTime.Now.AddYears(1);
                    }

                    if (ModifyDate.HasValue)
                    {
                        VID.ModifyDate = ModifyDate.Value;
                    }

                    VID.Base5 = Base5;

                    if (isNewPTTID)
                    {
                        DBObj.Verification.Add(VID);
                    }
                    else
                    {
                        DBObj.Entry(VID).State = EntityState.Modified;
                    }
                    DBObj.SaveChanges();
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }