public async Task <Response> PostSignIn(AccountProtection.SignIn signIn, string correlationId, string envId)
        {
            string endpoint = string.Format(_settings.Endpoints.SignInAP, signIn.Metadata.LoginId);

            var response = await PostAsync(endpoint, signIn, correlationId, envId);

            return(await Read <ResponseSuccess>(response));
        }
Exemplo n.º 2
0
        private async Task <IActionResult> SignInUser(LoginViewModel model, string returnUrl, bool useAP)
        {
            var applicationUser = new ApplicationUser
            {
                UserName = model.Email
            };
            string hashedPassword = _userManager.PasswordHasher.HashPassword(applicationUser, model.Password);

            bool rejectSignIn = false;

            if (useAP)
            {
                var user = new AccountProtection.User()
                {
                    UserType = AccountProtection.UserType.Consumer,
                    Username = model.Email,
                    UserId   = model.Email
                };

                var device = new AccountProtection.DeviceContext()
                {
                    DeviceContextId = model.DeviceFingerPrinting.SessionId,
                    IpAddress       = _contextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString(),
                    Provider        = DeviceContextProvider.DFPFingerPrinting.ToString()
                };

                var metadata = new AccountProtection.EventMetadataAccountLogin()
                {
                    TrackingId        = Guid.NewGuid().ToString(),
                    LoginId           = Guid.NewGuid().ToString(),
                    CustomerLocalDate = DateTime.Now,
                    MerchantTimeStamp = DateTime.Now
                };

                var signIn = new AccountProtection.SignIn()
                {
                    Name     = "AP.AccountLogin",
                    Version  = "0.5",
                    Device   = device,
                    User     = user,
                    Metadata = metadata
                };

                var correlationId  = _fraudProtectionService.NewCorrelationId;
                var signInResponse = await _fraudProtectionService.PostSignInAP(signIn, correlationId);

                var fraudProtectionIO = new FraudProtectionIOModel(correlationId, signIn, signInResponse, "SignIn");
                TempData.Put(FraudProtectionIOModel.TempDataKey, fraudProtectionIO);

                if (signInResponse is AccountProtection.ResponseSuccess response)
                {
                    rejectSignIn = response.ResultDetails.FirstOrDefault()?.Decision != AccountProtection.DecisionName.Approve;
                }
            }
            else
            {
                var signIn = new SignIn
                {
                    SignInId          = Guid.NewGuid().ToString(),
                    PasswordHash      = hashedPassword,
                    MerchantLocalDate = DateTimeOffset.Now,
                    CustomerLocalDate = model.DeviceFingerPrinting.ClientDate,
                    UserId            = model.Email,
                    DeviceContextId   = model.DeviceFingerPrinting.SessionId,
                    AssessmentType    = AssessmentType.Protect.ToString(),
                    CurrentIpAddress  = _contextAccessor.HttpContext.Connection.RemoteIpAddress.ToString()
                };

                var correlationId  = _fraudProtectionService.NewCorrelationId;
                var signInResponse = await _fraudProtectionService.PostSignIn(signIn, correlationId);

                var fraudProtectionIO = new FraudProtectionIOModel(correlationId, signIn, signInResponse, "SignIn");
                TempData.Put(FraudProtectionIOModel.TempDataKey, fraudProtectionIO);

                //2 out of 3 signIn will be successful
                rejectSignIn = new Random().Next(0, 3) != 0;
            }

            if (!rejectSignIn)
            {
                var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false);

                if (!result.Succeeded)
                {
                    ModelState.AddModelError(string.Empty, "Invalid login attempt.");
                    return(View("SignIn", model));
                }
                // redirect if signIn is not rejected and password sign-in is success
                await TransferBasketToEmailAsync(model.Email);

                return(RedirectToLocal(returnUrl));
            }
            else
            {
                ModelState.AddModelError("", "Signin rejected by Fraud Protection. You can try again as it has a random likelihood of happening in this sample site.");
                return(View("SignIn", model));
            }
        }