Exemplo n.º 1
0
        //Token generation Method
        public static dynamic generate_token()
        {
            try
            {
                //Initializing Response Dictionary for returning token in json format with required parameters
                Dictionary <string, string> Response_Dictionary = new Dictionary <string, string>();
                //creating dynamic object
                dynamic objdata = new ExpandoObject();
                //adding issuing time
                objdata.issued_time = DateTime.UtcNow;
                //adding expiry time
                objdata.expiry_time = TOKEN_MODULE.generate_expiry_time();
                //adding unique number for distinct token generation
                objdata.unique_number = EDITIONAL_METHODS.unique_code_generator(16);
                //adding issuer who issuing this token
                objdata.issuer = get_issuer();
                //adding audience who can use this token
                objdata.audience = get_audience();
                //adding roles who can access using this token
                List <string> value = get_user_roles();
                objdata.roles = value;
                //serializing dynamic object into json string
                string token_data = JsonConvert.SerializeObject(objdata);
                //encrypt token json string using AES encryption
                string encrypted_value = AES_MODULE.AES_ENCRYPTION_DATA(token_data, CORE_MODULE.TOKEN_AES_KEY, CORE_MODULE.TOKEN_AES_IV);
                //adding generated token as access_token key pair value
                CORE_MODULE.Response_Dictionary.Add("access_token", encrypted_value);
                foreach (KeyValuePair <string, string> key_pair in CORE_MODULE.Response_Dictionary)
                {
                    Response_Dictionary.Add(key_pair.Key, key_pair.Value);
                }

                //clearing parameters
                CORE_MODULE.Response_Dictionary.Clear();
                CORE_MODULE.roles.Clear();

                return(Response_Dictionary);
            }
            catch (Exception ex)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }
        }
        public static string ENCODE_DATA(dynamic dynamic_data)
        {
            string data = JsonConvert.SerializeObject(dynamic_data);

            try
            {
                string final_data     = string.Empty;
                string ENCRYPTED_DATA = AES_MODULE.AES_ENCRYPTION_DATA(data, CORE_MODULE.SERVER_SIDE_AES_KEY, CORE_MODULE.SERVER_SIDE_AES_IV);

                CLIEINT_AES_KEYS obj = new CLIEINT_AES_KEYS();
                obj.KEY = CORE_MODULE.SERVER_SIDE_AES_KEY;
                obj.IV  = CORE_MODULE.SERVER_SIDE_AES_IV;
                string AES_ENCRYPTIN_KEY_PAIR = JsonConvert.SerializeObject(obj);

                string RSA_ENCRYPTED_KEY_PAIR = RSA_MODULE.RSA_Encrypt(AES_ENCRYPTIN_KEY_PAIR, RSA_MODULE.server_side_public_key_generator());
                final_data = RSA_ENCRYPTED_KEY_PAIR + "." + ENCRYPTED_DATA;
                return(final_data);
            }
            catch (Exception ex)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }
        }
        public static string DECODE_DATA(string data)
        {
            try
            {
                string final_output = string.Empty;

                if (string.IsNullOrEmpty(data))
                {
                    throw new HttpResponseException(HttpStatusCode.NoContent);
                }
                string[] values = data.Split('.');

                string RSA_ENCRYPTED_AES_KEY = values[0].Replace(" ", "+");
                string ENCRYPTED_DATA        = values[1].Replace(" ", "+");

                string AES_KEY_PAIR = RSA_MODULE.RSA_Decrypt(RSA_ENCRYPTED_AES_KEY, RSA_MODULE.server_side_private_key_generator());

                if (string.IsNullOrEmpty(AES_KEY_PAIR))
                {
                    throw new HttpResponseException(HttpStatusCode.NoContent);
                }

                CLIEINT_AES_KEYS obj_AES = JsonConvert.DeserializeObject <CLIEINT_AES_KEYS>(AES_KEY_PAIR);

                final_output = AES_MODULE.AES_DECRYPTION_DATA(ENCRYPTED_DATA, obj_AES.KEY, obj_AES.IV);
                if (string.IsNullOrEmpty(final_output))
                {
                    throw new HttpResponseException(HttpStatusCode.NoContent);
                }

                return(final_output);
            }
            catch (Exception ex)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }
        }
Exemplo n.º 4
0
        public static string DECODE_DATA(string data)
        {
            string token_json_format = string.Empty;
            string final_output      = string.Empty;

            //spliting string into string array
            if (string.IsNullOrEmpty(data))
            {
                throw new HttpResponseException(HttpStatusCode.NoContent);
            }
            string[] values = data.Split('.');

            //assigning parameters
            string TOKEN = values[0].Replace(" ", "+");
            string RSA_ENCRYPTED_AES_KEY = values[1].Replace(" ", "+");
            string ENCRYPTED_DATA        = values[2].Replace(" ", "+");

            try
            {
                //decrypting token to get token json string
                token_json_format = AES_MODULE.AES_DECRYPTION_DATA(TOKEN, CORE_MODULE.TOKEN_AES_KEY, CORE_MODULE.TOKEN_AES_IV);
            }
            catch (Exception ex)
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }
            //converting json string into model object
            TOKEN_MODEL token_params = JsonConvert.DeserializeObject <TOKEN_MODEL>(token_json_format);

            //checking expiry time
            if (!expiry_time_check(token_params.EXPIRY_TIME))
            {
                throw new HttpResponseException(HttpStatusCode.RequestTimeout);
            }
            //checking roles
            if (!roles_check(token_params.ROLES, CORE_MODULE.roles))
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }
            //checking issuer
            if (!issuer_check(token_params.ISSUER))
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }
            //checking audience
            if (!audience_check(token_params.AUDIENCE))
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }

            try
            {
                //decrypting aes key pair for data decryption
                string AES_KEY_PAIR = RSA_MODULE.RSA_Decrypt(RSA_ENCRYPTED_AES_KEY, RSA_MODULE.server_side_private_key_generator());

                if (string.IsNullOrEmpty(AES_KEY_PAIR))
                {
                    throw new HttpResponseException(HttpStatusCode.NoContent);
                }

                //creating model object for key pair
                CLIEINT_AES_KEYS obj_AES = JsonConvert.DeserializeObject <CLIEINT_AES_KEYS>(AES_KEY_PAIR);

                //decryption of data using AES key pair
                final_output = AES_MODULE.AES_DECRYPTION_DATA(ENCRYPTED_DATA, obj_AES.KEY, obj_AES.IV);
                if (string.IsNullOrEmpty(final_output))
                {
                    throw new HttpResponseException(HttpStatusCode.NoContent);
                }

                CORE_MODULE.roles.Clear();

                //returning decrypted value
                return(final_output);
            }
            catch (Exception ex)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }
        }