/// <summary> /// Metodo de lectura del token /// </summary> /// <returns></returns> public TokenDto Get() { var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"]; var access_token = Encrypted.Decode(authHeader); var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token); TokenDto tokenDto = new TokenDto(int.Parse(token["codeStore"].ToString()), int.Parse(token["codeBox"].ToString()), int.Parse(token["usuario"].ToString())); return(tokenDto); }
/// <summary> /// Metodo que valida si un usuario tiene un permiso asignado /// </summary> /// <param name="permisoNecesario">Permiso que desea verificarse</param> public Boolean ContieneRol(String permisoNecesario) { var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"]; var SUDOHeader = WebOperationContext.Current.IncomingRequest.Headers["SUDO"]; if ((authHeader != null) && (authHeader != string.Empty)) { try { var access_token = Encrypted.Decode(authHeader); var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token); var usuario = token["usuario"].ToString(); var fechaExpiracion = DateTime.Parse(token["exp"].ToString()); string recursos = token["resources"].ToString(); if (DateTime.Now > fechaExpiracion) { throw new WebFaultException <string>("El Token de Acceso Expiró", HttpStatusCode.Unauthorized); } List <string> listaRecursos = new List <string>(); if ((SUDOHeader != null) && (SUDOHeader != string.Empty)) { SecurityBusiness securityBusiness = new SecurityBusiness(); var informacionDecodificadaSUDO = new Encrypted().Base64DecodeToString(SUDOHeader); var credenciales = informacionDecodificadaSUDO.Split(':'); var userResponse = new SecurityBusiness().LoginSUDO(Int32.Parse(credenciales[0]), credenciales[1], 1, GetIp()); if (userResponse.Data.CodeEstatus == 100) { var recursosSUDO = new SecurityBusiness().ObtenerRecursos(Int32.Parse(credenciales[0])); foreach (string recurso in recursosSUDO.Data.Split('|')) { listaRecursos.Add(recurso); } } else { throw new WebFaultException <string>(userResponse.Data.Estatus, HttpStatusCode.Unauthorized); } } else { foreach (var resource in recursos.Split('|')) { listaRecursos.Add(resource); } } // Validar permisos foreach (String permiso in listaRecursos) { if (permisoNecesario.Equals(permiso)) { return(true); } } return(false); } catch (Exception ex) { //Throw an exception with the associated HTTP status code equivalent to HTTP status 401 throw new WebFaultException <string>("El Token de acceso no es válido: " + ex.ToString(), HttpStatusCode.Unauthorized); } } else { //Throw an exception with the associated HTTP status code equivalent to HTTP status 401 throw new WebFaultException <string>("No existe cabecera de autorización", HttpStatusCode.Unauthorized); } }
/// <summary> /// Metodo que valida el token /// </summary> /// <param name="operationContext">metodo que se ejecutara</param> /// <returns></returns> protected override bool CheckAccessCore(OperationContext operationContext) { LogRegister s = new LogRegister(); s.LogEntry(" CheckAccessCore: Inicio (Validando Token) ", 2); Thread.CurrentThread.CurrentCulture = CultureInfo.CreateSpecificCulture("es-MX"); Thread.CurrentThread.CurrentUICulture = new CultureInfo("es-MX"); var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"]; String webServiceRequestedPath = WebOperationContext.Current.IncomingRequest.UriTemplateMatch.RequestUri.OriginalString; if (!webServiceRequestedPath.Contains("Sincronizacion/Sincronizacionservice.svc/ejecutarProcesoSincronizacion")) { if ((authHeader != null) && (authHeader != string.Empty)) { try { var access_token = Encrypted.Decode(authHeader); var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token); var usuario = token["usuario"].ToString(); var fechaExpiracion = DateTime.Now.AddYears(100); //OCG DateTime.Parse(token["exp"].ToString()); string recursos = token["resources"].ToString(); if (DateTime.Now > fechaExpiracion) { throw new WebFaultException <string>("El Token de Acceso Expiró", HttpStatusCode.Unauthorized); } List <string> listaRecursos = new List <string>(); foreach (var resource in recursos.Split('|')) { listaRecursos.Add(resource); } try { Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(usuario), listaRecursos.ToArray()); } catch (SecurityException ex) { throw new WebFaultException <string>(ex.ToString(), HttpStatusCode.Unauthorized); } s.LogEntry(" CheckAccessCore: FIN (Token valido) ", 2); return(true); } catch (Exception ex) { _ = ex.Message; //Throw an exception with the associated HTTP status code equivalent to HTTP status 401 throw new WebFaultException <string>("El Token de acceso no es válido", HttpStatusCode.Unauthorized); } } else { //Throw an exception with the associated HTTP status code equivalent to HTTP status 401 throw new WebFaultException <string>("No existe cabecera de autorización", HttpStatusCode.Unauthorized); } } else { s.LogEntry(" CheckAccessCore: FIN (Token valido) ", 2); return(true); } }