/// <summary>
/// Metodo de lectura del token
/// </summary>
/// <returns></returns>
public TokenDto Get()
{
var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"];
var access_token = Encrypted.Decode(authHeader);
var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token);
TokenDto tokenDto = new TokenDto(int.Parse(token["codeStore"].ToString()), int.Parse(token["codeBox"].ToString()), int.Parse(token["usuario"].ToString()));
return(tokenDto);
}
/// <summary>
/// Metodo que valida si un usuario tiene un permiso asignado
/// </summary>
/// <param name="permisoNecesario">Permiso que desea verificarse</param>
public Boolean ContieneRol(String permisoNecesario)
{
var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"];
var SUDOHeader = WebOperationContext.Current.IncomingRequest.Headers["SUDO"];
if ((authHeader != null) && (authHeader != string.Empty))
{
try
{
var access_token = Encrypted.Decode(authHeader);
var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token);
var usuario = token["usuario"].ToString();
var fechaExpiracion = DateTime.Parse(token["exp"].ToString());
string recursos = token["resources"].ToString();
if (DateTime.Now > fechaExpiracion)
{
throw new WebFaultException <string>("El Token de Acceso Expiró", HttpStatusCode.Unauthorized);
}
List <string> listaRecursos = new List <string>();
if ((SUDOHeader != null) && (SUDOHeader != string.Empty))
{
SecurityBusiness securityBusiness = new SecurityBusiness();
var informacionDecodificadaSUDO = new Encrypted().Base64DecodeToString(SUDOHeader);
var credenciales = informacionDecodificadaSUDO.Split(':');
var userResponse = new SecurityBusiness().LoginSUDO(Int32.Parse(credenciales[0]), credenciales[1], 1, GetIp());
if (userResponse.Data.CodeEstatus == 100)
{
var recursosSUDO = new SecurityBusiness().ObtenerRecursos(Int32.Parse(credenciales[0]));
foreach (string recurso in recursosSUDO.Data.Split('|'))
{
listaRecursos.Add(recurso);
}
}
else
{
throw new WebFaultException <string>(userResponse.Data.Estatus, HttpStatusCode.Unauthorized);
}
}
else
{
foreach (var resource in recursos.Split('|'))
{
listaRecursos.Add(resource);
}
}
// Validar permisos
foreach (String permiso in listaRecursos)
{
if (permisoNecesario.Equals(permiso))
{
return(true);
}
}
return(false);
}
catch (Exception ex)
{
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException <string>("El Token de acceso no es válido: " + ex.ToString(), HttpStatusCode.Unauthorized);
}
}
else
{
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException <string>("No existe cabecera de autorización", HttpStatusCode.Unauthorized);
}
}
/// <summary>
/// Metodo que valida el token
/// </summary>
/// <param name="operationContext">metodo que se ejecutara</param>
/// <returns></returns>
protected override bool CheckAccessCore(OperationContext operationContext)
{
LogRegister s = new LogRegister();
s.LogEntry(" CheckAccessCore: Inicio (Validando Token) ", 2);
Thread.CurrentThread.CurrentCulture = CultureInfo.CreateSpecificCulture("es-MX");
Thread.CurrentThread.CurrentUICulture = new CultureInfo("es-MX");
var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"];
String webServiceRequestedPath = WebOperationContext.Current.IncomingRequest.UriTemplateMatch.RequestUri.OriginalString;
if (!webServiceRequestedPath.Contains("Sincronizacion/Sincronizacionservice.svc/ejecutarProcesoSincronizacion"))
{
if ((authHeader != null) && (authHeader != string.Empty))
{
try
{
var access_token = Encrypted.Decode(authHeader);
var token = JsonConvert.DeserializeObject <Dictionary <string, object> >(access_token);
var usuario = token["usuario"].ToString();
var fechaExpiracion = DateTime.Now.AddYears(100); //OCG DateTime.Parse(token["exp"].ToString());
string recursos = token["resources"].ToString();
if (DateTime.Now > fechaExpiracion)
{
throw new WebFaultException <string>("El Token de Acceso Expiró", HttpStatusCode.Unauthorized);
}
List <string> listaRecursos = new List <string>();
foreach (var resource in recursos.Split('|'))
{
listaRecursos.Add(resource);
}
try
{
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(usuario), listaRecursos.ToArray());
}
catch (SecurityException ex)
{
throw new WebFaultException <string>(ex.ToString(), HttpStatusCode.Unauthorized);
}
s.LogEntry(" CheckAccessCore: FIN (Token valido) ", 2);
return(true);
}
catch (Exception ex)
{
_ = ex.Message;
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException <string>("El Token de acceso no es válido", HttpStatusCode.Unauthorized);
}
}
else
{
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException <string>("No existe cabecera de autorización", HttpStatusCode.Unauthorized);
}
}
else
{
s.LogEntry(" CheckAccessCore: FIN (Token valido) ", 2);
return(true);
}
}
