/// <summary> /// Gets the security status of the current user and enables features based on their status. /// </summary> /// <returns>true if the current user has sufficient permission to use the application.</returns> /// <remarks> /// This method uses the <see cref="SecurityComponent(User)"/> to grab security roles from the /// Data Integration Hub on PCI-DB. It closes frmMain if an error occurs. /// </remarks> private bool LoginCurrentUser() { // Attempt to log the user in try { #if DEBUG CurrentUser = new User(Environment.UserDomainName + "\\" + "khalberg"); #else CurrentUser = new User(Environment.UserDomainName + "\\" + Environment.UserName); #endif Security = new SecurityComponent(CurrentUser); lblLoginStatus.Text = "You are logged in as: " + CurrentUser.DomainName; if (Security.IsAdmin() == false) { lblSettings.Enabled = false; lblSettings.Visible = false; } if (Security.IsUser() == false && Security.IsAdmin() == false) { MessageBox.Show("You do not sufficient security privileges to use this application. Please see your system administrator."); return(false); } } catch (Exception ex) { return(false); } BeginCurrentSession(); return(true); }
private void AcceptConnected(IUser peer, IReadStream readStream, IWriteStream writeStream) { var publicKey = readStream.ShiftRight <string>(); var key = ID + "_" + SystemUtil.CreateRandomString(Ssfi.CryptoConfig.CryptonKeyLength); var encryptKey = Ssfi.Security.EncryptAesKey(key, publicKey); var securityComponent = SecurityComponent.GetObject(); securityComponent.AesKey = key; securityComponent.Encryptkey = encryptKey; peer.AddComponent <ISecurityComponent>(securityComponent); Logger.Debug($"添加{nameof(ISecurityComponent)}组件!"); writeStream.ShiftRight((ushort)encryptKey.Length); Logger.Debug("EncryptKey Length:" + encryptKey.Length); writeStream.ShiftRight(encryptKey); writeStream.ShiftRight(string.Join(";", RpcMethodIds)); var tmp = readStream.Clone(); _serverSocket.AddEvent(() => { try { _acceptAction.Invoke(peer, readStream); } catch (Exception e) { Logger.Error(e); } tmp.Dispose(); }); }
/// <summary> /// Represents the main form of the VSP application. /// </summary> public frmMain() { InitializeComponent(); this.MaximumSize = Screen.PrimaryScreen.WorkingArea.Size; #region IMessageFilter Methods //Add controls to move the form Application.AddMessageFilter(this); controlsToMove.Add(this.lblFormHeader); controlsToMove.Add(this.panel6); controlsToMove.Add(this.panel10); controlsToMove.Add(this.pnlMainHeader); #endregion if (!ConnectionSucceeded()) { return; } bool isAccessUser = LoginCurrentUser(); if (isAccessUser == false) { Environment.Exit(1); return; } SecurityComponent securityComponent = new SecurityComponent(CurrentUser); if (securityComponent.IsAdmin() == false) { lblSettings.Visible = false; lblQA.Visible = false; } HandleAppVersion(); //Start app with the dashboard tab tabMain.SelectedIndex = 8; CurrentTabLabel = lblClients; // Clients tab label highlightSelectedTabLabel(CurrentTabLabel); SetDefaultComboBoxValues(); }
private void AddProxyOAuthSecurityService(ListedCapabilityStatement statement, string authorizeRouteName, string tokenRouteName) { EnsureArg.IsNotNull(statement, nameof(statement)); EnsureArg.IsNotNullOrWhiteSpace(authorizeRouteName, nameof(authorizeRouteName)); EnsureArg.IsNotNullOrWhiteSpace(tokenRouteName, nameof(tokenRouteName)); ListedRestComponent restComponent = statement.Rest.Server(); SecurityComponent security = restComponent.Security ?? new SecurityComponent(); var codableConceptInfo = new CodableConceptInfo(); security.Service.Add(codableConceptInfo); codableConceptInfo.Coding.Add(_modelInfoProvider.Version == FhirSpecification.Stu3 ? Constants.RestfulSecurityServiceStu3OAuth : Constants.RestfulSecurityServiceOAuth); Uri tokenEndpoint = _urlResolver.ResolveRouteNameUrl(tokenRouteName, null); Uri authorizationEndpoint = _urlResolver.ResolveRouteNameUrl(authorizeRouteName, null); var smartExtension = new { url = Constants.SmartOAuthUriExtension, extension = new[] { new { url = Constants.SmartOAuthUriExtensionToken, valueUri = tokenEndpoint, }, new { url = Constants.SmartOAuthUriExtensionAuthorize, valueUri = authorizationEndpoint, }, }, }; security.Extension.Add(JObject.FromObject(smartExtension)); restComponent.Security = security; }
private void PeerConnected(IUser peer, IReadStream readStream) { var length = readStream.ShiftRight <ushort>(); var data = readStream.ShiftRight(length); var bytes = new byte[data.Count]; Buffer.BlockCopy(data.Buffer, data.Offset, bytes, 0, bytes.Length); var buffer = Ssfi.Security.DecryptAesKey(bytes, _keys); var aesKey = buffer.toString(); var securityComponent = SecurityComponent.GetObject(); securityComponent.AesKey = aesKey; peer.AddComponent <ISecurityComponent>(securityComponent); Logger.Debug($"添加{nameof(ISecurityComponent)}组件!"); try { _connectedAction?.Invoke(peer, readStream); } catch (Exception e) { Logger.Error(e); } }
private static void AddOAuthSecurityService(ListedCapabilityStatement statement, string authority, IHttpClientFactory httpClientFactory, ILogger logger) { EnsureArg.IsNotNull(statement, nameof(statement)); EnsureArg.IsNotNull(authority, nameof(authority)); EnsureArg.IsNotNull(httpClientFactory, nameof(httpClientFactory)); ListedRestComponent restComponent = statement.Rest.Server(); SecurityComponent security = restComponent.Security ?? new SecurityComponent(); var codableConceptInfo = new Core.Models.CodableConceptInfo(); security.Service.Add(codableConceptInfo); codableConceptInfo.Coding.Add(Constants.RestfulSecurityServiceOAuth.ToCoding()); var openIdConfigurationUrl = $"{authority}/.well-known/openid-configuration"; HttpResponseMessage openIdConfigurationResponse; using (HttpClient httpClient = httpClientFactory.CreateClient()) { try { openIdConfigurationResponse = httpClient.GetAsync(new Uri(openIdConfigurationUrl)).GetAwaiter().GetResult(); } catch (Exception ex) { logger.LogWarning(ex, $"There was an exception while attempting to read the OpenId Configuration from \"{openIdConfigurationUrl}\"."); throw new OpenIdConfigurationException(); } } if (openIdConfigurationResponse.IsSuccessStatusCode) { JObject openIdConfiguration = JObject.Parse(openIdConfigurationResponse.Content.ReadAsStringAsync().GetAwaiter().GetResult()); string tokenEndpoint, authorizationEndpoint; try { tokenEndpoint = openIdConfiguration["token_endpoint"].Value <string>(); authorizationEndpoint = openIdConfiguration["authorization_endpoint"].Value <string>(); } catch (Exception ex) { logger.LogWarning(ex, $"There was an exception while attempting to read the endpoints from \"{openIdConfigurationUrl}\"."); throw new OpenIdConfigurationException(); } var smartExtension = new { url = Constants.SmartOAuthUriExtension, extension = new[] { new { url = Constants.SmartOAuthUriExtensionToken, valueUri = tokenEndpoint, }, new { url = Constants.SmartOAuthUriExtensionAuthorize, valueUri = authorizationEndpoint, }, }, }; security.Extension.Add(JObject.FromObject(smartExtension)); } else { logger.LogWarning($"The OpenId Configuration request from \"{openIdConfigurationUrl}\" returned an {openIdConfigurationResponse.StatusCode} status code."); throw new OpenIdConfigurationException(); } restComponent.Security = security; }
private void AddOAuthSecurityService(ListedCapabilityStatement statement) { ListedRestComponent restComponent = statement.Rest.Server(); SecurityComponent security = restComponent.Security ?? new SecurityComponent(); var codableConceptInfo = new CodableConceptInfo(); security.Service.Add(codableConceptInfo); codableConceptInfo.Coding.Add(_modelInfoProvider.Version == FhirSpecification.Stu3 ? Constants.RestfulSecurityServiceStu3OAuth : Constants.RestfulSecurityServiceOAuth); var openIdConfigurationUrl = $"{_securityConfiguration.Authentication.Authority}/.well-known/openid-configuration"; HttpResponseMessage openIdConfigurationResponse; using (HttpClient httpClient = _httpClientFactory.CreateClient()) { try { openIdConfigurationResponse = httpClient.GetAsync(new Uri(openIdConfigurationUrl)).GetAwaiter().GetResult(); } catch (Exception ex) { _logger.LogWarning(ex, "There was an exception while attempting to read the OpenId Configuration from \"{openIdConfigurationUrl}\".", openIdConfigurationUrl); throw new OpenIdConfigurationException(); } } if (openIdConfigurationResponse.IsSuccessStatusCode) { JObject openIdConfiguration = JObject.Parse(openIdConfigurationResponse.Content.ReadAsStringAsync().GetAwaiter().GetResult()); string tokenEndpoint, authorizationEndpoint; try { tokenEndpoint = openIdConfiguration["token_endpoint"].Value <string>(); authorizationEndpoint = openIdConfiguration["authorization_endpoint"].Value <string>(); } catch (Exception ex) { _logger.LogWarning(ex, "There was an exception while attempting to read the endpoints from \"{openIdConfigurationUrl}\".", openIdConfigurationUrl); throw new OpenIdConfigurationException(); } var smartExtension = new { url = Constants.SmartOAuthUriExtension, extension = new[] { new { url = Constants.SmartOAuthUriExtensionToken, valueUri = tokenEndpoint, }, new { url = Constants.SmartOAuthUriExtensionAuthorize, valueUri = authorizationEndpoint, }, }, }; security.Extension.Add(JObject.FromObject(smartExtension)); } else { _logger.LogWarning("The OpenId Configuration request from \"{openIdConfigurationUrl}\" returned an {statusCode} status code.", openIdConfigurationUrl, openIdConfigurationResponse.StatusCode); throw new OpenIdConfigurationException(); } restComponent.Security = security; }