public void IsTokenExpired_Test() { ValidateTokenRequest request = new ValidateTokenRequest { Context = "NG", Token = "53287900d6a4850ebc395f67", Version = 1 }; ValidateTokenResponse response = SecurityManager.ValidateToken(request, "Engineer"); }
public PutDeleteMedMapResponse Put(PutDeleteMedMapRequest request) { PutDeleteMedMapResponse resp = new PutDeleteMedMapResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; MedicationManager.DeleteMedicationMap(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(resp, base.Response, ex); if ((ex is WebServiceException) == false) { MedicationManager.LogException(ex); } } return(resp); }
public ValidateTokenResponse ValidateTokenClaim(string jWTToken) { try { ClaimsPrincipal principal = GetPrincipal(jWTToken); if (principal == null) { return(null); } var identity = (ClaimsIdentity)principal.Identity; Claim pTokenClaimScope = identity.FindFirst("scope"); Claim pTokenCLaimUserId = identity.FindFirst("custom:CustomerId"); var validateTokenResponse = new ValidateTokenResponse() { scope = pTokenClaimScope.Value, userid = pTokenCLaimUserId.Value }; return(validateTokenResponse); } catch (Exception ex) { return(null); } }
///// <summary> ///// Example to return a HttpResult object with a decorated response. ///// </summary> ///// <param name="request">GetPatientUtilizationRequest</param> ///// <returns>object</returns> //public object Get(GetPatientUtilizationRequest request) //{ // GetPatientUtilizationResponse response = null; // ValidateTokenResponse result = null; // try // { // request.Token = base.Request.Headers["Token"] as string; // result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); // if (result.UserId.Trim() != string.Empty) // { // request.UserId = result.UserId; // response = UtilManager.GetPatientUtilization(request); // } // else // throw new UnauthorizedAccessException(); // } // catch (Exception ex) // { // CommonFormatter.FormatExceptionResponse(response, base.Response, ex); // if ((ex is WebServiceException) == false) // UtilManager.LogException(ex); // } // finally // { // List<string> patientIds = new List<string>(); // if (response.Utilization != null) // patientIds.Add(response.Utilization.PatientId); // if (result != null) // AuditHelper.LogAuditData(request, result.SQLUserId, patientIds, HttpContext.Current.Request, request.GetType().Name); // } // return new HttpResult(response, HttpStatusCode.OK) // { // StatusDescription = "this is really cool!", // Location = "www.google.com" // }; //} public GetPatientUtilizationResponse Get(GetPatientUtilizationRequest request) { GetPatientUtilizationResponse response = null; ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response = UtilManager.GetPatientUtilization(request); } else throw new UnauthorizedAccessException(); } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) UtilManager.LogException(ex); } finally { List<string> patientIds = new List<string>(); if (response.Utilization != null) patientIds.Add(response.Utilization.PatientId); if (result != null) AuditHelper.LogAuditData(request, result.SQLUserId, patientIds, HttpContext.Current.Request, request.GetType().Name); } return response; }
public ValidateTokenResponse Validate(ValidateTokenRequest request, string securityToken) { try { ValidateTokenResponse response = null; ObjectId tokenObjectId; if (request != null) { if (ObjectId.TryParse(request.Token, out tokenObjectId)) { MEAPISession session = _objectContext.APISessions.Collection.FindOneByIdAs <MEAPISession>(tokenObjectId); if (session != null) { if (session.SecurityToken.ToUpper().Equals(securityToken.ToUpper()) && session.ContractNumber.ToUpper().Equals(request.ContractNumber.ToUpper()) && session.Product.ToUpper().Equals(request.Context.ToUpper())) { session.SessionTimeOut = DateTime.UtcNow.AddMinutes(session.SessionLengthInMinutes); response = new ValidateTokenResponse { SessionLengthInMinutes = session.SessionLengthInMinutes, SessionTimeOut = session.SessionTimeOut, TokenId = session.Id.ToString(), SQLUserId = session.SQLUserId, UserId = session.UserId.ToString(), UserName = session.UserName }; _objectContext.APISessions.Collection.Save(session); } else { throw new UnauthorizedAccessException("SD:APISessionRepository:Validate():Invalid Security Authorization Request"); } return(response); } else { throw new UnauthorizedAccessException("SD:APISessionRepository:Validate():Security Token does not exist"); } } else { throw new UnauthorizedAccessException("SD:APISessionRepository:Validate():Security Token is not in correct format."); } } else { throw new UnauthorizedAccessException("SD:APISessionRepository:Validate():Request is invalid"); } } catch (Exception) { throw; } }
public ActionResult <string> Post([FromBody] ValidateTokenRequest request) { var tokenResult = JwtUtil.IsValidToken(request.Token, request.DeviceId); var response = new ValidateTokenResponse() { Result = (tokenResult == JwtUtil.ValidateTokenResult.Success) ? (int)ResultCode.Success : (int)ResultCode.InvalidToken }; return(JsonConvert.SerializeObject(response)); }
public void HitIsUserValidated() { // Arrange double version = 1.0; string contractNumber = "InHealth001"; string token = "5329910cd6a4850ebc313228"; string securityUrl = "http://localhost:888/Security"; string PhytelSecurityHeaderKey = "x-Phytel-Security"; string additionalToken = "Engineer"; int cycles = 1500; int[] nums = Enumerable.Range(0, cycles).ToArray(); Parallel.ForEach(nums, num => //for (int i = 1; i <= 20; i++) { Stopwatch st = new Stopwatch(); try { st.Start(); IRestClient client = new JsonServiceClient(); JsonServiceClient.HttpWebRequestFilter = x => x.Headers.Add(string.Format("{0}: {1}", PhytelSecurityHeaderKey, additionalToken)); ValidateTokenResponse response = client.Post <ValidateTokenResponse>(string.Format("{0}/{1}/{2}/{3}/token", securityUrl, "NG", version, contractNumber), new ValidateTokenRequest { Token = token } as object); st.Stop(); if (String.IsNullOrEmpty(response.UserId)) { throw new Exception("token: " + token + " Userid is null."); } Debug.WriteLine("thread" + num + " :: " + System.DateTime.Now.ToLongTimeString() + " :: " + st.ElapsedMilliseconds.ToString()); } catch (Exception ex) { Debug.WriteLine("thread" + num + " :: " + System.DateTime.Now.ToLongTimeString() + " :: " + st.ElapsedMilliseconds.ToString() + ": Exception:" + ex.Message); } } ); }
public GetMedNamesResponse Get(GetMedNamesRequest request) { GetMedNamesResponse response = new GetMedNamesResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; var res = SearchManager.GetSearchMedNameResults(request); var count = res.Count; if (request.Take > 0 && res.Count > request.Take) { res = res.Take(request.Take).ToList(); response.Message = request.Take + " out of " + count + ". Please refine your search."; } response.ProprietaryNames = res; } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatterUtil.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { SearchManager.LogException(ex); } } finally { if (result != null) { string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; AuditUtil.LogAuditData(request, result.SQLUserId, null, browser, hostAddress, request.GetType().Name); } } return(response); }
public PostPatientAllergiesResponse Post(PostPatientAllergiesRequest request) { PostPatientAllergiesResponse response = new PostPatientAllergiesResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response.PatientAllergies = AllergyManager.UpdatePatientAllergies(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { AllergyManager.LogException(ex); } } finally { List <string> patientIds = null; if (request.PatientAllergies != null && request.PatientAllergies.Count > 0) { patientIds = new List <string>(); request.PatientAllergies.ForEach(p => { patientIds.Add(p.PatientId); }); } if (result != null) { string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; AuditUtil.LogAuditData(request, result.SQLUserId, patientIds, browser, hostAddress, request.GetType().Name); } } return(response); }
public ValidateTokenResponse ValidateTheToken(string requestToken) { int reqToken = Int32.Parse(requestToken); ValidateTokenResponse valTokenResp = _advertContext.Client.Where(c => c.IdClient == reqToken).Select(p => new ValidateTokenResponse { Login = p.Login, IdClient = p.IdClient, FirstName = p.FirstName, TokenString = p.TokenString }).FirstOrDefault(); return(valTokenResp); }
public GetMedFieldsResponse Get(GetMedFieldsRequest request) { GetMedFieldsResponse response = new GetMedFieldsResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; var results = SearchManager.GetSearchMedFieldsResults(request); response.DosageForms = results.FormList; response.Routes = results.RouteList; response.Strengths = results.StrengthList; response.Units = results.UnitsList; } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatterUtil.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { SearchManager.LogException(ex); } } finally { if (result != null) { string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; AuditUtil.LogAuditData(request, result.SQLUserId, null, browser, hostAddress, request.GetType().Name); } } return(response); }
public GetPatientSystemsResponse Get(GetPatientSystemsRequest request) { GetPatientSystemsResponse response = new GetPatientSystemsResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { ServiceContext.UserId = result.UserId; response.PatientSystems = PatientSystemManager.GetPatientSystems(ServiceContext, request.PatientId); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatterUtil.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { PatientSystemManager.LogException(ex); } } finally { if (result != null) { List <string> patientIds = null; if (response.PatientSystems != null) { patientIds = response.PatientSystems.Select(x => x.PatientId).ToList(); } string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; AuditUtil.LogAuditData(request, result.SQLUserId, patientIds, browser, hostAddress, request.GetType().Name); } } return(response); }
public GetInitializeGoalResponse Get(GetInitializeGoalRequest request) { GetInitializeGoalResponse response = new GetInitializeGoalResponse(); GoalsManager gm = new GoalsManager(); ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response = gm.GetInitialGoalRequest(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { gm.LogException(ex); } } finally { List <string> patientIds = null; if (response.Goal != null) { patientIds = new List <string>(); patientIds.Add(response.Goal.PatientId); } if (result != null) { AuditHelper.LogAuditData(request, result.SQLUserId, patientIds, System.Web.HttpContext.Current.Request, request.GetType().Name); } } return(response); }
public PostSaveActionResponse Post(PostSaveActionRequest request) { var response = new PostSaveActionResponse(); var intm = new PlanManager(); ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response = intm.SaveActionResults(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { intm.LogException(ex); } } finally { List <string> patientIds = null; if (!string.IsNullOrEmpty(response.PatientId)) { patientIds = new List <string> { response.PatientId }; } if (result != null) { AuditHelper.LogAuditData(request, result.SQLUserId, patientIds, System.Web.HttpContext.Current.Request, request.GetType().Name); } } return(response); }
public PutPatientUtilizationResponse Put(PutPatientUtilizationRequest request) { PutPatientUtilizationResponse response = null; ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { // refactor this validators to a pattern if (string.IsNullOrEmpty(request.Utilization.Id)) throw new ArgumentException("Missing utilization id"); if (string.IsNullOrEmpty(request.Utilization.PatientId)) throw new ArgumentException("Missing patientid"); if (string.IsNullOrEmpty(request.Utilization.VisitTypeId)) throw new ArgumentException("Missing visittypeid"); request.UserId = result.UserId; response = UtilManager.UpdatePatientUtilization(request); } else throw new UnauthorizedAccessException(); } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) UtilManager.LogException(ex); } finally { List<string> patientIds = new List<string>(); if (response.Result) { patientIds.Add(request.PatientId); AuditHelper.LogAuditData(request, result.SQLUserId, patientIds, HttpContext.Current.Request, request.GetType().Name); } } return response; }
public GetContactByContactIdResponse Get(GetContactByContactIdRequest request) { GetContactByContactIdResponse response = new GetContactByContactIdResponse(); try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } ValidateTokenResponse result = null; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response.Contact = ContactManager.GetContactByContactId(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { ContactManager.LogException(ex); } } finally { //List<string> patientIds = new List<string>(); //patientIds.Add(request.PatientId); //if (result != null) //{ // string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; // string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; // AuditUtil.LogAuditData(request, result.SQLUserId, patientIds, browser, hostAddress, request.GetType().Name); //} } return(response); }
public AddCareTeamMemberResponse Post(AddCareTeamMemberRequest request) { if (request == null) { throw new ArgumentNullException("request"); } var response = new AddCareTeamMemberResponse(); ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; var dataResponse = ContactManager.AddCareTeamMember(request); response.Id = dataResponse.Id; } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { ContactManager.LogException(ex); } } finally { if (result != null) { AuditHelper.LogAuditData(request, result.SQLUserId, null, System.Web.HttpContext.Current.Request, request.GetType().Name); } } return(response); }
public ValidateTokenResponse IsUserValidated(double version, string token, string contractNumber) { try { ValidateTokenResponse response = new ValidateTokenResponse(); response.UserId = "000000000000000000000000"; if (String.IsNullOrEmpty(response.UserId)) { throw new Exception("token: " + token + " Userid is null."); } return(response); } catch (Exception ex) { throw new Exception("AD:IsUserValidated()::" + ex.Message, ex.InnerException); } }
public async Task <IActionResult> ValidateToken([FromRoute] Guid cardId, [FromBody] ValidateTokenRequest request, CancellationToken cancellationToken) { if (request == null) { return(BadRequest()); } var commandInput = new ValidateCardTokenCommandInput(request.CustomerId, cardId, request.Token, request.CVV); var commandResult = await _mediator.Send(commandInput, cancellationToken); if (!commandResult.IsValid()) { return(BadRequest()); } var response = new ValidateTokenResponse(commandResult.Validated); return(Ok(response)); }
public PostInitializeMedicationMapResponse Post(PostInitializeMedicationMapRequest request) { PostInitializeMedicationMapResponse response = new PostInitializeMedicationMapResponse(); ValidateTokenResponse result = null; try { if (base.Request != null) { request.Token = base.Request.Headers["Token"] as string; } result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response.MedicationMap = MedicationManager.InitializeMedicationMap(request); } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { MedicationManager.LogException(ex); } } finally { if (result != null) { string browser = (base.Request != null) ? base.Request.UserAgent : unknownBrowserType; string hostAddress = (base.Request != null) ? base.Request.UserHostAddress : unknownUserHostAddress; AuditUtil.LogAuditData(request, result.SQLUserId, null, browser, hostAddress, request.GetType().Name); } } return(response); }
public void ValidateToken_Test() { string PhytelSecurityHeaderKey = "x-Phytel-Security"; string additionalToken = "Engineer"; IRestClient client = new JsonServiceClient(); JsonServiceClient.HttpWebRequestFilter = x => x.Headers.Add(string.Format("{0}: {1}", PhytelSecurityHeaderKey, additionalToken)); ValidateTokenResponse response = client.Post <ValidateTokenResponse>(string.Format("{0}/{1}/{2}/{3}/token", "http://localhost:888/Security", "NG", 1, "InHealth001"), new ValidateTokenRequest { Token = "53162017072ef71b5c3d8e4f" } as object); Assert.IsNotNull(response); }
public ValidateTokenResponse Post(ValidateTokenRequest request) { ValidateTokenResponse response = new ValidateTokenResponse(); try { //pull token from request coming in to validate token string securityToken = HttpContext.Current.Request.Headers.Get(_phytelSecurityToken); // validate user against apiuser datastore response = SecurityManager.ValidateToken(request, securityToken); } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { LogException(ex); } } return(response); }
public ValidateTokenResponse IsUserValidated(double version, string token, string contractNumber) { try { if (string.IsNullOrEmpty(token)) { throw new UnauthorizedAccessException("Token is null or empty."); } string additionalToken = BuildSecurityToken(); IRestClient client = new JsonServiceClient(); //we don't use the ngutils createjson service because we are not calling a data domain here JsonServiceClient.HttpWebRequestFilter = x => x.Headers.Add(string.Format("{0}: {1}", PhytelSecurityHeaderKey, additionalToken)); //[Route("/{Context}/{Version}/{ContractNumber}/token", "POST")] ValidateTokenResponse response = client.Post <ValidateTokenResponse>(string.Format("{0}/{1}/{2}/{3}/token", ADSecurityServiceURL, "NG", version, contractNumber), new ValidateTokenRequest { Token = token } as object); if (String.IsNullOrEmpty(response.UserId)) { throw new Exception("token: " + token + " Userid is null."); } return(response); } catch (Exception ex) { throw; } }
public GetAllCareManagersResponse Get(GetAllCareManagersRequest request) { GetAllCareManagersResponse response = new GetAllCareManagersResponse(); ValidateTokenResponse result = null; try { request.Token = base.Request.Headers["Token"] as string; result = Security.IsUserValidated(request.Version, request.Token, request.ContractNumber); if (result.UserId.Trim() != string.Empty) { request.UserId = result.UserId; response.Contacts = ContactManager.GetCareManagers(request); response.Version = request.Version; } else { throw new UnauthorizedAccessException(); } } catch (Exception ex) { CommonFormatter.FormatExceptionResponse(response, base.Response, ex); if ((ex is WebServiceException) == false) { ContactManager.LogException(ex); } } finally { if (result != null) { AuditHelper.LogAuditData(request, result.SQLUserId, null, System.Web.HttpContext.Current.Request, request.GetType().Name); } } return(response); }