private async Task <TblIdentityCredential> ValidateAuthorization(AuthenticateIdentityQuery request, CancellationToken cancellationToken, AuthorizeBy authorizeBy)
{
TblIdentityCredential result;
reAuth:
switch (authorizeBy)
{
case AuthorizeBy.Default:
var getDefaults = await _dataLayer.TblConfigurations
.AsNoTracking()
.FirstOrDefaultAsync(i => i.ApplicationId == request.RequestServer.ApplicationId & i.Key == "DefaultAuthorizeBy", cancellationToken: cancellationToken);
authorizeBy = (AuthorizeBy)int.Parse(getDefaults.Value);
goto reAuth;
case AuthorizeBy.UsernameEmailPhone:
result = await _dataLayer.TblIdentityCredentials
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
result ??= _dataLayer.TblIdentityContacts
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == 1)?.UserCredential;
result ??= _dataLayer.TblIdentityContacts
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == 2)?.UserCredential;
break;
case AuthorizeBy.Username:
result = await _dataLayer.TblIdentityCredentials
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
break;
case AuthorizeBy.Email:
result = _dataLayer.TblIdentityContacts
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == 1)?.UserCredential;
break;
case AuthorizeBy.Phone:
result = _dataLayer.TblIdentityContacts
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == 2)?.UserCredential;
break;
case AuthorizeBy.Token:
result = await _dataLayer.TblIdentityCredentials
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
break;
default:
throw new ArgumentOutOfRangeException();
}
return(result);
}
private async Task <TblIdentityCredential> ValidateAuthorization(AuthenticateCredentialQuery request, CancellationToken cancellationToken, AuthorizeBy authorizeBy)
{
TblIdentityCredential result;
reAuth:
switch (authorizeBy)
{
case AuthorizeBy.Default:
var application = await GetApplication(request.RequestServer.ApplicationId);
var getDefaults = await _dataLayer.TblConfigurations
.AsNoTracking()
.FirstOrDefaultAsync(i => i.ApplicationId == application.Id & i.Key == "DefaultAuthorizeBy", cancellationToken: cancellationToken);
if (getDefaults is null)
{
throw new ArgumentException($"Unable to login: Application with Guid '{application.Guid}' does not have 'DefaultAuthorizeBy' key in registry");
}
authorizeBy = (AuthorizeBy)int.Parse(getDefaults.Value);
goto reAuth;
case AuthorizeBy.UsernameEmailPhone:
result = await _dataLayer.TblIdentityCredentials
.Include(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
result ??= _dataLayer.TblIdentityContacts
.Include(i => i.UserCredential)
.ThenInclude(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == (long?)GenericContactType.Email)?.UserCredential;
result ??= _dataLayer.TblIdentityContacts
.Include(i => i.UserCredential)
.ThenInclude(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == (long?)GenericContactType.Phone)?.UserCredential;
break;
case AuthorizeBy.Username:
result = await _dataLayer.TblIdentityCredentials
.Include(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
break;
case AuthorizeBy.Email:
request.Username.ValidateEmailAddress();
result = _dataLayer.TblIdentityContacts
.Include(i => i.UserCredential)
.ThenInclude(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username & i.UcentitiesId == 1)?.UserCredential;
break;
case AuthorizeBy.Phone:
result = _dataLayer.TblIdentityContacts
.Include(i => i.UserCredential)
.ThenInclude(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefault(i => i.Value == request.Username.ValidatePhoneNumber(false) & i.UcentitiesId == 2)?.UserCredential;
break;
case AuthorizeBy.Token:
result = await _dataLayer.TblIdentityCredentials
.Include(i => i.IdentityInfo)
.AsNoTracking()
.FirstOrDefaultAsync(i => i.UserName == request.Username,
cancellationToken: cancellationToken);
break;
default:
throw new ArgumentOutOfRangeException();
}
return(result);
}
private async Task <TblIdentityCredential> ValidatePassword(AuthenticateIdentityQuery request, AuthorizeBy authorizeBy, TblIdentityCredential credential, CancellationToken cancellationToken)
{
SHA512 shaM = new SHA512Managed();
var passwordByte = Encoding.ASCII.GetBytes(request.Password);
var hashPasswordByte = shaM.ComputeHash(passwordByte);
if (authorizeBy == AuthorizeBy.Token)
{
return(credential);
}
credential = await _dataLayer.TblIdentityCredentials
.Include(i => i.IdentityInfo)
.FirstOrDefaultAsync(i => i.Id == credential.Id & i.PasswordByte == hashPasswordByte, cancellationToken: cancellationToken);
return(credential);
}
private async Task <TblIdentityCredential> ValidatePassword(AuthenticateCredentialQuery request, AuthorizeBy authorizeBy, TblIdentityCredential credential, CancellationToken cancellationToken)
{
if (authorizeBy == AuthorizeBy.Token)
{
return(credential);
}
var hashPassword = Encoding.ASCII.GetString(credential.PasswordByte);
return(!BCrypt.Net.BCrypt.Verify(request.Password, hashPassword) ? null : credential);
}