public async Task <IActionResult> RegisterCertificateCallback([FromBody] SmartCardAuthorizationResponse smartCardAuthorizationResponse) { var sub = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "sub")?.Value; if (string.IsNullOrEmpty(sub)) { return(Json(new { success = false })); } var user = await _users.FindByIdAsync(sub); if (smartCardAuthorizationResponse == null || string.IsNullOrEmpty(smartCardAuthorizationResponse.Certificate) || string.IsNullOrEmpty(smartCardAuthorizationResponse.Token)) { return(Json(new { success = false })); } var certificate = CertificateUtilities.GetAndValidateCertificate(smartCardAuthorizationResponse.Certificate); if (certificate == null) { return(Json(new { success = false })); } if (_authContext.UserCertificates.FirstOrDefault(x => x.Thumbprint == certificate.Thumbprint) != null) { return(Json(new { success = false })); } var payload = HttpContext.Session.GetString("certificateRegister.challenge"); var verifyResult = JwtUtils.ValidateJWT( certificate, smartCardAuthorizationResponse.Token, smartCardAuthorizationResponse.Algorithm, payload); if (verifyResult) { var dbuser = _authContext.Users.First(u => u.Id == user.Id); var userCert = new UserCertificate() { Certificate = Convert.ToBase64String(certificate.RawData), Thumbprint = certificate.Thumbprint, User = dbuser, RegistrationDate = DateTime.Now, Subject = certificate.Subject }; _authContext.UserCertificates.Add(userCert); _authContext.SaveChanges(); return(Json(new { success = true })); } return(Json(new { success = false })); }
public async Task <IActionResult> SmartCardDigitalSignatureCallback([FromBody] SmartCardAuthorizationResponse smartCardAuthorizationResponse) { var sub = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "sub")?.Value; if (string.IsNullOrEmpty(sub)) { return(Json(new { success = false })); } var user = await _users.FindByIdAsync(sub); if (user == null) { return(Json(new { success = false })); } if (smartCardAuthorizationResponse == null || string.IsNullOrEmpty(smartCardAuthorizationResponse.Certificate) || string.IsNullOrEmpty(smartCardAuthorizationResponse.Token)) { return(Json(new { success = false })); } var certificate = CertificateUtilities.GetAndValidateCertificate(smartCardAuthorizationResponse.Certificate, _authContext); if (certificate == null) { return(Json(new { success = false })); } //Get session data var paymentId = HttpContext.Session.GetString("smartCard.paymentId"); var payload = HttpContext.Session.GetString("smartCard.payload"); var verifyResult = JwtUtils.ValidateJWT( certificate, smartCardAuthorizationResponse.Token, smartCardAuthorizationResponse.Algorithm, payload); //Verify that decoded payload is the same as sent payload if (verifyResult) { try { //Store authorization var payment = _authContext.Payments.First(x => x.Id == paymentId); var paymentAuthorization = new PaymentAuthorization() { AuthenticatorData = smartCardAuthorizationResponse.Certificate, AuthorizationDateTime = DateTime.Now, Payment = payment, Signature = smartCardAuthorizationResponse.Token, Type = (int)DeviceType.SMART_CARD }; payment.Status = "authorized"; _authContext.PaymentAuthorizations.Add(paymentAuthorization); _authContext.SaveChanges(); return(Json(new { success = true })); } catch (Exception e) { return(Json(new { success = false })); } } else { return(Json(new { success = false })); } }