public async Task <DocumentUserSignatureDto> Handle(Command message) { var documentSigner = _mapper.Map <DocumentUserSignature>(message.DocumentUserSignatureDto); var certificateData = _certificateService.GetCertificateData(documentSigner.SignerCertificate, CertificateService.GostAlgType); if (!_certificateService.VerifyGostCertificate(certificateData.Certificate, documentSigner.SignedData)) { throw new Exception("Certificate is not valid"); } var currentUserXin = _context.Users.Single(u => u.Id == documentSigner.UserId).XIN; if (!currentUserXin.Equals(certificateData.Bin) && !currentUserXin.Equals(certificateData.Iin)) { throw new Exception("XIN not suitable"); } documentSigner.IsValidCertificate = true; var documentId = _context.DocumentWorkflows.Find(documentSigner.WorkflowId)?.OwnerId; if (documentId.HasValue) { await _signedDocumentApplierForRequest.ApplyAsync(documentSigner.UserId, documentId.Value); await _signedDocumentApplierForContract.ApplyAsync(documentSigner.UserId, documentId.Value); } _context.DocumentUserSignatures.Add(documentSigner); await _context.SaveChangesAsync(); return(_mapper.Map <DocumentUserSignatureDto>(documentSigner)); }
private async Task <IActionResult> CertificateSignIn(LoginModel model) { var certificateData = _certificateService.GetCertificateData(model.CertData, CertificateService.RsaAlgType); if (string.IsNullOrEmpty(certificateData.Iin)) { throw new SecurityException("Inn in certificate not found"); } var userToVerify = await _userManager.FindByNameAsync(certificateData.Iin); if (userToVerify == null) { throw new SecurityException("User not found"); } var isValid = _certificateService.VerifyRsaCertificate(certificateData.Certificate, model.PlainData, model.SignedPlainData); if (!isValid) { throw new SecurityException("Certificate is not valid"); } if (await _userManager.IsLockedOutAsync(userToVerify) || userToVerify.AccessFailedCount == MaxAccessFailedCount) { await _userManager.SetLockoutEnabledAsync(userToVerify, true); throw new SecurityException("User is locked, contact your Administrator"); } //var result = await _signInManager.PasswordSignInAsync(certificateData.Iin, model.Password, false, true); var isCanSignIn = await _signInManager.CanSignInAsync(userToVerify); if (isCanSignIn) { _logger.LogInformation(1, "User logged in."); var response = await _jwtFactory.Create(userToVerify); return(Ok(response)); } throw new SecurityException("Invalid login attempt."); }
public bool Execute(Domain.Entities.Document.DocumentUserSignature documentUserSignature) { var certificateData = _certificateService.GetCertificateData(documentUserSignature.SignerCertificate, CertificateService.GostAlgType); if (!_certificateService.VerifyGostCertificate(certificateData.Certificate, documentUserSignature.SignedData)) { throw new Exception("Certificate is not valid"); } var userXin = NiisAmbientContext.Current.User.Identity.UserXin; if (!userXin.Equals(certificateData.Bin) && !userXin.Equals(certificateData.Iin)) { throw new Exception("XIN not suitable"); } return(true); }