public void CanEncryptAndDecryptString()
{
var encryptedData = _encryptionService.EncryptData("peer", "test string");
var decryptedData = _encryptionService.DecryptString("peer", encryptedData);
Assert.AreEqual("test string", decryptedData, "Decrypted data differs from original");
}
/// <inheritdoc />
/// <summary>
/// Gets the appointment.
/// </summary>
/// <param name="umbracoContext">The umbraco context.</param>
/// <param name="appointmentId">The appointment identifier.</param>
/// <returns></returns>
public AppointmentViewModel GetAppointment(
UmbracoContext umbracoContext,
string appointmentId)
{
loggingService.Info(GetType());
AppointmentSettingsModel settingsModel = appointmentsProvider.GetAppointmentsModel(umbracoContext);
string id = encryptionService.DecryptString(appointmentId);
CustomerModel customerModel = customerProvider.GetCustomerModel(umbracoContext);
int customerId = customerModel.Id;
AppointmentModel model = databaseProvider.GetAppointment(Convert.ToInt32(id), customerId);
return(appointmentTranslator.Translate(settingsModel.PaymentsPage, model));
}
public Domain.User Map(RegisterUserRequest request)
{
var user = _Mapper.Map <Domain.User>(request);
user.Password = _CryptoService.DecryptString(request.Password, _PrivateKey);
return(user);
}
private async Task <ClaimsIdentity> GetIdentity(User user, string username, string password)
{
if (user.Username == username && _encryptionService.DecryptString(user.Password) == password)
{
return(await Task.FromResult(new ClaimsIdentity(new System.Security.Principal.GenericIdentity(username, "Token"), new Claim[] { })));
}
// Credentials are invalid, or account doesn't exist
return(await Task.FromResult <ClaimsIdentity>(null));
}
/// <summary>
/// Decrypts all properties of given asset, excluding the Password.
/// </summary>
/// <param name="asset">The Asset to decrypt</param>
public void DecryptAsset(Asset asset)
{
if (asset.GetType() == typeof(Credential))
{
var credential = asset as Credential;
credential.Login = _encryptionService.DecryptString(credential.Login);
}
else if (asset.GetType() == typeof(Note))
{
//var note = asset as Note; // currently no need to encrypt anything
}
asset.Title = _encryptionService.DecryptString(asset.Title);
if (string.IsNullOrWhiteSpace(asset.Notes) == false)
{
asset.Notes = _encryptionService.DecryptString(asset.Notes);
}
}
public IActionResult UpdateUser(string id)
{
if (string.IsNullOrEmpty(id))
{
return(View("Index").WithAlertMessage("111", "Update request could not be processed."));
}
CommonDetails commonDetails = new CommonDetails
{
Id = _encryptionService.DecryptString(id),
Flag = "GetUserDetails"
};
_log.Information("Get User details for update with the param :", commonDetails);
var userDetails = _userManagementBusiness.GetUserUpdateDetails(commonDetails);
_log.Information("User detail get as :", userDetails);
if (userDetails != null)
{
userDetails.Id = _encryptionService.EncryptString(userDetails.Id);
}
return(View("ManageUserView", userDetails));
}
public async Task <ApiKeyViewModel> GetApiKeyByIdAsync(int keyId)
{
var apiKey = await apiKeyRepository.GetApiKeyByIdAsync(keyId);
if (apiKey == null)
{
return(null);
}
var mappedKey = mapper.Map <ApiKeyViewModel>(apiKey);
mappedKey.Key = await encryptionService.DecryptString(mappedKey.Key);
return(mappedKey);
}
// searching assets should get all matching assets
public async Task <List <Asset> > GetAssetResultsAsync(string searchPrefix, int maxResults)
{
// Validate current user
var currentUser = await _applicationIdentityService.GetCurrentUser();
if (currentUser == null)
{
throw new Exception("Unauthorised requests are not allowed.");
}
List <Asset> retrievedAssets;
// Get assets with appropriate access checks
if (await _applicationIdentityService.IsCurrentUserAdmin())
{
retrievedAssets = await _dbContext.Assets.Where(a =>
a.IsArchived == false)
.ToListAsync();
}
else
{
retrievedAssets = await _dbContext.Assets.Where(a =>
a.IsArchived == false &&
a.Project.AccessIdentifiers.Any(ai => ai.Identity.Id == currentUser.Id))
.ToListAsync();
}
// LOG access asset - open project? TODO
var assets = new List <Asset>();
foreach (var asset in retrievedAssets)
{
try
{
var title = _encryptionService.DecryptString(asset.Title);
if (title.ToLowerInvariant().Contains(searchPrefix.ToLowerInvariant()))
{
asset.IsDecrypted = false;
DecryptAsset(asset);
assets.Add(asset);
}
if (assets.Count >= maxResults)
{
break;
}
}
catch // swallow any decryption exceptions here
{
// TODO: LOG
// TODO: set "error" in title?
continue;
}
}
return(assets);
}
private ActivityDO CloneActivity(ActivityDO source)
{
var clone = (ActivityDO)source.Clone();
// for backward compatibility
// if we have encrypted data decrypt it, otherwise leave CrateStorage as is
if (source.EncryptedCrateStorage != null && source.EncryptedCrateStorage.Length != 0)
{
clone.CrateStorage = _encryptionService.DecryptString(source.Fr8AccountId, source.EncryptedCrateStorage);
// get rid of encrypted data representation to save space in memory.
clone.EncryptedCrateStorage = null;
}
return(clone);
}
/// <summary>
/// Decrypts all project properties.
/// </summary>
/// <param name="result">The Project to decrypt</param>
private void DecryptProject(Project result)
{
if (result.IsDecrypted == false)
{
try
{
// in case the title is persisted with a non-decrypted string, this helps recover the application.
result.Title = _encryptionService.DecryptString(result.Title);
}
catch
{
result.Title = "Decryption error";
}
try
{
result.Description = _encryptionService.DecryptString(result.Description);
}
catch
{
result.Description = "Decryption error";
}
try
{
result.Category = _encryptionService.DecryptString(result.Category);
}
catch
{
result.Category = "Decryption error";
}
result.IsDecrypted = true;
result.IsProjectTitleDecrypted = true;
}
}
public async Task <bool> Validate(string appInsightsAppId, string encryptedKey)
{
var query = WebUtility.UrlEncode("requests|take 1");
HttpRequestMessage request = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri($"https://api.applicationinsights.io/v1/apps/{appInsightsAppId}/query?timespan=1H&query={query}")
};
var apiKey = _encryptionService.DecryptString(encryptedKey);
request.Headers.Add("x-api-key", apiKey ?? string.Empty);
var response = await this._httpClient.SendAsync(request);
response.EnsureSuccessStatusCode();
return(true);
}
/// <summary>
/// Gets the transaction view model.
/// </summary>
/// <param name="umbracoContext">The umbraco context.</param>
/// <param name="encryptedId">The encrypted identifier.</param>
/// <returns></returns>
/// <inheritdoc />
public TransactionViewModel GetTransactionViewModel(
UmbracoContext umbracoContext,
string encryptedId)
{
PaymentSettingsModel settingsModel = paymentProvider.GetPaymentSettingsModel(umbracoContext);
if (settingsModel.PaymentsEnabled)
{
string paymentId = encryptionService.DecryptString(encryptedId);
CustomerModel customerModel = customerProvider.GetCustomerModel(umbracoContext);
TransactionModel model = databaseProvider.GetTransaction(Convert.ToInt32(paymentId), customerModel.Id);
return(transactionTranslator.Translate(model));
}
return(new TransactionViewModel());
}
private bool InsertCredentials(IntPtr wh, Account account, SecureString key, Settings settings)
{
//check if full screen
var isFullScreen = _fileService.IsOverwatchFullscreenAsync().Result;
Thread.Sleep(2000);
if (isFullScreen)
{
_overwatchInteractionService.AltEnter(app.MainWindowHandle);
}
_overwatchInteractionService.WaitForLoginScreen(app.MainWindowHandle, settings.LoadingTime);
_overwatchInteractionService.ClickWindow(app.MainWindowHandle);
_overwatchInteractionService.EnterKeys(app.MainWindowHandle, account.Email);
_overwatchInteractionService.PressTab(app.MainWindowHandle);
IntPtr valuePtr = IntPtr.Zero;
var pw = _encryptionService.DecryptString(key, account.Password, account.ManualEncryption);
valuePtr = Marshal.SecureStringToGlobalAllocUnicode(pw);
for (int i = 0; i < pw.Length; i++)
{
_overwatchInteractionService.EnterKeys(app.MainWindowHandle, Convert.ToChar(Marshal.ReadInt16(valuePtr, i * 2)).ToString());
}
Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
Thread.Sleep(750);
_overwatchInteractionService.PressEnter(app.MainWindowHandle);
if (isFullScreen)
{
_overwatchInteractionService.AltEnter(app.MainWindowHandle);
}
return(true);
}
public string GetEncryptedTokenCode(string token, CdkCustomer cdkCustomer, string partnerKey, bool addPassword = false)
{
//Partner key.
byte[] partnerKeyInBytes = Encoding.UTF8.GetBytes(partnerKey);
//Convert token into bytes.
byte[] tokenInBytes = Encoding.UTF8.GetBytes(token);
// Calculate Hash value using via defined HMAC- algorithm using previously get token from
// services (/RequestToken) API.
HMACSHA384 objHmacsha384 = new HMACSHA384(partnerKeyInBytes);
var hashMessage = objHmacsha384.ComputeHash(tokenInBytes);
//var hashCodeObj = Convert.ToBase64String(hashMessage);
var hashCodeObj = UtilityHelper.ByteToString(hashMessage);
var base64Format = addPassword
? cdkCustomer.CustomerLoginId + ":" + hashCodeObj + ":" + _encryptionService.DecryptString(cdkCustomer.Password)
: _unregisteredGuid + ":" + hashCodeObj + ":";
//Convert Hash value into Base64 string in format<{candidateId}:{hash}:>
return(Convert.ToBase64String(Encoding.UTF8.GetBytes(base64Format)));
}
/// <summary>
/// Gets all Asset access logs for the specified period.
/// </summary>
/// <param name="startDateTime">The start time of the asset retrievals.</param>
/// <param name="endDateTime">The end time of the asset retrievals.</param>
/// <returns>A Task of IEnumerable<Event> objects.</returns>
public async Task <IEnumerable <Event> > GetAssetAccessEventsAsync(DateTime startDateTime, DateTime endDateTime, string login = "")
{
var results = await _dbContext.Events
.Where(e =>
(login != "" ? e.ActedByUser == login : true) &&
e.DateTime >= startDateTime &&
e.DateTime <= endDateTime &&
e.Type == EventType.RetrieveAsset.ToString())
.ToListAsync();
foreach (var evt in results)
{
try
{
evt.ProjectTitle = _encryptionService.DecryptString(evt.ProjectTitle);
}
catch (Exception)
{
evt.ProjectTitle = "Decryption error!";
}
}
return(results);
}
public RoleUpdateViewDetails GetRoleDetailsUpdate(string roleId)
{
roleId = _encryptionService.DecryptString(roleId);
var roleDetails = _roleManagementRepository.GetRoleDetailsUpdate(roleId, StoredProcedureName);
var roleLists = roleDetails.Item1;
var roleGroup = roleLists.GroupBy(x => x.SubGroupName).Select(g => g.First()).ToList();
List <RoleDetailsLists> roleDetailsLists = new List <RoleDetailsLists>();
foreach (var group in roleGroup)
{
RoleDetailsLists roleDetailsList = new RoleDetailsLists();
roleDetailsList.GroupName = group.Group;
roleDetailsList.SubGroupName = group.SubGroupName;
roleDetailsList.RoleDetails = roleLists.Where(x => x.SubGroupName == group.SubGroupName).ToList();
roleDetailsLists.Add(roleDetailsList);
}
RoleUpdateViewDetails roleUpdateViewDetails = new RoleUpdateViewDetails();
roleUpdateViewDetails.RoleLists = roleDetailsLists;
roleUpdateViewDetails.SelectedRoles = roleDetails.Item2;
roleUpdateViewDetails.RoleId = roleDetails.Item3.Id;
roleUpdateViewDetails.RoleName = roleDetails.Item3.Name;
return(roleUpdateViewDetails);
}
public async Task <bool> Validate(string resourceId, string bearerToken)
{
JObject tagsObject = await GetExistingTagsAsync(resourceId, bearerToken);
if (tagsObject[AppInsightsTagName] != null)
{
var jsonString = tagsObject[AppInsightsTagName].ToString();
var appInsightsTag = JsonConvert.DeserializeObject <AppInsightsTagValue>(jsonString);
if (appInsightsTag != null && !string.IsNullOrWhiteSpace(appInsightsTag.AppId) && !string.IsNullOrWhiteSpace(appInsightsTag.ApiKey))
{
var query = WebUtility.UrlEncode("requests|take 1");
HttpRequestMessage request = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri($"https://api.applicationinsights.io/v1/apps/{appInsightsTag.AppId}/query?timespan=1H&query={query}")
};
var apiKey = _encryptionService.DecryptString(appInsightsTag.ApiKey);
request.Headers.Add("x-api-key", apiKey ?? string.Empty);
var response = await this._httpClient.SendAsync(request);
response.EnsureSuccessStatusCode();
return(true);
}
else
{
return(false);
}
}
else
{
return(false);
}
}
/// <summary>
/// Gets the appointment identifier.
/// </summary>
/// <param name="autoAllocate">The automatic allocate.</param>
/// <param name="appointmentId">The appointment identifier.</param>
/// <returns></returns>
internal int?GetAppointmentId(
string autoAllocate,
string appointmentId)
{
int?id = null;
if (string.IsNullOrEmpty(appointmentId) == false)
{
string appId = encryptionService.DecryptString(appointmentId);
id = Convert.ToInt32(appId);
}
else if (string.IsNullOrEmpty(autoAllocate) == false &&
autoAllocate.ToLower() == "y")
{
id = cookieService.GetValue <int>(AppointmentConstants.LastAppointmentIdCookie);
}
//// remove the cookie so it doesnt get allocated to the next payment.
cookieService.Expire(AppointmentConstants.LastAppointmentIdCookie);
return(id);
}
/// <summary>
/// Decrypts all project properties.
/// </summary>
/// <param name="result">The Project to decrypt</param>
private void DecryptProject(Project result)
{
result.Title = _encryptionService.DecryptString(result.Title);
result.Description = _encryptionService.DecryptString(result.Description);
result.Category = _encryptionService.DecryptString(result.Category);
}
/// <inheritdoc />
/// <summary>
/// Ges the email adress.
/// </summary>
/// <returns></returns>
public string GeEmailAdress()
{
string emailAddress = cookieService.GetValue(AuthenticationConstants.EmailAddress);
return(string.IsNullOrEmpty(emailAddress) == false?encryptionService.DecryptString(emailAddress) : string.Empty);
}
private string GetDiscordToken()
{
return(_encryptionService.DecryptString("43CH90zIyWDMrOYj5IAD", ConfigurationManager.ConnectionStrings["DiscordToken"].ConnectionString));
}
