public JObject AcceptMobileAuthTnC() { try { var request = _httpContextProxy.GetRequestBody <MobileAuthAcceptTnCRequestModel>(); request.device_address = _httpContextProxy.GetHeader("device_address"); var results = new Dictionary <string, string>(); if (request.IsValidModel(out results)) { JObject tncResponse = new JObject() { ["security_code"] = "dummy_security_code" }; return(_responseBuilder.Success(null, tncResponse)); } else { _logger.Debug("Model validation fail"); JObject errors = new JObject(); foreach (var error in results) { errors[error.Key] = error.Value; } return(_responseBuilder.BadRequest(errors)); } } catch (Exception ex) { _logger.Error(ex.Message, ex); return(_responseBuilder.ServerError()); } }
internal static string GetUserId(IHttpContextProxy httpProxy, IDBService dbProxy, IEncryption encryption) { var authtoken = httpProxy.GetHeader(CommonConst.CommonField.AUTH_TOKEN); DBQuery query = new DBQuery() { Filters = new FilterQuery() { new Filter(CommonConst.CommonField.AUTH_TOKEN, encryption.Encrypt(authtoken)) } }; var data = dbProxy.Get(CommonConst.Collection.AUTH_TOKEN_COLLECTION, query); if (data.Count != 1) { throw new Exception("Invalid auth token"); } return(data[0][CommonConst.CommonField.USER_ID].ToString()); }
private async Task BuildHeaders(Dictionary <string, string> headres, HttpRequestMessage request) { foreach (var header in _httpContextProxy.GetHeaders()) { if (header.Key == CommonConst.CommonField.OAUTH_CLIENT_ID || header.Key == CommonConst.CommonField.OAUTH_CLIENT_SECRET) { request.Headers.Add(header.Key, header.Value); } } if (headres != null) { foreach (var header in headres) { request.Headers.Add(header.Key, header.Value); } } if (!request.Headers.Contains("Authorization")) { var accessToken = await _httpContextProxy.GetAccessTokenAync(); if (!string.IsNullOrEmpty(accessToken)) { request.Headers.Add("Authorization", $"Bearer {accessToken}"); } } if (!request.Headers.Contains(CommonConst.CommonField.TRANSACTION_ID)) { request.Headers.Add(CommonConst.CommonField.TRANSACTION_ID, _logger.TransactionId); } if (!request.Headers.Contains(CommonConst.CommonField.API_AUTH_TOKEN)) { request.Headers.Add(CommonConst.CommonField.API_AUTH_TOKEN, CommonUtility.GetApiAuthKey()); } if (!request.Headers.Contains(CommonConst.CommonValue.TENANT_KEY)) { var orgkey = _httpContextProxy.GetHeader(CommonConst.CommonValue.TENANT_KEY); if (string.IsNullOrEmpty(orgkey)) { orgkey = _httpContextProxy.GetQueryString(CommonConst.CommonValue.TENANT_KEY); } request.Headers.Add(CommonConst.CommonValue.TENANT_KEY, orgkey); } }
public JObject RegisterMobile() { try { var request = _httpContextProxy.GetRequestBody <MobileAuthRegisterRequest>(); request.device_address = _httpContextProxy.GetHeader("device_address"); request.app_version = _httpContextProxy.GetHeader("app_version"); request.x_auth_token = _httpContextProxy.GetHeader("x_auth_token"); var results = new Dictionary <string, string>(); if (request.IsValidModel(out results)) { // TO DO : Send mobile validation OTP MobileAuthRegisterResponse mobileAuthRegisterResponse = _ZNxtUserService.RegisterMobile(request); if (mobileAuthRegisterResponse.code == CommonConst._1_SUCCESS) { if (_userNotifierService.SendMobileAuthRegistrationOTPAsync(mobileAuthRegisterResponse).GetAwaiter().GetResult() || MOBILE_AUTH_IGNORE_OTP_VALIDATION) { return(_responseBuilder.Success(null, mobileAuthRegisterResponse.ToJObject())); } else { return(_responseBuilder.ServerError("Error sending SMS OTP")); } } else { return(_responseBuilder.CreateReponseWithError(mobileAuthRegisterResponse.code, mobileAuthRegisterResponse.errors)); } } else { _logger.Debug("Model validation fail"); JObject errors = new JObject(); foreach (var error in results) { errors[error.Key] = error.Value; } return(_responseBuilder.BadRequest(errors)); } } catch (Exception ex) { _logger.Error(ex.Message, ex); return(_responseBuilder.ServerError()); } }
public virtual bool AuthorizedRoute(HttpContext context, RoutingModel route, IAuthorizationService authorizationService) { var ssourl = CommonUtility.GetAppConfigValue(CommonConst.CommonValue.SSOURL_CONFIG_KEY); if (!route.auth_users.Where(f => f == CommonConst.CommonValue.ACCESS_ALL).Any() && !string.IsNullOrEmpty(ssourl)) { try { if (route.auth_users.IndexOf(CommonConst.CommonField.API_AUTH_TOKEN) != -1) { var api_access_key = _httpContextProxy.GetHeader(CommonConst.CommonField.API_AUTH_TOKEN); return(api_access_key == CommonUtility.GetApiAuthKey()); } var oauthclient = context.Request.Headers[CommonConst.CommonField.OAUTH_CLIENT_ID]; if (!string.IsNullOrEmpty(oauthclient)) { var oauthUser = ValidateOAuthRequest(oauthclient, context, route); return(oauthUser != null); } UserModel userModel = null; userModel = _httpContextProxy.User; if (userModel == null) // || (userModel != null && userModel.user_id == "auth2") { var accessToken = _httpContextProxy.GetAccessTokenAync().GetAwaiter().GetResult(); var cackeKey = $"{accessToken}"; userModel = _inMemoryCacheService.Get <UserModel>(cackeKey); if (userModel == null) { var endpoint = ApplicationConfig.AppEndpoint; if (endpoint == ApplicationConfig.SSOEndpoint) { endpoint = ApplicationConfig.ApiGatewayEndpoint; } var response = _apiGatewayService.CallAsync(CommonConst.ActionMethods.GET, "~/user/getuserinfo", "", null, new Dictionary <string, string>() { }, endpoint).GetAwaiter().GetResult(); if (response["user"] != null) { userModel = JsonConvert.DeserializeObject <UserModel>(response["user"].ToString()); _inMemoryCacheService.Put <UserModel>(cackeKey, userModel); } } if (userModel != null) { var identity = new ClaimsIdentity(); foreach (var claim in userModel.claims) { if (claim.Key == "roles") { var roles = new List <string>(); roles.AddRange(userModel.roles); identity.AddClaim(new System.Security.Claims.Claim("roles", Newtonsoft.Json.JsonConvert.SerializeObject(roles))); } else { identity.AddClaim(new System.Security.Claims.Claim(claim.Key, claim.Value)); } } context.User = new ClaimsPrincipal(identity); } } if (userModel != null) { if (userModel.tenants != null && userModel.tenants.Any()) { context.Response.Headers[CommonConst.CommonField.TENANT_ID] = userModel.tenants.First().tenant_id; } var u = _httpContextProxy.User; _logger.Debug($"Assign user id :{u.user_id} Claims:{string.Join(", ", u.claims.Select(f => $"{f.Key}:{f.Value}"))} OrgRoles: { string.Join(",", userModel.roles)}"); var hasaccess = false; hasaccess = userModel.roles.Where(f => route.auth_users.IndexOf(f) != -1).Any(); if (!hasaccess) { _logger.Debug($"Access :{hasaccess}:{route.ToString()}:{ string.Join(",", route.auth_users)}"); } return(hasaccess); } return(false); } catch (UnauthorizedAccessException) { return(false); } } else { return(true); } }
internal static bool IsAuthTokenExits(IHttpContextProxy httpProxy) { return(!string.IsNullOrEmpty(httpProxy.GetHeader(CommonConst.CommonField.AUTH_TOKEN))); }