/// <summary> /// delete security key pair /// </summary> /// <param name="keyDescription"></param> public void DeleteSecurityKeyPair(string keyDescription, string systemGeneratedApiKey) { //get security key pair for user name var getSecurityKeyPair = _securityKeysRepository.GetByApiKey(systemGeneratedApiKey); if (getSecurityKeyPair == null) { throw new ArgumentException("Invalid api key"); } var keyPair = _securityKeysRepository.GetByKeyDescriptionAndUserId(keyDescription, getSecurityKeyPair.UserId); if (keyPair == null) { throw new InvalidOperationException("Could not find the security key pair."); } _securityKeysRepository.DeleteSecurityKeysPair(keyPair); }
/// <summary> /// Validates the credentials related to the API Key /// </summary> /// <returns></returns> private bool ApiKeyValidation(AuthenticateCommand authenticateCommand) { SecurityKeysPair securityKeysPair = _securityKeysRepository.GetByApiKey(authenticateCommand.Apikey); if (securityKeysPair != null) { User user = _userRepository.GetUserById(securityKeysPair.UserId); if (user != null) { // If the keys are system generated, then we only need to check the session timeout for the user if (securityKeysPair.SystemGenerated) { // Calculate for how much time is allowed in the session timeout for SystemGenerated key, saved in user //int activeWindow = securityKeysPair.CreationDateTime.AddMinutes(user.AutoLogout.Minutes).Minute; if (securityKeysPair.LastModified.AddMinutes(user.AutoLogout.Minutes) > DateTime.Now) { //update activity time securityKeysPair.LastModified = DateTime.Now; _persistenceRepository.SaveUpdate(securityKeysPair); return(true); } else { _securityKeysRepository.DeleteSecurityKeysPair(securityKeysPair); throw new InvalidOperationException("Session timeout for the API Key."); } } // Else we need to check the expiration date of the keys, and whetehr the user has permissions for // commencing with the desired operation else { if (securityKeysPair.EnableExpirationDate) { if (securityKeysPair.ExpirationDate > DateTime.Now) { return(CheckPermissions(authenticateCommand, securityKeysPair)); } throw new InvalidOperationException("Key Expired"); } else { return(CheckPermissions(authenticateCommand, securityKeysPair)); } } } else { throw new InvalidOperationException(string.Format("{0} {1}", "No user found against userId: ", securityKeysPair.UserId)); } } else { throw new InvalidOperationException(string.Format("{0} {1}", "No SecurityKeysPair found against the given API Key.")); } return(false); }
/// <summary> /// Logs the user out /// </summary> /// <returns></returns> public bool Logout(LogoutCommand logoutCommand) { if (logoutCommand.ApiKey != null && !string.IsNullOrEmpty(logoutCommand.ApiKey.Value)) { SecurityKeysPair securityKeysPair = _securityKeysRepository.GetByApiKey(logoutCommand.ApiKey.Value); if (securityKeysPair != null) { return(_securityKeysRepository.DeleteSecurityKeysPair(securityKeysPair)); } else { throw new InstanceNotFoundException("No SecurityKeysPair found for the given API key."); } } else { throw new InvalidCredentialException("Invalid or Incomplete Logout Credentials"); } }