private string DecryptAuthData(string encData)
{
string decData = "";
paramFile PF = new paramFile(ParamsPath);
ManagedAesSample MAS = new ManagedAesSample();
try
{
decData = MAS.DecryptData(encData, PF.getKey(DBConstants.Token));
}
catch (Exception ex)
{
var st = new StackTrace();
var sf = st.GetFrame(0);
string currentMethodName = sf.GetMethod().Name;
Exception customex = new Exception(currentMethodName + " | " + this.GetType().Name + " | " + ex.Message + " : " + ex.StackTrace);
throw customex;
}
return(decData);
}
public string getEncryptData(string decString, string decType)
{
ManagedAesSample MAS = new ManagedAesSample();
paramFile PF = new paramFile(ParamsPath);
string encData = "";
try
{
encData = MAS.EncryptData(decString, PF.getKey(decType));
}
catch (Exception ex)
{
var st = new StackTrace();
var sf = st.GetFrame(0);
string currentMethodName = sf.GetMethod().Name;
Exception customex = new Exception(currentMethodName + " | " + this.GetType().Name + " | " + ex.Message + " : " + ex.StackTrace);
throw customex;
}
return(encData);
}
public string getSignature(string userCredentials)
{
string encCredentials = "";
try
{
paramFile PF = new paramFile(ParamsPath);
string key = PF.getKey(DBConstants.Token);
ManagedAesSample aes = new ManagedAesSample();
encCredentials = aes.EncryptData(userCredentials, key);
}
catch (Exception ex)
{
var st = new StackTrace();
var sf = st.GetFrame(0);
string currentMethodName = sf.GetMethod().Name;
Exception customex = new Exception(currentMethodName + " | " + this.GetType().Name + " | " + ex.Message + " : " + ex.StackTrace);
throw customex;
}
return(encCredentials);
}
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
BaseResponse resObj = new BaseResponse();
resObj.code = "401";
resObj.message = "Un-Authorized";
resObj.tui = "";
resObj.signature = "";
try
{
if (actionContext.Request.Headers.Authorization != null)
{
string path = @System.Configuration.ConfigurationManager.AppSettings["params"];
paramFile PF = new paramFile(path);
string authString = actionContext.Request.Headers.Authorization.Parameter;
ManagedAesSample MAS = new ManagedAesSample();
string dec = MAS.DecryptData(authString, PF.getKey(DBConstants.Token));
if (dec.Split('|').Length >= 3)
{
if ((DateTime.Now - DateTime.Parse(dec.Split('|')[2].ToString())).TotalMinutes <= 20)
{
string dbCon = PF.getDatabaseConnectionString(DBConstants.MainDB);
DataOperation DO = new DataOperation(dbCon);
sp_AuthCheck authCheck = new sp_AuthCheck();
authCheck.uName = dec.Split('|')[0];
authCheck.pwd = dec.Split('|')[1];
authCheck.action = "select";
DO.BeginTRansaction();
DataSet ds = DO.iteratePropertyObjectsSP(authCheck, "sp_AuthCheck");
if (ds == null || ds.Tables == null || ds.Tables.Count == 0 || ds.Tables[0].Rows.Count == 0)
{
actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized, resObj);
}
else
{
string enc = MAS.EncryptData(authCheck.uName + "|" + authCheck.pwd + "|" + DateTime.Now.ToString() + "|" + ds.Tables[0].Rows[0]["UserId"].ToString(), PF.getKey(DBConstants.Token));
AuthenticationHeaderValue headerValues = new AuthenticationHeaderValue(actionContext.Request.Headers.Authorization.Scheme, enc);
actionContext.Request.Headers.Authorization = headerValues;
}
DO.EndTRansaction();
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized, resObj);
}
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized, resObj);
}
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized, resObj);
}
}
catch (Exception)
{
actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized, resObj);
}
// actionContext.Response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized);
}
