public async Task <IActionResult> Upload(IFormFile upload, string documentaction)
{
Document document = await FileManager.StoreFile(upload);
if (document == null)
{
return(View("InvalidDocument"));
}
if (documentaction == "Sign")
{
var x509certificate = HttpContext.Connection.ClientCertificate;
if (x509certificate == null)
{
return(View("OperationNotAllowed"));
}
var certificate = await DBContext.Certificate.
SingleOrDefaultAsync(r => r.SerialNumber == x509certificate.SerialNumber);
if (certificate == null)
{
return(View("OperationNotAllowed"));
}
if (certificate.ExpireDate < DateTime.Now)
{
certificate.Revoked = true;
certificate.RevokeDate = DateTime.UtcNow.Date;
DBContext.Certificate.Update(certificate);
await DBContext.SaveChangesAsync();
}
if (certificate.ExpireDate < DateTime.Now || certificate.Revoked == true)
{
return(RedirectToAction("CertificateExpired", "Certificates"));
}
document.ReviewerUuid = certificate.ReviewerUuid;
document.Reviewer = certificate.Reviewer;
document.Signed = false;
DBContext.Add(document);
await DBContext.SaveChangesAsync();
return(View("DocumentSign", document));
}
else if (documentaction == "Verify")
{
DBContext.Add(document);
await DBContext.SaveChangesAsync();
return(RedirectToAction("VerifyDocument", new { uuid = document.Uuid }));
}
return(View("OperationNotAllowed"));
}
public async Task <IActionResult> Create([Bind("Uuid,Email,Name,Title,Role")] Reviewer reviewer)
{
if (ModelState.IsValid)
{
reviewer.Uuid = Guid.NewGuid().ToString();
_context.Add(reviewer);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(reviewer));
}
public async Task <IActionResult> RequestCert(string reviewerUuid)
{
if (string.IsNullOrEmpty(reviewerUuid))
{
return(NotFound());
}
var reviewer = await DBContext.Reviewer
.SingleOrDefaultAsync(m => m.Uuid == reviewerUuid);
if (reviewer == null)
{
return(NotFound());
}
var certificate = reviewer.Certificate;
if (reviewer.Certificate != null)
{
if (reviewer.Certificate.Revoked != true && reviewer.Certificate.ExpireDate > DateTime.Now)
{
return(RedirectToAction(nameof(CertificateExists)));
}
reviewer.Certificate.Revoked = true;
DBContext.Certificate.Update(reviewer.Certificate);
await DBContext.SaveChangesAsync();
reviewer.Certificate = null;
DBContext.Reviewer.Update(reviewer);
await DBContext.SaveChangesAsync();
}
var randomGenerator = new CryptoApiRandomGenerator();
var random = new SecureRandom(randomGenerator);
var request = new CertificateRequest {
Uuid = Guid.NewGuid().ToString(),
ReviewerUuid = reviewerUuid,
Reviewer = reviewer,
RequestDate = DateTime.Now,
SecurityCode = random.Next(10000000, 99999999).ToString()
};
await DBContext.CertificateRequest.AddAsync(request);
await DBContext.SaveChangesAsync();
var message = await RenderService.RenderToStringAsync("Email/CertificateRequest", request);
var response = await EmailManager.SendEmailHTML(
message,
EmailManager.Sender,
reviewer.Email,
"Certificate Request Confirmation",
null);
if (!response.Successful)
{
return(View("ErrorSendingRequest"));
}
return(View());
}