public async Task <IActionResult> RegisterCertificateCallback([FromBody] SmartCardAuthorizationResponse smartCardAuthorizationResponse)
{
var sub = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "sub")?.Value;
if (string.IsNullOrEmpty(sub))
{
return(Json(new { success = false }));
}
var user = await _users.FindByIdAsync(sub);
if (smartCardAuthorizationResponse == null || string.IsNullOrEmpty(smartCardAuthorizationResponse.Certificate) || string.IsNullOrEmpty(smartCardAuthorizationResponse.Token))
{
return(Json(new { success = false }));
}
var certificate = CertificateUtilities.GetAndValidateCertificate(smartCardAuthorizationResponse.Certificate);
if (certificate == null)
{
return(Json(new { success = false }));
}
if (_authContext.UserCertificates.FirstOrDefault(x => x.Thumbprint == certificate.Thumbprint) != null)
{
return(Json(new { success = false }));
}
var payload = HttpContext.Session.GetString("certificateRegister.challenge");
var verifyResult = JwtUtils.ValidateJWT(
certificate,
smartCardAuthorizationResponse.Token,
smartCardAuthorizationResponse.Algorithm,
payload);
if (verifyResult)
{
var dbuser = _authContext.Users.First(u => u.Id == user.Id);
var userCert = new UserCertificate()
{
Certificate = Convert.ToBase64String(certificate.RawData),
Thumbprint = certificate.Thumbprint,
User = dbuser,
RegistrationDate = DateTime.Now,
Subject = certificate.Subject
};
_authContext.UserCertificates.Add(userCert);
_authContext.SaveChanges();
return(Json(new { success = true }));
}
return(Json(new { success = false }));
}
public async Task <IActionResult> SmartCardDigitalSignatureCallback([FromBody] SmartCardAuthorizationResponse smartCardAuthorizationResponse)
{
var sub = HttpContext.User.Claims.FirstOrDefault(x => x.Type == "sub")?.Value;
if (string.IsNullOrEmpty(sub))
{
return(Json(new { success = false }));
}
var user = await _users.FindByIdAsync(sub);
if (user == null)
{
return(Json(new { success = false }));
}
if (smartCardAuthorizationResponse == null || string.IsNullOrEmpty(smartCardAuthorizationResponse.Certificate) || string.IsNullOrEmpty(smartCardAuthorizationResponse.Token))
{
return(Json(new { success = false }));
}
var certificate = CertificateUtilities.GetAndValidateCertificate(smartCardAuthorizationResponse.Certificate, _authContext);
if (certificate == null)
{
return(Json(new { success = false }));
}
//Get session data
var paymentId = HttpContext.Session.GetString("smartCard.paymentId");
var payload = HttpContext.Session.GetString("smartCard.payload");
var verifyResult = JwtUtils.ValidateJWT(
certificate,
smartCardAuthorizationResponse.Token,
smartCardAuthorizationResponse.Algorithm,
payload);
//Verify that decoded payload is the same as sent payload
if (verifyResult)
{
try
{
//Store authorization
var payment = _authContext.Payments.First(x => x.Id == paymentId);
var paymentAuthorization = new PaymentAuthorization()
{
AuthenticatorData = smartCardAuthorizationResponse.Certificate,
AuthorizationDateTime = DateTime.Now,
Payment = payment,
Signature = smartCardAuthorizationResponse.Token,
Type = (int)DeviceType.SMART_CARD
};
payment.Status = "authorized";
_authContext.PaymentAuthorizations.Add(paymentAuthorization);
_authContext.SaveChanges();
return(Json(new { success = true }));
}
catch (Exception e)
{
return(Json(new { success = false }));
}
}
else
{
return(Json(new { success = false }));
}
}
