public ActionResult CheckBase5UserId(string code = "")
{
if (code.Length != 5)
{
return(RedirectToAction("Index", "home"));
}
string UserGID = User.Identity.GetUserId();
string strUserID = UserGID.Replace("-", "").ToUpper();
string Base3 = code.Substring(0, 3).ToUpper();
string ipAddress = string.Empty;
if (!String.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"]))
{
ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"];
}
else
{
ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
try
{
using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
{
//0"PTTID"
Verification VID = DBObj.Verification.Where(x => (x.PTTID == User.Identity.Name) && (x.VerifyType == 0)).FirstOrDefault();
if ((VID == null) || (VID.Base5.IndexOf(Base3) != 0))
{
return(RedirectToAction("Index", "home"));
}
VID.IsConfirmed = true;
VID.AvailableDate = DateTime.Now.AddYears(1);
VID.ModifyDate = DateTime.Now;
VID.ModifyDateIP = ipAddress;
DBObj.Entry(VID).State = EntityState.Modified;
var ID = DBObj.AspNetUsers.Where(x => x.UserName == User.Identity.Name).FirstOrDefault();
ID.VerifyType0 = true;
DBObj.Entry(ID).State = EntityState.Modified;
DBObj.SaveChanges();
}
}
catch (Exception ex)
{
string meg = $"/Account/CheckBase5UserId";
logger.Debug(meg);
logger.Debug($"[Exception]{ex.Message}.{ex.InnerException.Message}");
logger.Debug(ex.StackTrace);
}
return(RedirectToAction("Index", "home"));
}
/// <summary>
/// Send Base5 UserId for verify check PTTID.
/// </summary>
/// <param name="PTTID"></param>
/// <param name="UserGID"></param>
/// <param name="ipAddress"></param>
/// <param name="CreateDate"></param>
/// <param name="ModifyDate"></param>
private async void SendBase5UserId(string PTTID, string UserGID, string ipAddress)
{
string PTTMail = string.Format("{0}[email protected]", PTTID);
string strUserID = UserGID.Replace("-", "").ToUpper();
int iUserIDlen = strUserID.Length - 3;
Random random = new Random();
int iIndex = random.Next(0, iUserIDlen);
string Base5 = string.Format("{0}{1}", strUserID.Substring(iIndex, 3), iIndex.ToString("00"));
IdentityMessage IM = new IdentityMessage();
IM.Subject = "TWID.app PTTID Verification code";
IM.Body = Base5;
IM.Destination = PTTMail;
try
{
EmailService ES = new EmailService();
await ES.SendAsyncBodyANSI(IM);
using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
{
bool isNewPTTID = false;
//0"PTTID"
Verification VID = DBObj.Verification.Where(x => (x.PTTID == PTTID) && (x.VerifyType == 0)).FirstOrDefault();
if (VID == null)
{
VID = new Verification();
VID.PTTID = PTTID;
VID.CreateDate = DateTime.Now;
VID.CreateDateIP = ipAddress;
VID.VerifyType = 0;
isNewPTTID = true;
}
VID.Base5 = Base5;
if (isNewPTTID)
{
DBObj.Verification.Add(VID);
}
else
{
DBObj.Entry(VID).State = EntityState.Modified;
}
DBObj.SaveChanges();
}
}
catch (Exception ex)
{
string meg = $"/Account/SendBase5UserId";
logger.Debug(meg);
logger.Debug($"[Exception]{ex.Message}.{ex.InnerException.Message}");
logger.Debug(ex.StackTrace);
}
}
public ActionResult PKCS7Verify(string b64SignedData = "", string digitalSignature = "")
{
if (string.IsNullOrEmpty(b64SignedData) || string.IsNullOrEmpty(digitalSignature))
{
return(RedirectToAction("Index", "home"));
}
string UserGID = User.Identity.GetUserId();
string strUserID = UserGID.Replace("-", "").ToUpper();
string Nonce = string.Empty;
string ipAddress = string.Empty;
if (!String.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"]))
{
ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_CLIENT_IP"];
}
else
{
ipAddress = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
try
{
using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
{
//1"MOICA" VID.VerifyType = 1;
Verification VID = DBObj.Verification.Where(x => (x.PTTID == User.Identity.Name) && (x.VerifyType == 1)).FirstOrDefault();
if ((VID == null))
{
return(RedirectToAction("Index", "home"));
}
Nonce = $"Nonce:{VID.Base5}";
string url = "https://gpkiapi.nat.gov.tw/PKCS7Verify/VerifyPKCS7.jsp";
MyWebClient client = new MyWebClient();
client.Encoding = Encoding.UTF8; // 設定Webclient.Encoding
string html = "未知";
// 指定 WebClient 編碼
client.Encoding = Encoding.UTF8;
// 指定 WebClient 的 Content-Type header
client.Headers.Add(HttpRequestHeader.ContentType, "application/x-www-form-urlencoded");
//要傳送的資料內容(依字串表示)
NameValueCollection nc = new NameValueCollection();
nc["b64SignedData"] = b64SignedData;
// 執行 post 動作
var result = client.UploadValues(url, nc);
html = Encoding.GetEncoding("UTF-8").GetString(result);
if (html.IndexOf(Nonce) == -1)
{
return(RedirectToAction("Index", "home"));
}
VID.IsConfirmed = true;
VID.AvailableDate = DateTime.Now.AddYears(1);
VID.ModifyDate = DateTime.Now;
VID.ModifyDateIP = ipAddress;
DBObj.Entry(VID).State = EntityState.Modified;
var ID = DBObj.AspNetUsers.Where(x => x.UserName == User.Identity.Name).FirstOrDefault();
ID.VerifyType1 = true;
DBObj.Entry(ID).State = EntityState.Modified;
string Subject = string.Empty;
string SerialNumber = string.Empty;
int iCN = 0;
int iC = 0;
int iCNtoC = 0;
foreach (var s in html.Split('\n'))
{
if (s.IndexOf("Subject:") > -1)
{
iCN = s.IndexOf("CN=") + 3;
iC = s.IndexOf("C=");
iCNtoC = iC - iCN;
if (iCNtoC > 0)
{
Subject = s.Substring(iCN, iCNtoC).TrimEnd().TrimEnd(',');
}
}
if (s.IndexOf("Card Number:") > -1)
{
string[] CN = s.Split(':');
if (CN.Length > 1)
{
SerialNumber = CN[1].Replace("<br/>", "");
}
}
}
MOICASN mSN = DBObj.MOICASN.Where(x => x.SN == SerialNumber).FirstOrDefault();
if ((mSN != null) || string.IsNullOrEmpty(SerialNumber))
{
return(RedirectToAction("Index", "home"));
}
mSN = new MOICASN();
mSN.no = Guid.NewGuid();
mSN.SN = SerialNumber;
DBObj.MOICASN.Add(mSN);
string HMACSHA256 = SHA256Hash($"{Subject}|{digitalSignature}");
MOICASHA256 mSHA = DBObj.MOICASHA256.Where(x => x.HMACSHA256 == HMACSHA256).FirstOrDefault();
if ((mSHA != null))
{
return(RedirectToAction("Index", "home"));
}
mSHA = new MOICASHA256();
mSHA.no = Guid.NewGuid();
mSHA.HMACSHA256 = HMACSHA256;
DBObj.MOICASHA256.Add(mSHA);
DBObj.SaveChanges();
}
}
catch (Exception ex)
{
throw ex;
}
return(RedirectToAction("Index", "home"));
}
/// <summary>
/// Send Nonce for verify check MOICA.
/// </summary>
/// <param name="PTTID"></param>
/// <param name="UserGID"></param>
/// <param name="ipAddress"></param>
/// <param name="CreateDate"></param>
/// <param name="ModifyDate"></param>
private async void SendNonce(string PTTID, string UserGID, string ipAddress, DateTime?CreateDate, DateTime?ModifyDate)
{
string PTTMail = string.Format("{0}[email protected]", PTTID);
string strUserID = UserGID.Replace("-", "").ToUpper();
int iUserIDlen = strUserID.Length - 3;
Random random = new Random();
int iIndex = random.Next(0, iUserIDlen);
string Base5 = string.Format("{0}{1}", strUserID.Substring(iIndex, 3), iIndex.ToString("00"));
IdentityMessage IM = new IdentityMessage();
IM.Subject = "TWID.app MOICA Verification code";
IM.Body = Base5;
IM.Destination = PTTMail;
try
{
EmailService ES = new EmailService();
await ES.SendAsyncBodyANSI(IM);
using (TWIDAPPEntities DBObj = new TWIDAPPEntities())
{
bool isNewPTTID = false;
Verification VID = DBObj.Verification.Where(x => (x.PTTID == PTTID) && (x.VerifyType == 1)).FirstOrDefault();
if (VID == null)
{
VID = new Verification();
VID.PTTID = PTTID;
VID.VerifyType = 1; //1"MOICA"
isNewPTTID = true;
VID.CreateDate = DateTime.Now;
VID.CreateDateIP = ipAddress;
VID.AvailableDate = DateTime.Now.AddYears(1);
}
if (ModifyDate.HasValue)
{
VID.ModifyDate = ModifyDate.Value;
}
VID.Base5 = Base5;
if (isNewPTTID)
{
DBObj.Verification.Add(VID);
}
else
{
DBObj.Entry(VID).State = EntityState.Modified;
}
DBObj.SaveChanges();
}
}
catch (Exception ex)
{
throw ex;
}
}