示例#1
0
        public Response GetUserInformationBySession(string guid, out User user)
        {
            var response = new Response()
            {
                Message = "Not initializated.", Result = false
            };

            user = null;
            try
            {
                //Se valida que la sesion no esté vacía

                if (string.IsNullOrEmpty(guid))
                {
                    response.Message = string.Format("No se ha proporcionado una sesión valida.");
                    response.Result  = false;
                    user             = null;
                    return(response);
                }

                //Se busca la sesion activa en la bd.
                User     userFinded         = null;
                var      sessionLogic       = new SessionLogic(_configuration);
                Response userFindedResponse = sessionLogic.FindUserBySession(guid, out userFinded);
                sessionLogic.Dispose();

                if (!userFindedResponse.Result)
                {
                    response = userFindedResponse;

                    return(response);
                }
                else
                {
                    user             = userFinded;
                    response.Result  = true;
                    response.Message = "Se encontró la sesion";
                }
            }
            catch (Exception exception)
            {
                response.Message =
                    string.Format("Ocurrio un error al consultar información de usuario en esquema de seguridad. {0}", exception.Message);
                response.Result = false;
                user            = null;
            }
            return(response);
        }
示例#2
0
        public Response GetUserInformationAndOperations(User userAuthenticaded, string applicationName, string applicationPassword, out List <Operation> operationUserList)
        {
            var response = new Response {
                Message = "Not initilizated", Result = false
            };

            operationUserList = new List <Operation>();
            try
            {
                //Validate data
                if (userAuthenticaded == null)
                {
                    response.Message = "No se puede enviar el objeto user como nulo.";
                    return(response);
                }
                if (string.IsNullOrEmpty(applicationName))
                {
                    response.Message = "No se puede enviar el nombre de la aplicación como nulo.";
                    return(response);
                }
                if (string.IsNullOrEmpty(applicationPassword))
                {
                    response.Message = "No se puede enviar la contraseña de la aplicación como nulo.";
                    return(response);
                }


                //1.-GetApplication Id
                var applicationLogic  = new ApplicationLogic(_configuration);
                var applicationDbList = applicationLogic.GetApplicationList();
                applicationLogic.Dispose();
                var appFinded = applicationDbList.Find(app => app.ApplicationName == applicationName);
                if (appFinded == null)
                {
                    response.Message = string.Format("La aplicación  {0} especificada no está registrada en esquema de seguridad. {1}", applicationName, DateTime.Now.ToString());
                    return(response);
                }

                if (applicationPassword.Trim() != appFinded.ApplicationPassword.Trim())
                {
                    response.Message = string.Format("La contraseña de aplicación especificada no es válida. {0}", DateTime.Now.ToString());
                    return(response);
                }

                //var applicationPasswordResult = Cryptographer.CompareHash("SecurityAlgorithim", applicationPassword, appFinded.ApplicationPassword);
                //if(!applicationPasswordResult)
                //{
                //    response.Message = string.Format("La contraseña de aplicación especificada no es válida. {0}",DateTime.Now.ToString());
                //    return response;
                //}


                //Using appFinded and user, we search for operations
                var userlogic  = new UserLogic(_configuration);
                var userFinded = userlogic.FindUser(userAuthenticaded.UserId);
                userlogic.Dispose();
                if (userFinded == null)
                {
                    response.Message = string.Format("La cuenta {0} no existe en el esquema de seguridad. {1}", userAuthenticaded.UserId, DateTime.Now.ToString());
                    return(response);
                }
                var         roleLogic   = new RoleLogic(_configuration);
                List <Role> rolesFinded = roleLogic.GetRoleList(appFinded, userFinded);
                roleLogic.Dispose();
                if (rolesFinded.Count == 0)
                {
                    response.Message =
                        string.Format("No ha sido asignado ningún rol al usuario {0} en el esquema de seguridad. {1}", userAuthenticaded.UserId, DateTime.Now.ToString());
                    return(response);
                }



                //validate if User object has a valid sessionId
                var sessionLogic      = new SessionLogic(_configuration);
                var sessionValidation = sessionLogic.ValidateSession(userAuthenticaded, appFinded);
                sessionLogic.Dispose();
                if (!sessionValidation.Result)
                {
                    response.Message = string.Format("Sesión de usuario no válida.  {0}", sessionValidation.Message);
                    return(response);
                }

                var operationLogic = new OperationLogic(_configuration);
                operationUserList = operationLogic.GetOperationList(rolesFinded);
                operationLogic.Dispose();
                response.Result  = true;
                response.Message = string.Format("Se encontraron {0} operaciones para la el usuario {1} y aplicacion {2}. ", operationUserList.Count, userFinded.UserId, appFinded.ApplicationName, DateTime.Now.ToString());
            }
            catch (Exception err)
            {
                response.Message = string.Format("Ocurrio un error al autorizar. {0} {1} ", err.Message, DateTime.Now.ToString());
                return(response);
            }


            return(response);
        }
示例#3
0
        /// <summary>
        /// Returns a true or false response against Active Directory and Application Security Service
        /// </summary>
        /// <param name="domain">string</param>
        /// <param name="userId">string</param>
        /// <param name="password">string</param>
        /// <param name="userAuthenticated">User</param>
        /// <param name="applicationName">applicationName</param>
        /// <param name="activeDirectoryAuthenticationRequired">activeDirectoryAuthenticationRequired</param>
        /// <returns>Response</returns>
        public Response Authenticate(string domain, string userId, string password, string applicationName, out User userAuthenticated)
        {
            var response = new Response {
                Message = "Not initializated", Result = false
            };

            userAuthenticated = null;

            bool InActiveDirectory = false;

            //Security Service Validation
            try
            {
                var userLogic = new UserLogic(_configuration);
                userAuthenticated = userLogic.FindUser(userId);
                userLogic.Dispose();
                if (userAuthenticated == null)
                {
                    response.Message = "500 - La cuenta de usuario no existe en SeguridadApp.";
                    return(response);
                }
            }
            catch (Exception securityException)
            {
                response.Message = string.Format("900 - Ocurrió un error al consultar el la cuenta de usuario en SeguridadApp: {0} ", securityException.Message);
                return(response);
            }

            //ActiveDirectory Authentication
            User AdUserFinded;

            this.GetUserInformation(userAuthenticated.EmployeeNumber, out AdUserFinded);

            if (AdUserFinded != null)
            {
                var    pathLDap = _LDapConnectionString;
                string domainAndUsername;
                domainAndUsername = domain + @"\" + userAuthenticated.EmployeeNumber;

                var entry = new DirectoryEntry(pathLDap, domainAndUsername, password);
                try
                {
                    // Bind to the native AdsObject to force authentication.
                    var obj    = entry.NativeObject;
                    var search = new DirectorySearcher(entry);
                    search.Filter = "(SAMAccountName=" + userAuthenticated.EmployeeNumber + ")";
                    search.PropertiesToLoad.Add("cn");
                    search.PropertiesToLoad.Add("mail");
                    search.PropertiesToLoad.Add("givenname");
                    search.PropertiesToLoad.Add("sn");
                    search.PropertiesToLoad.Add("samaccountname");
                    SearchResult result = search.FindOne();
                    if (null != result)
                    {
                        InActiveDirectory = true;
                    }
                }
                catch (Exception ex)
                {
                    response.Message = string.Format
                                           ("600 - No fue posible autenticar la cuenta de usuario en el Directorio Activo - {0}.  Intente nuevamente. Error: {1}", DateTime.Now.ToString(),
                                           ex.Message);
                    return(response);
                }
            }

            if (!InActiveDirectory)
            {
                response.Message = string.Format("600 - No fue posible autenticar la cuenta de usuario en el Directorio Activo. {0}", DateTime.Now.ToString());
                return(response);
            }

            //Se valida la vigencia de fechas de la cuenta en SeguridadApp

            DateTime declineDate = new DateTime(Convert.ToInt32(userAuthenticated.DeclineDate.Substring(6, 4))
                                                , Convert.ToInt32(userAuthenticated.DeclineDate.Substring(3, 2))
                                                , Convert.ToInt32(userAuthenticated.DeclineDate.Substring(0, 2)));
            DateTime declineDateSIO = new DateTime(Convert.ToInt32(userAuthenticated.DeclineDateSIO.Substring(6, 4))
                                                   , Convert.ToInt32(userAuthenticated.DeclineDateSIO.Substring(3, 2))
                                                   , Convert.ToInt32(userAuthenticated.DeclineDateSIO.Substring(0, 2)));

            if (declineDate <= DateTime.Now || declineDateSIO <= DateTime.Now)
            {
                response.Message = "501 - La cuenta de usuario no es vigente en SeguridadApp.";
                return(response);
            }


            userAuthenticated.AuthenticationType = AuthenticationTypeEnum.SecurityServiceAndActiveDirectory;


            //Add session to the user
            //1.-GetApplication Id
            var applicationLogic  = new ApplicationLogic(_configuration);
            var applicationDbList = applicationLogic.GetApplicationList();

            applicationLogic.Dispose();
            var appFinded = applicationDbList.Find(app => app.ApplicationName == applicationName);

            if (appFinded == null)
            {
                response.Message = string.Format("700 - La aplicación {0} no existe en SeguridadApp. {1}", applicationName, DateTime.Now.ToString());
                return(response);
            }

            //2.-AddSession to user
            var      sessionLogic    = new SessionLogic(_configuration);
            Response sessionResponse = sessionLogic.AddSession(userAuthenticated, appFinded);

            sessionLogic.Dispose();
            if (!sessionResponse.Result)
            {
                response.Message = string.Format("502 - No fue posible asignar una sesión a la cuenta de usuario en SeguridadApp");
                return(response);
            }

            response.Result  = true;
            response.Message = @"000 - La cuenta de Usuario se autenticó correctamente en SeguridadApp y Directorio Activo.";
            return(response);
        }
示例#4
0
        /// <summary>
        /// Returns a true or false response against Security schema
        /// </summary>
        /// <param name="userAuthenticaded"></param>
        /// <param name="applicationName"></param>
        /// <param name="applicationPassword"></param>
        ///  <param name="operation"></param>
        /// <returns></returns>
        public Response Authorize(User userAuthenticaded, string applicationName, string applicationPassword, string operation)
        {
            var response = new Response {
                Message = "Not initilizated", Result = false
            };

            try
            {
                //Validate data
                if (userAuthenticaded == null)
                {
                    response.Message = "502- Dato obligatorio: Cuenta de usuario.";
                    return(response);
                }
                if (string.IsNullOrEmpty(applicationName))
                {
                    response.Message = "502- Dato obligatorio: Nombre de la aplicación.";
                    return(response);
                }
                if (string.IsNullOrEmpty(applicationPassword))
                {
                    response.Message = "502- Dato obligatorio: Contraseña de la aplicación.";
                    return(response);
                }
                if (string.IsNullOrEmpty(operation))
                {
                    response.Message = "502- Dato obligatorio: Nombre de la operación.";
                    return(response);
                }

                //1.-GetApplication Id
                var applicationLogic  = new ApplicationLogic(_configuration);
                var applicationDbList = applicationLogic.GetApplicationList();
                applicationLogic.Dispose();

                var appFinded = applicationDbList.Find(app => app.ApplicationName == applicationName);
                if (appFinded == null)
                {
                    response.Message = string.Format("700 - La aplicación {0} no existe en SeguridadApp. {1}", applicationName, DateTime.Now.ToString());
                    return(response);
                }
                if (Convert.ToDateTime(appFinded.DeclineDate) < DateTime.Now)
                {
                    response.Message =
                        string.Format(
                            "607 - La aplicacion no se encuentra vigente. Si considera que la aplicación debe estar vigente, repórtelo a la extensión 811-49111.");
                    return(response);
                }

                if (applicationPassword.Trim() != appFinded.ApplicationPassword.Trim())
                {
                    response.Message = string.Format("701 - La contraseña de aplicación es incorrecta. {0}", DateTime.Now.ToString());
                    return(response);
                }

                //var applicationPasswordResult = Cryptographer.CompareHash("SecurityAlgorithim", applicationPassword, appFinded.ApplicationPassword);
                //if(!applicationPasswordResult)
                //{
                //    response.Message = string.Format("La contraseña de aplicación especificada no es válida. {0}",DateTime.Now.ToString());
                //    return response;
                //}


                //Using appFinded and user, we search for operations
                var userLogic  = new UserLogic(_configuration);
                var userFinded = userLogic.FindUser(userAuthenticaded.UserId);
                userLogic.Dispose();

                if (userFinded == null)
                {
                    response.Message = string.Format("500 - La cuenta de usuario {0} no existe en SeguridadApp. {1}", userAuthenticaded.UserId, DateTime.Now.ToString());
                    return(response);
                }
                var         roleLogic   = new RoleLogic(_configuration);
                List <Role> rolesFinded = roleLogic.GetRoleList(appFinded, userFinded);
                roleLogic.Dispose();
                if (rolesFinded.Count == 0)
                {
                    response.Message =
                        string.Format("503 - La cuenta de usuario {0} no tiene roles asignados. {1}", userAuthenticaded.UserId, DateTime.Now.ToString());
                    return(response);
                }
                var operationLogic = new OperationLogic(_configuration);
                var operationsList = operationLogic.GetOperationList(rolesFinded);
                operationLogic.Dispose();
                if (operationsList.Count == 0)
                {
                    var sb = new StringBuilder();
                    sb.Append(string.Format("504 - La cuenta de usuario {0} no tiene operaciones/transacciones asignadas. {1}", userFinded.UserId, DateTime.Now.ToString()));
                    foreach (var role in rolesFinded)
                    {
                        sb.Append(string.Format("Operaciones buscadas para el rol id {0}, nombre rol {1}, d  ", role.RoleId, role.RoleName));
                    }
                    response.Message = sb.ToString();
                    return(response);
                }

                //Search for the Operation specified.
                var operationFinded = operationsList.Find(operationsearched => operationsearched.OperationName == operation);
                if (operationFinded == null)
                {
                    response.Message = string.Format("La operación {0} solicitada, no está registrada en el esquema de seguridad o no está asignada al rol del usuario. {1}", operation, DateTime.Now.ToString());
                    return(response);
                }

                //validate if User object has a valid sessionId
                var sessionLogic      = new SessionLogic(_configuration);
                var sessionValidation = sessionLogic.ValidateSession(userAuthenticaded, appFinded);
                sessionLogic.Dispose();
                if (!sessionValidation.Result)
                {
                    response.Message = string.Format("Sesión de usuario no válida.  {0}", sessionValidation.Message);
                    return(response);
                }



                response.Result  = true;
                response.Message = string.Format("Se validó correctamente la operacion {0} para la el usuario {1} y aplicacion {2}. {3}", operationFinded.OperationName, userFinded.UserId, appFinded.ApplicationName, DateTime.Now.ToString());
            }
            catch (Exception err)
            {
                response.Message = string.Format("Ocurrio un error al autorizar. {0} {1} ", err.Message, DateTime.Now.ToString());
                return(response);
            }


            return(response);
        }