Notes
Notes - notes.io |
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Security.Cryptography;
using System.Security.Cryptography.Pkcs;
using System.Text;
namespace AuthService
{
public class AuthService : IAuthService
{
/// <summary>
/// Get user description
/// </summary>
/// <param name="login"></param>
/// <returns></returns>
public AuthResponseDescription GetUserDescription(string login)
{
#region Authentication
int id = SqlServerHelper.UserExists(login);
if (id == 0)
{
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.AuthenticationError, ErrorMessage = "Utilizador não existe!" },
Message = ""
};
}
#endregion
#region Return Requested Data
User user = SqlServerHelper.GetUser(id);
if (user == null)
{
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.DatabaseSelectError, ErrorMessage = "Não foi possível obter a informação do utilizador!" },
Message = ""
};
}
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.OK, ErrorMessage = "" },
Message = user.Description
};
#endregion
}
/// <summary>
/// Set User Description
/// </summary>
/// <param name="login"></param>
/// <param name="password"></param>
/// <param name="description"></param>
/// <returns></returns>
public AuthResponseDescription SetUserDescription(string login, string password, string description)
{
#region Authentication
User user;
AuthStatusInfo statusInfo = AuthenticateUser(login, password, out user);
if (statusInfo.Code != AuthStatusCode.OK)
{
return new AuthResponseDescription()
{
Status = statusInfo,
Message = ""
};
}
#endregion
#region Authorization
if (user.Role == Roles.Guests)
{
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.AuthorizationError, ErrorMessage = "Utilizador não autorizado!" },
Message = ""
};
}
#endregion
#region Return Requested Data
int status = SqlServerHelper.UpdateUserDescription(user.Id, description);
if (status == 0)
{
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.DatabaseUpdateError, ErrorMessage = "Não foi possível atualizar a informação!" },
Message = ""
};
}
return new AuthResponseDescription()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.OK, ErrorMessage = "" },
Message = "OK: " + description
};
#endregion
}
/// <summary>
/// Get the users of the database
/// </summary>
/// <param name="login"></param>
/// <param name="password"></param>
/// <returns></returns>
public AuthResponseUsers GetUsers(string login, string password)
{
#region Authentication
User user;
AuthStatusInfo statusInfo = AuthenticateUser(login, password, out user);
if (statusInfo.Code != AuthStatusCode.OK)
{
return new AuthResponseUsers()
{
Status = statusInfo,
Users = null
};
}
#endregion
#region Authorization
if (user.Role != Roles.Admins)
{
return new AuthResponseUsers()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.AuthorizationError, ErrorMessage = "Utilizador não autorizado!" },
Users = null
};
}
#endregion
#region Return Requested Data
User[] users = SqlServerHelper.GetUsers().ToArray();
return new AuthResponseUsers()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.OK, ErrorMessage = "" },
Users = users
};
#endregion
}
/// <summary>
/// Authenticate the user with a Login and Password
/// </summary>
/// <param name="login"></param>
/// <param name="password"></param>
/// <param name="user">info about the user, if login and password is valid (null otherwise)</param>
/// <returns>status of the authentication process</returns>
private AuthStatusInfo AuthenticateUser(string login, string password, out User user)
{
// verify an get user info
int id = SqlServerHelper.UserExists(login);
if (id == 0)
{
user = null;
return new AuthStatusInfo()
{
Code = AuthStatusCode.AuthenticationError,
ErrorMessage = "Utilizador não existe!" // nota: apenas para debug :: evitar dar demasiada informação ao utilizador
};
}
// verify password (with salt)
user = SqlServerHelper.GetUser(id);
string passwordSalt = PasswordSystem.PasswordAndSaltToHashInBase64Format(password, user.Salt);
if (user.Password != passwordSalt)
{
return new AuthStatusInfo()
{
Code = AuthStatusCode.AuthenticationError,
ErrorMessage = "Utilizador/password não existe!" // nota: apenas apra debug :: evitar dar demasiada informação ao utilizador
};
}
// user/password OK
return new AuthStatusInfo()
{
Code = AuthStatusCode.OK,
ErrorMessage = ""
};
}
/// <summary>
/// TODO
/// </summary>
/// <param name="base64pkcs7Signature"></param>
/// <param name="user"></param>
/// <returns></returns>
private AuthStatusInfo AuthenticateUser(string thumbprint, out User user)
{
// verify an get user info
int id = SqlServerHelper.UserExistsByThumbprint(thumbprint);
if (id == 0)
{
user = null;
return new AuthStatusInfo()
{
Code = AuthStatusCode.AuthenticationError,
ErrorMessage = "Utilizador não existe!" // nota: apenas para debug :: evitar dar demasiada informação ao utilizador
};
}
// preenche o user (que devolve com OUT) com o id através do thumbprint
user = SqlServerHelper.GetUser(id);
// user/password OK
return new AuthStatusInfo()
{
Code = AuthStatusCode.OK,
ErrorMessage = ""
};
}
/// <summary>
/// TODO
/// </summary>
/// <param name="pkcs7Signature"></param>
/// <returns></returns>
public AuthResponseUsers GetUsersByCertificate(byte[] pkcs7Signature)
{
//verificar se a assinatura é valida
SignedCms signedCms = new SignedCms();
signedCms.Decode(pkcs7Signature);
try
{
signedCms.CheckSignature(false); // false = autenticacao + integreidade ; true = apenas integridade
}
catch (Exception ex)
{
return new AuthResponseUsers()
{
Status = new AuthStatusInfo()
{
Code = AuthStatusCode.CryptographicError,
ErrorMessage = ex.Message
},
Users = null
};
}
//obter o campo Thumbprit (no certificado pessoal da mensagem)
string thumbprint = signedCms.Certificates[0].Thumbprint;
//select à BD pelo thumbprint
#region Authentication
User user;
AuthStatusInfo statusInfo = AuthenticateUser(thumbprint, out user);
if (statusInfo.Code != AuthStatusCode.OK)
{
return new AuthResponseUsers()
{
Status = statusInfo,
Users = null
};
}
#endregion
#region Authorization
if (user.Role != Roles.Admins)
{
return new AuthResponseUsers()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.AuthorizationError, ErrorMessage = "Utilizador não autorizado!" },
Users = null
};
}
#endregion
#region Return Requested Data
User[] users = SqlServerHelper.GetUsers().ToArray();
return new AuthResponseUsers()
{
Status = new AuthStatusInfo() { Code = AuthStatusCode.OK, ErrorMessage = "" },
Users = users
};
#endregion
}
/// <summary>
/// TODO
/// </summary>
/// <param name="login"></param>
/// <param name="password"></param>
/// <param name="base64pkcs7Signature"></param>
/// <returns></returns>
public AuthResponseDatabaseUpdate SetUserCertificate(string login, string password, string base64pkcs7Signature)
{
throw new NotImplementedException();
}
}
}
|
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
