You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
using Business.BusinessLogic.Auth;using Business.TokenManagement;using Common.Models.RequestResponse;using Common.Utility;using log4net;using System;using System.Collections.Generic;using System.Configuration;using System.Linq;using System.Net;using System.Net.Http;using System.Threading;using System.Threading.Tasks;using System.Web.Http;using System.Web.Http.Filters;
namespace ThirdPartyAPIs.CustomFilter{ public class ApplicationAuthenticationFilter : IFilter, IAuthenticationFilter { public bool AllowMultiple => true;
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { var shouldSkipAuthorization = context.ActionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any() || context.ActionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any(); if (!shouldSkipAuthorization) { HttpResponseMessage _responseMessage = new AuthenticationHelper().CheckApiAuthenticationValidation(context); if (_responseMessage != null) { context.ErrorResult = new FailureResult(_responseMessage); } } return Task.FromResult(0); }
public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken) { return Task.FromResult(0); } }
public class FailureResult : IHttpActionResult { public HttpResponseMessage _errorMessage { get; private set; }
public FailureResult(HttpResponseMessage errorMessage) { _errorMessage = errorMessage; }
public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken) { return Task.FromResult(_errorMessage); } }
public class AuthenticationHelper { private readonly ILog log = LogManager.GetLogger(typeof(ApplicationAuthenticationFilter)); private readonly ITokenManagementServices _tokenManagementServices; private TPResponse _apiResponse = new TPResponse(); private HttpResponseMessage _responseMessage;
public AuthenticationHelper() { _tokenManagementServices = new TokenManagementServices(new AuthServices()); }
public HttpResponseMessage CheckApiAuthenticationValidation(HttpAuthenticationContext context) { try { List<string> validApiRequistContentType = new List<string>() { "application/json", "application/json; charset=utf-8", "application/xml", "application/pdf", "application/soap+xml" }; var user = context.Principal.Identity.IsAuthenticated ? context.Principal.Identity.Name : "No Name"; LogicalThreadContext.Properties["client_ip_address"] = new GetClientIpAddress().GetIpAddress(context.Request); LogicalThreadContext.Properties["user_name"] = user; // Check ContainType Valid or Not
var contentTypeName = (context.Request.Content.Headers.Contains("Content-Type") ? context.Request.Content.Headers.GetValues("Content-Type").FirstOrDefault() : ""); if (!validApiRequistContentType.Contains(contentTypeName)) { //_apiResponse.ErrorType = "unsupportedMediaType";
_apiResponse.Msg = "Media Type expected: 'application/json'."; _apiResponse.ResponseCode = "1"; log.Error(_apiResponse.Msg); return _responseMessage = context.Request.CreateResponse(HttpStatusCode.BadRequest, _apiResponse); } string msg = ""; if (!CheckApiAccessKey(context.Request, ref msg)) { //_apiResponse.ErrorType = "Access Key";
_apiResponse.Msg = msg.ToString(); _apiResponse.ResponseCode = "1"; log.Error(_apiResponse.Msg); return _responseMessage = context.Request.CreateResponse(HttpStatusCode.NotAcceptable, _apiResponse); } //else if (!CheckTokenValidation(context.Request, ref msg))
//{
// //_apiResponse.ErrorType = "Token No";
// _apiResponse.Msg = msg.ToString();
// _apiResponse.ErrorCode = "1";
// log.Error(_apiResponse.Msg);
// return _responseMessage = context.Request.CreateResponse(HttpStatusCode.Unauthorized, _apiResponse);
//}
} catch (Exception ex) { _apiResponse.ResponseCode = "1"; _apiResponse.Msg = "Api Access Key Not Match"; LogicalThreadContext.Properties["exception"] = ex; log.Error(_apiResponse.Msg); _responseMessage = context.Request.CreateResponse(HttpStatusCode.InternalServerError, _apiResponse); context.ErrorResult = new FailureResult(_responseMessage); } return _responseMessage; }
public bool CheckApiAccessKey(HttpRequestMessage request, ref string msg) { //IEnumerable<string> authHeaders;
IEnumerable<string> apiAccessKeys; if (!request.Headers.Contains("apiAccessKey") || !request.Headers.TryGetValues("apiAccessKey", out apiAccessKeys) || apiAccessKeys.Count() > 1) { msg = "Api Access Key Is Required On Headers"; return false; } var apiAccessKey = apiAccessKeys.ElementAt(0); if (apiAccessKey != ConfigurationManager.AppSettings["apiAccessKey"].ToString()) { msg = "Api Access Key Not Match"; return false; } return true; }
public bool LoginOnSystem(HttpRequestMessage request, ref string msg) { //bool isVl
if (!request.Headers.Contains("tokenNo") && !request.Headers.Contains("username") && !request.Headers.Contains("password")) { msg = "Please Include Header With Your Valid Login Credential"; return false; } else if (request.Headers.GetValues("tokenNo").FirstOrDefault() != "1234567890") { msg = "Token No Not Match"; return false; } return true; }
public bool CheckTokenValidation(HttpRequestMessage request, ref string msg) { if (!request.Headers.Contains("tokenNo")) { msg = "Token No Is Required On Headers"; return false; } string tokenNo = request.Headers.GetValues("tokenNo").FirstOrDefault(); return _tokenManagementServices.CheckTokenNo(tokenNo, ref msg); } }}
|
