IME-LONDON
/
ThirdPartyAPI
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
8 Branches
0 Tags
1.2 MiB
 
 
Tree: 91f52c5b79
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '91f52c5b79'
${ noResults }
ThirdPartyAPI/ThirdPartyAPIs/CustomFilter/ApplicationAuthenticationFi...

170 lines
7.1 KiB
Raw Blame History

using Business.BusinessLogic.Auth;
using Business.TokenManagement;
using Common.Models.RequestResponse;
using Common.Utility;
using log4net;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using System.Web.Http;
using System.Web.Http.Filters;
namespace ThirdPartyAPIs.CustomFilter
{
public class ApplicationAuthenticationFilter : IFilter, IAuthenticationFilter
{
public bool AllowMultiple => true;
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
var shouldSkipAuthorization = context.ActionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any() ||
context.ActionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any();
if (!shouldSkipAuthorization)
{
HttpResponseMessage _responseMessage = new AuthenticationHelper().CheckApiAuthenticationValidation(context);
if (_responseMessage != null)
{
context.ErrorResult = new FailureResult(_responseMessage);
}
}
return Task.FromResult(0);
}
public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
{
return Task.FromResult(0);
}
}
public class FailureResult : IHttpActionResult
{
public HttpResponseMessage _errorMessage { get; private set; }
public FailureResult(HttpResponseMessage errorMessage)
{
_errorMessage = errorMessage;
}
public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)
{
return Task.FromResult(_errorMessage);
}
}
public class AuthenticationHelper
{
private readonly ILog log = LogManager.GetLogger(typeof(ApplicationAuthenticationFilter));
private readonly ITokenManagementServices _tokenManagementServices;
private TPResponse _apiResponse = new TPResponse();
private HttpResponseMessage _responseMessage;
public AuthenticationHelper()
{
_tokenManagementServices = new TokenManagementServices(new AuthServices());
}
public HttpResponseMessage CheckApiAuthenticationValidation(HttpAuthenticationContext context)
{
try
{
List<string> validApiRequistContentType = new List<string>() {
"application/json",
"application/json; charset=utf-8",
"application/xml",
"application/pdf",
"application/soap+xml"
};
var user = context.Principal.Identity.IsAuthenticated ? context.Principal.Identity.Name : "No Name";
LogicalThreadContext.Properties["client_ip_address"] = new GetClientIpAddress().GetIpAddress(context.Request);
LogicalThreadContext.Properties["user_name"] = user;
// Check ContainType Valid or Not
var contentTypeName = (context.Request.Content.Headers.Contains("Content-Type") ? context.Request.Content.Headers.GetValues("Content-Type").FirstOrDefault() : "");
if (!validApiRequistContentType.Contains(contentTypeName))
{
//_apiResponse.ErrorType = "unsupportedMediaType";
_apiResponse.Msg = "Media Type expected: 'application/json'.";
_apiResponse.ResponseCode = "1";
log.Error(_apiResponse.Msg);
return _responseMessage = context.Request.CreateResponse(HttpStatusCode.BadRequest, _apiResponse);
}
string msg = "";
if (!CheckApiAccessKey(context.Request, ref msg))
{
//_apiResponse.ErrorType = "Access Key";
_apiResponse.Msg = msg.ToString();
_apiResponse.ResponseCode = "1";
log.Error(_apiResponse.Msg);
return _responseMessage = context.Request.CreateResponse(HttpStatusCode.NotAcceptable, _apiResponse);
}
//else if (!CheckTokenValidation(context.Request, ref msg))
//{
// //_apiResponse.ErrorType = "Token No";
// _apiResponse.Msg = msg.ToString();
// _apiResponse.ErrorCode = "1";
// log.Error(_apiResponse.Msg);
// return _responseMessage = context.Request.CreateResponse(HttpStatusCode.Unauthorized, _apiResponse);
//}
}
catch (Exception ex)
{
_apiResponse.ResponseCode = "1";
_apiResponse.Msg = "Api Access Key Not Match";
LogicalThreadContext.Properties["exception"] = ex;
log.Error(_apiResponse.Msg);
_responseMessage = context.Request.CreateResponse(HttpStatusCode.InternalServerError, _apiResponse);
context.ErrorResult = new FailureResult(_responseMessage);
}
return _responseMessage;
}
public bool CheckApiAccessKey(HttpRequestMessage request, ref string msg)
{
//IEnumerable<string> authHeaders;
IEnumerable<string> apiAccessKeys;
if (!request.Headers.Contains("apiAccessKey") || !request.Headers.TryGetValues("apiAccessKey", out apiAccessKeys) || apiAccessKeys.Count() > 1)
{
msg = "Api Access Key Is Required On Headers";
return false;
}
var apiAccessKey = apiAccessKeys.ElementAt(0);
if (apiAccessKey != ConfigurationManager.AppSettings["apiAccessKey"].ToString())
{
msg = "Api Access Key Not Match";
return false;
}
return true;
}
public bool LoginOnSystem(HttpRequestMessage request, ref string msg)
{
//bool isVl
if (!request.Headers.Contains("tokenNo") && !request.Headers.Contains("username") && !request.Headers.Contains("password"))
{
msg = "Please Include Header With Your Valid Login Credential";
return false;
}
else if (request.Headers.GetValues("tokenNo").FirstOrDefault() != "1234567890")
{
msg = "Token No Not Match";
return false;
}
return true;
}
public bool CheckTokenValidation(HttpRequestMessage request, ref string msg)
{
if (!request.Headers.Contains("tokenNo"))
{
msg = "Token No Is Required On Headers";
return false;
}
string tokenNo = request.Headers.GetValues("tokenNo").FirstOrDefault();
return _tokenManagementServices.CheckTokenNo(tokenNo, ref msg);
}
}
}