You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
170 lines
7.1 KiB
170 lines
7.1 KiB
using Business.BusinessLogic.Auth;
|
|
using Business.TokenManagement;
|
|
using Common.Models.RequestResponse;
|
|
using Common.Utility;
|
|
using log4net;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Configuration;
|
|
using System.Linq;
|
|
using System.Net;
|
|
using System.Net.Http;
|
|
using System.Threading;
|
|
using System.Threading.Tasks;
|
|
using System.Web.Http;
|
|
using System.Web.Http.Filters;
|
|
|
|
namespace ThirdPartyAPIs.CustomFilter
|
|
{
|
|
public class ApplicationAuthenticationFilter : IFilter, IAuthenticationFilter
|
|
{
|
|
public bool AllowMultiple => true;
|
|
|
|
public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
|
|
{
|
|
var shouldSkipAuthorization = context.ActionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any() ||
|
|
context.ActionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any();
|
|
if (!shouldSkipAuthorization)
|
|
{
|
|
HttpResponseMessage _responseMessage = new AuthenticationHelper().CheckApiAuthenticationValidation(context);
|
|
if (_responseMessage != null)
|
|
{
|
|
context.ErrorResult = new FailureResult(_responseMessage);
|
|
}
|
|
}
|
|
return Task.FromResult(0);
|
|
}
|
|
|
|
public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
|
|
{
|
|
return Task.FromResult(0);
|
|
}
|
|
}
|
|
|
|
public class FailureResult : IHttpActionResult
|
|
{
|
|
public HttpResponseMessage _errorMessage { get; private set; }
|
|
|
|
public FailureResult(HttpResponseMessage errorMessage)
|
|
{
|
|
_errorMessage = errorMessage;
|
|
}
|
|
|
|
public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)
|
|
{
|
|
return Task.FromResult(_errorMessage);
|
|
}
|
|
}
|
|
|
|
public class AuthenticationHelper
|
|
{
|
|
private readonly ILog log = LogManager.GetLogger(typeof(ApplicationAuthenticationFilter));
|
|
private readonly ITokenManagementServices _tokenManagementServices;
|
|
private TPResponse _apiResponse = new TPResponse();
|
|
private HttpResponseMessage _responseMessage;
|
|
|
|
public AuthenticationHelper()
|
|
{
|
|
_tokenManagementServices = new TokenManagementServices(new AuthServices());
|
|
}
|
|
|
|
public HttpResponseMessage CheckApiAuthenticationValidation(HttpAuthenticationContext context)
|
|
{
|
|
try
|
|
{
|
|
List<string> validApiRequistContentType = new List<string>() {
|
|
"application/json",
|
|
"application/json; charset=utf-8",
|
|
"application/xml",
|
|
"application/pdf",
|
|
"application/soap+xml"
|
|
};
|
|
var user = context.Principal.Identity.IsAuthenticated ? context.Principal.Identity.Name : "No Name";
|
|
LogicalThreadContext.Properties["client_ip_address"] = new GetClientIpAddress().GetIpAddress(context.Request);
|
|
LogicalThreadContext.Properties["user_name"] = user;
|
|
// Check ContainType Valid or Not
|
|
var contentTypeName = (context.Request.Content.Headers.Contains("Content-Type") ? context.Request.Content.Headers.GetValues("Content-Type").FirstOrDefault() : "");
|
|
if (!validApiRequistContentType.Contains(contentTypeName))
|
|
{
|
|
//_apiResponse.ErrorType = "unsupportedMediaType";
|
|
_apiResponse.Msg = "Media Type expected: 'application/json'.";
|
|
_apiResponse.ResponseCode = "1";
|
|
log.Error(_apiResponse.Msg);
|
|
return _responseMessage = context.Request.CreateResponse(HttpStatusCode.BadRequest, _apiResponse);
|
|
}
|
|
string msg = "";
|
|
if (!CheckApiAccessKey(context.Request, ref msg))
|
|
{
|
|
//_apiResponse.ErrorType = "Access Key";
|
|
_apiResponse.Msg = msg.ToString();
|
|
_apiResponse.ResponseCode = "1";
|
|
log.Error(_apiResponse.Msg);
|
|
return _responseMessage = context.Request.CreateResponse(HttpStatusCode.NotAcceptable, _apiResponse);
|
|
}
|
|
//else if (!CheckTokenValidation(context.Request, ref msg))
|
|
//{
|
|
// //_apiResponse.ErrorType = "Token No";
|
|
// _apiResponse.Msg = msg.ToString();
|
|
// _apiResponse.ErrorCode = "1";
|
|
// log.Error(_apiResponse.Msg);
|
|
// return _responseMessage = context.Request.CreateResponse(HttpStatusCode.Unauthorized, _apiResponse);
|
|
//}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
_apiResponse.ResponseCode = "1";
|
|
_apiResponse.Msg = "Api Access Key Not Match";
|
|
LogicalThreadContext.Properties["exception"] = ex;
|
|
log.Error(_apiResponse.Msg);
|
|
_responseMessage = context.Request.CreateResponse(HttpStatusCode.InternalServerError, _apiResponse);
|
|
context.ErrorResult = new FailureResult(_responseMessage);
|
|
}
|
|
return _responseMessage;
|
|
}
|
|
|
|
public bool CheckApiAccessKey(HttpRequestMessage request, ref string msg)
|
|
{
|
|
//IEnumerable<string> authHeaders;
|
|
IEnumerable<string> apiAccessKeys;
|
|
if (!request.Headers.Contains("apiAccessKey") || !request.Headers.TryGetValues("apiAccessKey", out apiAccessKeys) || apiAccessKeys.Count() > 1)
|
|
{
|
|
msg = "Api Access Key Is Required On Headers";
|
|
return false;
|
|
}
|
|
var apiAccessKey = apiAccessKeys.ElementAt(0);
|
|
if (apiAccessKey != ConfigurationManager.AppSettings["apiAccessKey"].ToString())
|
|
{
|
|
msg = "Api Access Key Not Match";
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public bool LoginOnSystem(HttpRequestMessage request, ref string msg)
|
|
{
|
|
//bool isVl
|
|
if (!request.Headers.Contains("tokenNo") && !request.Headers.Contains("username") && !request.Headers.Contains("password"))
|
|
{
|
|
msg = "Please Include Header With Your Valid Login Credential";
|
|
return false;
|
|
}
|
|
else if (request.Headers.GetValues("tokenNo").FirstOrDefault() != "1234567890")
|
|
{
|
|
msg = "Token No Not Match";
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public bool CheckTokenValidation(HttpRequestMessage request, ref string msg)
|
|
{
|
|
if (!request.Headers.Contains("tokenNo"))
|
|
{
|
|
msg = "Token No Is Required On Headers";
|
|
return false;
|
|
}
|
|
string tokenNo = request.Headers.GetValues("tokenNo").FirstOrDefault();
|
|
return _tokenManagementServices.CheckTokenNo(tokenNo, ref msg);
|
|
}
|
|
}
|
|
}
|