Project-Unite/Controllers/OAuth2Controller.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

using System;
using System.Globalization;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin.Security;
using Project_Unite.Models;
using System.Text;
using System.Net;

namespace Project_Unite.Controllers
{
    public class OAuthController : Controller
    {
        private ApplicationSignInManager _signInManager = null;
        private ApplicationUserManager _userManager = null;

        public ApplicationSignInManager SignInManager
        {
            get
            {
                return _signInManager ?? HttpContext.GetOwinContext().Get<ApplicationSignInManager>();
            }
            private set
            {
                _signInManager = value;
            }
        }

        public ApplicationUserManager UserManager
        {
            get
            {
                return _userManager ?? HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
            }
            private set
            {
                _userManager = value;
            }
        }


        [AllowAnonymous]
        public async Task<ActionResult> Login(string appname, string appdesc, string version)
        {
            try
            {
                string authHeader = Request.Headers["Authentication"];
                string b64_auth = authHeader.Remove(0, 6); //get rid of the "Basic " text.
                byte[] data = Convert.FromBase64String(b64_auth);
                string plaintext = Encoding.UTF8.GetString(data);
                string[] split = plaintext.Split(':');
                string username = split[0];
                string password = split[1];
                var result = await SignInManager.PasswordSignInAsync(username, password, false, false);
                if(result == Microsoft.AspNet.Identity.Owin.SignInStatus.Success)
                {
                    var db = new ApplicationDbContext();
                    var user = db.Users.FirstOrDefault(x => x.UserName == username);
                    var auth_token = db.OAuthTokens.Where(x => x.UserId == user.Id).FirstOrDefault(x => x.AppName == appname && x.AppDescription == appdesc && x.Version == version);
                    if(auth_token == null)
                    {
                        auth_token = new Models.OAuthToken
                        {
                            Id = Guid.NewGuid().ToString(),
                            UserId = user.Id,
                            AppName = appname,
                            AppDescription = appdesc,
                            Version = version
                        };
                        db.OAuthTokens.Add(auth_token);
                        db.SaveChanges();
                        return Content(auth_token.Id);
                    }
                    else
                    {
                        return Content(auth_token.Id);
                    }
                }
                else
                {
                    return new HttpStatusCodeResult(403);
                }
            }
            catch
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }

        }
    }
}