Version 5.0.0-beta

Author: mendozagit

Auth/AuthResponseService.cs

@@ -0,0 +1,98 @@
+/*
+ * ============================================================================
+ * Mozilla Public License 2.0 (MPL-2.0)
+ * Autor: FISCAL API S. DE R.L. DE C.V. - https://fiscalapi.com
+ * ============================================================================
+ *
+ * Este código está sujeto a los términos de la Mozilla Public License v2.0.
+ * Licencia completa: https://mozilla.org/MPL/2.0
+ *
+ * AVISO: Este software se proporciona "tal como está" sin garantías de ningún
+ * tipo. Al usar, modificar o distribuir este código debe mantener esta
+ * atribución y las referencias al autor.
+ *
+ * ============================================================================
+ */
+
+using Fiscalapi.Credentials.Core;
+using XmlDownloader.Auth.Models;
+using XmlDownloader.Auth.Models.Sat;
+using XmlDownloader.Common;
+using XmlDownloader.Common.Enums;
+using XmlDownloader.Common.Http;
+
+namespace XmlDownloader.Auth;
+
+public static class AuthResponseService
+{
+    public static AuthResponse Build(SatResponse satResponse, ICredential credential)
+    {
+        /*
+         *<s:envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+               <s:header>
+                   <o:security s:mustunderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+                       <u:timestamp u:id="_0">
+                           <u:created>2023-07-14T15:42:58.786Z</u:created>
+                           <u:expires>2023-07-14T15:47:58.786Z</u:expires>
+                       </u:timestamp>
+                   </o:security>
+               </s:header>
+               <s:body>
+                   <autenticaresponse xmlns="http://DescargaMasivaTerceros.gob.mx">
+                     <autenticaresult>token...</autenticaresult>
+                   </autenticaresponse>
+               </s:body>
+           </s:envelope>
+
+            <s:envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
+               <s:body>
+                   <s:fault>
+                       <faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</faultcode>
+                       <faultstring xml:lang="en-US">An error occurred when verifying security for the message.</faultstring>
+                   </s:fault>
+               </s:body>
+           </s:envelope>
+         */
+        if (satResponse.IsSuccessStatusCode)
+        {
+            var envelope = XmlSerializerService.Deserialize<AuthEnvelope>(satResponse.RawResponse!);
+            return new AuthResponse
+            {
+                Succeeded = true,
+                SatStatus = SatStatus.RequestSucceeded,
+                SatStatusCode = SatStatus.RequestSucceeded.ToEnumCode(),
+                SatMessage = "",
+                TokenValue = envelope?.Body?.AutenticaResponse?.AutenticaResult,
+                ValidFrom = envelope?.Header?.Security?.Timestamp?.Created,
+                ValidTo = envelope?.Header?.Security?.Timestamp?.Expires,
+                RawRequest = satResponse.RawRequest,
+                RawResponse = satResponse.RawResponse,
+                Tin = credential.Certificate.Rfc
+            };
+        }
+
+        if (satResponse.RawResponse is not null && satResponse.RawResponse.ToLowerInvariant().Contains("fault"))
+        {
+            var faultEnvelope = XmlSerializerService.Deserialize<AuthFaultEnvelope>(satResponse.RawResponse);
+            return new AuthResponse
+            {
+                Succeeded = false,
+                SatStatus = SatStatus.Unknown,
+                SatStatusCode = faultEnvelope?.Body?.Fault?.FaultCode,
+                SatMessage = faultEnvelope?.Body?.Fault?.FaultMessage,
+                RawRequest = satResponse.RawRequest,
+                RawResponse = satResponse.RawResponse,
+            };
+        }
+
+        return new AuthResponse
+        {
+            Succeeded = false,
+            SatStatus = SatStatus.Unknown,
+            SatStatusCode = "UnknownError",
+            SatMessage = $"StatusCode: {satResponse.HttpStatusCode} Message: {satResponse.ReasonPhrase}",
+            RawRequest = satResponse.RawRequest,
+            RawResponse = satResponse.RawResponse,
+        };
+    }
+}

Auth/AuthService.cs

@@ -0,0 +1,141 @@
+/*
+ * ============================================================================
+ * Mozilla Public License 2.0 (MPL-2.0)
+ * Autor: FISCAL API S. DE R.L. DE C.V. - https://fiscalapi.com
+ * ============================================================================
+ *
+ * Este código está sujeto a los términos de la Mozilla Public License v2.0.
+ * Licencia completa: https://mozilla.org/MPL/2.0
+ *
+ * AVISO: Este software se proporciona "tal como está" sin garantías de ningún
+ * tipo. Al usar, modificar o distribuir este código debe mantener esta
+ * atribución y las referencias al autor.
+ *
+ * ============================================================================
+ */
+
+using Fiscalapi.Credentials.Common;
+using Fiscalapi.Credentials.Core;
+using XmlDownloader.Auth.Models;
+using XmlDownloader.Common;
+using XmlDownloader.Common.Http;
+
+namespace XmlDownloader.Auth;
+
+/// <summary>
+/// SAT Authentication Service.
+/// </summary>
+public class AuthService : SatService, IAuthService
+{
+    /// <summary>
+    /// Authenticates with SAT using the provided credential and returns the authentication token
+    /// </summary>
+    public async Task<AuthResponse> AuthenticateAsync(ICredential credential,
+        CancellationToken cancellationToken = default)
+    {
+        // Generate Sat XML security token ID
+        var uuid = CreateSecurityToken();
+
+        // Create digest and signature using unified template
+        var digest = CreateDigest(credential);
+        var signature = CreateSignature(digest, credential, uuid);
+
+        // Build SOAP envelope
+        var authXml = BuildEnvelope(digest, uuid, credential.Certificate.RawDataBytes.ToBase64String(),
+            signature);
+
+        // Send request
+        var satResponse = await SendRequestAsync(
+            url: SatUrl.AuthUrl,
+            action: SatUrl.AuthAction,
+            payload: authXml,
+            cancellationToken: cancellationToken);
+
+        // Map response 
+        var authResponse = AuthResponseService.Build(satResponse, credential);
+
+        return authResponse;
+    }
+
+    /// <summary>
+    /// Creates the digest for authentication
+    /// </summary>
+    private static Digest CreateDigest(ICredential credential)
+    {
+        var created = DateTime.UtcNow;
+        var expires = created.AddSeconds(300);
+
+        var timestampXml = XmlTemplates.TimestampTemplate
+            .Replace(XmlPlaceholders.Created, created.ToSatFormat())
+            .Replace(XmlPlaceholders.Expires, expires.ToSatFormat());
+
+        var base64Hash = credential.CreateHash(timestampXml.Clean());
+
+        return new Digest
+        {
+            Created = created,
+            Expires = expires,
+            Base64Digested = base64Hash
+        };
+    }
+
+    /// <summary>
+    /// Creates the complete signature
+    /// </summary>
+    private static string CreateSignature(Digest digest, ICredential credential, string uuid)
+    {
+        // Create SignedInfo
+        var signedInfo = XmlTemplates.SignedInfo
+            .Replace(XmlPlaceholders.Base64Digested, digest.Base64Digested)
+            .Replace(XmlPlaceholders.ReferenceUri, "#_0"); // Auth siempre usa #_0
+
+        // Sign the SignedInfo
+        var signatureValue = credential.SignData(signedInfo.Clean()).ToBase64String();
+
+        // Remove namespace from SignedInfo for embedding
+        var cleanSignedInfo = signedInfo.Replace(
+            @"<SignedInfo xmlns=""http://www.w3.org/2000/09/xmldsig#"">",
+            "<SignedInfo>");
+
+        // Create KeyInfo 
+        var keyInfo = XmlTemplates.SecurityTokenReferenceKeyInfo
+            .Replace(XmlPlaceholders.Uuid, uuid);
+
+        // Build complete signature
+        var signature = XmlTemplates.SignatureTemplate
+            .Replace(XmlPlaceholders.SignedInfo, cleanSignedInfo)
+            .Replace(XmlPlaceholders.Base64Signature, signatureValue)
+            .Replace(XmlPlaceholders.KeyInfo, keyInfo);
+
+        return signature;
+    }
+
+    /// <summary>
+    /// Builds the complete authentication envelope
+    /// </summary>
+    private static string BuildEnvelope(Digest digest, string uuid, string certificate, string signature)
+    {
+        var binarySecurityToken = XmlTemplates.BinarySecurityToken
+            .Replace(XmlPlaceholders.Uuid, uuid)
+            .Replace(XmlPlaceholders.Base64Cer, certificate);
+
+        var authEnvelope = XmlTemplates.AuthEnvelope
+            .Replace(XmlPlaceholders.Created, digest.Created.ToSatFormat())
+            .Replace(XmlPlaceholders.Expires, digest.Expires.ToSatFormat())
+            .Replace(XmlPlaceholders.Uuid, uuid)
+            .Replace(XmlPlaceholders.Base64Cer, certificate)
+            .Replace(XmlPlaceholders.SignatureData, signature);
+
+        return authEnvelope.Clean();
+    }
+
+    /// <summary>
+    /// Creates a unique XML security token ID
+    /// </summary>
+    private static string CreateSecurityToken()
+    {
+        var uuid = Guid.NewGuid().ToString("D").ToLowerInvariant();
+
+        return $"uuid-{uuid}-4";
+    }
+}

Auth/IAuthService.cs

@@ -0,0 +1,34 @@
+/*
+ * ============================================================================
+ * Mozilla Public License 2.0 (MPL-2.0)
+ * Autor: FISCAL API S. DE R.L. DE C.V. - https://fiscalapi.com
+ * ============================================================================
+ *
+ * Este código está sujeto a los términos de la Mozilla Public License v2.0.
+ * Licencia completa: https://mozilla.org/MPL/2.0
+ *
+ * AVISO: Este software se proporciona "tal como está" sin garantías de ningún
+ * tipo. Al usar, modificar o distribuir este código debe mantener esta
+ * atribución y las referencias al autor.
+ *
+ * ============================================================================
+ */
+
+using Fiscalapi.Credentials.Core;
+using XmlDownloader.Auth.Models;
+
+namespace XmlDownloader.Auth;
+
+/// <summary>
+/// Interface for the SAT Authentication Service.
+/// </summary>
+public interface IAuthService
+{
+    /// <summary>
+    /// Authenticates with SAT using the provided credential and returns the authentication token.
+    /// </summary>
+    /// <param name="credential"></param>
+    /// <param name="cancellationToken">CancellationToken</param>
+    /// <returns></returns>
+    Task<AuthResponse> AuthenticateAsync(ICredential credential, CancellationToken cancellationToken = default);
+}

Auth/Models/AuthResponse.cs

@@ -0,0 +1,67 @@
+/*
+ * ============================================================================
+ * Mozilla Public License 2.0 (MPL-2.0)
+ * Autor: FISCAL API S. DE R.L. DE C.V. - https://fiscalapi.com
+ * ============================================================================
+ *
+ * Este código está sujeto a los términos de la Mozilla Public License v2.0.
+ * Licencia completa: https://mozilla.org/MPL/2.0
+ *
+ * AVISO: Este software se proporciona "tal como está" sin garantías de ningún
+ * tipo. Al usar, modificar o distribuir este código debe mantener esta
+ * atribución y las referencias al autor.
+ *
+ * ============================================================================
+ */
+
+using XmlDownloader.Common.Http;
+
+namespace XmlDownloader.Auth.Models;
+
+/// <summary>
+/// Response from the authentication service
+/// </summary>
+public class AuthResponse : BaseResponse
+{
+    /// <summary>
+    /// The JWT token returned in a successful response.
+    /// </summary>
+    public string? TokenValue { get; set; }
+
+    /// <summary>
+    /// The timestamp indicating when the token becomes valid.
+    /// </summary>
+    public DateTime? ValidFrom { get; set; }
+
+    /// <summary>
+    /// The timestamp indicating when the token expires.
+    /// </summary>
+    public DateTime? ValidTo { get; set; }
+
+    /// <summary>
+    /// RFC associated with the Auth response. The tax identification number (TIN) 
+    /// </summary>
+    public string? Tin { get; set; }
+
+    /// <summary>
+    /// Get token details as a structured object
+    /// </summary>
+    public Token? Token
+    {
+        get
+        {
+            if (!string.IsNullOrWhiteSpace(TokenValue))
+            {
+                return new Token
+                {
+                    Value = TokenValue,
+                    ValidFrom = ValidFrom,
+                    ValidTo = ValidTo,
+                    Tin = Tin
+                };
+            }
+
+            return null;
+        }
+    }
+}

Auth/Models/Digest.cs

@@ -0,0 +1,24 @@
+/*
+ * ============================================================================
+ * Mozilla Public License 2.0 (MPL-2.0)
+ * Autor: FISCAL API S. DE R.L. DE C.V. - https://fiscalapi.com
+ * ============================================================================
+ *
+ * Este código está sujeto a los términos de la Mozilla Public License v2.0.
+ * Licencia completa: https://mozilla.org/MPL/2.0
+ *
+ * AVISO: Este software se proporciona "tal como está" sin garantías de ningún
+ * tipo. Al usar, modificar o distribuir este código debe mantener esta
+ * atribución y las referencias al autor.
+ *
+ * ============================================================================
+ */
+
+namespace XmlDownloader.Auth.Models;
+
+public class Digest
+{
+    public DateTime Created { get; set; }
+    public DateTime Expires { get; set; }
+    public string Base64Digested { get; set; } = string.Empty;
+}