Add support for products, batches and vouchers

BulkPrintingAPI/BulkPrintingAPI.csproj

@@ -6,10 +6,10 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <Folder Include="Models\" />
     <Folder Include="wwwroot\" />
   </ItemGroup>
   <ItemGroup>
+    <PackageReference Include="CoreFtp" Version="1.3.5" />
     <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.0.0" />
     <PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />
@@ -21,7 +21,6 @@
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer.Design" Version="1.1.2" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="1.1.1" />
     <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
-    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.2" />
     <PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="1.1.2" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="1.1.1" />
   </ItemGroup>

BulkPrintingAPI/CacheKeys.cs

@@ -0,0 +1,10 @@
+namespace BulkPrintingAPI
+{
+    public static class CacheKeys
+    {
+        public static string GetAccountProductsKey(int accountId)
+        {
+            return string.Format("AccountProducts:{0}", accountId);
+        }
+    }
+}

BulkPrintingAPI/Configuration/DataEncryptionOptions.cs

@@ -0,0 +1,59 @@
+using Microsoft.Extensions.Configuration;
+using System;
+using System.Security.Cryptography;
+
+namespace BulkPrintingAPI.Configuration
+{
+    public class DataEncryptionOptions
+    {
+        private const int _defaultIterations = 4096;
+        private const int _defaultSaltLength = 20;
+        private const string _defaultPasswordNoise = "shie5heeX6pekaehovuS2yu0Ciejah7a";
+
+        public DataEncryptionOptions(IConfiguration configuration)
+        {
+            DefaultKey = DeriveKey(configuration, "DefaultKey").GetBytes(32);
+            DefaultIterations = configuration.GetValue("DefaultIterations", _defaultIterations);
+            DefaultSaltLength = configuration.GetValue("DefaultSaltLength", _defaultSaltLength);
+            PasswordNoise = configuration.GetValue("PasswordFuzz", _defaultPasswordNoise);
+        }
+
+        public static Rfc2898DeriveBytes DeriveKey(IConfiguration root, string section)
+        {
+            var configuration = root.GetSection(section);
+
+            string password = configuration["Password"];
+            if (string.IsNullOrEmpty(password))
+                throw new ArgumentException(
+                    string.Format("Missing '{0}:Password' value", section),
+                    nameof(configuration));
+
+            string encodedSalt = configuration["EncodedSalt"];
+            if (string.IsNullOrEmpty(encodedSalt))
+                throw new ArgumentException(
+                    string.Format("Missing '{0}:EncodedSalt' value", section),
+                    nameof(configuration));
+            var salt = Convert.FromBase64String(encodedSalt);
+
+            return DeriveKey(password, salt, configuration.GetValue("Iterations", _defaultIterations));
+        }
+
+        public static Rfc2898DeriveBytes DeriveKey(string password, byte[] salt, int iterations)
+        {
+            return new Rfc2898DeriveBytes(password, salt, iterations);
+        }
+
+        public static Rfc2898DeriveBytes DeriveKey(string password, int saltSize, int iterations)
+        {
+            return new Rfc2898DeriveBytes(password, saltSize, iterations);
+        }
+
+        public byte[] DefaultKey { get; set; }
+
+        public int DefaultIterations { get; set; }
+
+        public int DefaultSaltLength { get; set; }
+
+        public string PasswordNoise { get; set; }
+    }
+}

BulkPrintingAPI/Configuration/TokenAuthenticationOptions.cs

@@ -1,8 +1,6 @@
 using Microsoft.Extensions.Configuration;
 using Microsoft.IdentityModel.Tokens;
 using System;
-using System.Security.Cryptography;
-using System.Text;
 using System.Threading.Tasks;
 
 namespace BulkPrintingAPI.Configuration
@@ -11,23 +9,11 @@ namespace BulkPrintingAPI.Configuration
     {
         public TokenAuthenticationOptions(IConfiguration configuration)
         {
-            string secretKey = configuration["SecretKey"];
-            if (String.IsNullOrEmpty(secretKey))
-                throw new ArgumentException("Missing 'SecretKey' value", nameof(configuration));
-
-            string salt = configuration["Salt"];
-            if (String.IsNullOrEmpty(secretKey))
-                throw new ArgumentException("Missing 'Salt' value", nameof(configuration));
-
-            var rawKey = new Rfc2898DeriveBytes(
-                    Encoding.ASCII.GetBytes(secretKey),
-                    Encoding.ASCII.GetBytes(salt),
-                    configuration.GetValue("Iterations", 4096)).GetBytes(32);
-
             Issuer = configuration.GetValue("Issuer", "bulk");
             Audience = configuration.GetValue("Audience", "bulk");
             Lifetime = TimeSpan.FromSeconds(configuration.GetValue("TokenLifetime", 600));
-            Key = new SymmetricSecurityKey(rawKey);
+            Key = new SymmetricSecurityKey(DataEncryptionOptions.DeriveKey(configuration, "Key")
+                .GetBytes(32));
             SigningCredentials = new SigningCredentials(Key, SecurityAlgorithms.HmacSha256);
             EncryptingCredentials = new EncryptingCredentials(Key, "dir",
                 SecurityAlgorithms.Aes128CbcHmacSha256);

BulkPrintingAPI/Controllers/BatchesController.cs

@@ -0,0 +1,129 @@
+using BulkPrintingAPI.Configuration;
+using MAX.Models;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Controllers
+{
+    [Produces("application/json")]
+    [Route("api/v1/[controller]")]
+    public class BatchesController : Controller
+    {
+        public class OrderRequest
+        {
+            [Required]
+            public int? ProductId { get; set; }
+
+            [Required]
+            [Range(1, int.MaxValue)]
+            public int Quantity { get; set; }
+
+            [Required]
+            public string CustomerReference { get; set; }
+        };
+
+        private readonly ILogger _logger;
+        private readonly IMemoryCache _cache;
+        private readonly DataEncryptionOptions _dataEncryptionOptions;
+        private readonly MAX.ClientFactory _clientFactory;
+        private readonly MAXContext _context;
+
+        public BatchesController(ILoggerFactory loggerFactory, IMemoryCache cache,
+            DataEncryptionOptions dataEncryptionOptions,
+            MAX.ClientFactory clientFactory, MAXContext context)
+        {
+            _logger = loggerFactory.CreateLogger(GetType().FullName);
+            _cache = cache;
+            _dataEncryptionOptions = dataEncryptionOptions;
+            _clientFactory = clientFactory;
+            _context = context;
+        }
+
+        private IQueryable<Batch> BatchesForVendor(int vendorId)
+        {
+            return _context.Batches.Where(b => b.VendorId == vendorId);
+        }
+
+        [HttpGet]
+        public async Task<IEnumerable<Batch>> GetBatches()
+        {
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            return BatchesForVendor(credentials.Vendor.Id)
+                .OrderByDescending(b => b.OrderDate);
+        }
+
+        [HttpGet("{id}")]
+        public async Task<IActionResult> GetBatch([FromRoute] int id)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            var batch = await BatchesForVendor(credentials.Vendor.Id)
+                .Include(b => b.Account)
+                .SingleOrDefaultAsync(m => m.Id == id);
+
+            if (batch == null)
+            {
+                return NotFound();
+            }
+
+            if (!batch.ReadyForDownload)
+            {
+                await Utils.DownloadVouchersAsync(_context, batch);
+            }
+
+            return Ok(batch);
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> PlaceOrder([FromBody] OrderRequest order)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            var catalogue = await Utils.GetProductCatalogueAsync(_clientFactory, _logger, _cache,
+                credentials);
+
+            Product product;
+            if (!catalogue.ProductMap.TryGetValue(order.ProductId.Value, out product))
+            {
+                return BadRequest("Invalid product ID");
+            }
+
+            var orderResponse = await MAX.Utils.PlaceOrderAsync(_clientFactory, _logger,
+                credentials, product, order.Quantity, order.CustomerReference,
+                Utils.AesDecryptBytes(credentials.Vendor.EncryptedVoucherKey,
+                    _dataEncryptionOptions.DefaultKey));
+
+            _context.Batches.Add(orderResponse.Batch);
+            credentials.User.Account.Balance = orderResponse.RemainingBalance;
+            await _context.SaveChangesAsync();
+
+            try
+            {
+                await Utils.DownloadVouchersAsync(_context, orderResponse.Batch);
+            }
+            catch (Exception e)
+            {
+                _logger.LogError(string.Format(
+                    "Failed to download vouchers for {0} batchId={1}: {2}",
+                    credentials.ToString(), orderResponse.Batch.Id, e.Message));
+            }
+
+            return Ok(orderResponse);
+        }
+    }
+}

BulkPrintingAPI/Controllers/LoginController.cs

@@ -1,21 +1,19 @@
 using BulkPrintingAPI.Configuration;
-using BulkPrintingAPI.Db;
-using BulkPrintingAPI.Services;
-using MAX.Models;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.ModelBinding;
 using Microsoft.Extensions.Logging;
+using Newtonsoft.Json;
 using System;
 using System.ComponentModel.DataAnnotations;
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
+using System.Text;
 using System.Threading.Tasks;
 
 namespace BulkPrintingAPI.Controllers
 {
-    //[Produces("application/json")]
-    [Route("api/[controller]")]
+    [Produces("application/json")]
+    [Route("api/v1/[controller]")]
     public class LoginController : Controller
     {
         public class LoginRequest
@@ -36,93 +34,129 @@ namespace BulkPrintingAPI.Controllers
             public string Password { get; set; }
         }
 
-        private ILogger logger;
-        private TokenAuthenticationOptions tokenAuthenticationOptions;
-        private MAXClientFactory clientFactory;
-        private MAXDbContext dbContext;
+        private readonly ILogger _logger;
+        private readonly TokenAuthenticationOptions _tokenAuthenticationOptions;
+        private readonly DataEncryptionOptions _dataEncryptionOptions;
+        private readonly MAX.ClientFactory _clientFactory;
+        private readonly MAX.Models.MAXContext _context;
 
         public LoginController(ILoggerFactory loggerFactory,
             TokenAuthenticationOptions tokenAuthenticationOptions,
-            MAXClientFactory clientFactory,
-            MAXDbContext dbContext)
+            DataEncryptionOptions dataEncryptionOptions,
+            MAX.ClientFactory clientFactory,
+            MAX.Models.MAXContext context)
         {
-            logger = loggerFactory.CreateLogger(GetType().FullName);
-            this.tokenAuthenticationOptions = tokenAuthenticationOptions;
-            this.clientFactory = clientFactory;
-            this.dbContext = dbContext;
+            _logger = loggerFactory.CreateLogger(GetType().FullName);
+            _tokenAuthenticationOptions = tokenAuthenticationOptions;
+            _dataEncryptionOptions = dataEncryptionOptions;
+            _clientFactory = clientFactory;
+            _context = context;
         }
 
         [HttpPost]
         [AllowAnonymous]
         public async Task<IActionResult> Post([FromBody] LoginRequest loginRequest)
         {
-            if (! ModelState.IsValid)
+            if (!ModelState.IsValid)
                 return BadRequest();
 
-            using (var client = clientFactory.GetClient(logger, loginRequest.VendorId.Value,
-                loginRequest.SerialNumber, loginRequest.UserId.Value, loginRequest.Username,
-                loginRequest.Password))
+            MAX.Models.User user;
+            try
             {
-                User user;
-                try
-                {
-                    user = await client.ConnectAsync();
-                }
-                catch (Exception e)
-                {
-                    logger.LogError(
-                        "ConnectAsync failed for vendorId={0} serialNumber={1} userId={2} username={3}: {4}",
-                        loginRequest.VendorId, loginRequest.SerialNumber,
-                        loginRequest.UserId, loginRequest.Username, e.Message);
-                    return Unauthorized();
-                }
-
-                if (user == null)
-                {
-                    logger.LogInformation(
-                        "Login failed for vendorId={0} serialNumber={1} userId={2} username={3}",
-                        loginRequest.VendorId, loginRequest.SerialNumber,
-                        loginRequest.UserId, loginRequest.Username);
-                    return Unauthorized();
-                }
-
-                try
-                {
-                    await DbHelpers.SyncUserAndVendorWithDb(dbContext, user,
-                        loginRequest.VendorId.Value,
-                        loginRequest.SerialNumber);
-                }
-                catch (Exception e)
-                {
-                    logger.LogError(
-                        "SyncUserAndVendorWithDb failed for vendorId={0} serialNumber={1} userId={2} username={3}: {4}",
-                        loginRequest.VendorId, loginRequest.SerialNumber,
-                        loginRequest.UserId, loginRequest.Username, e.Message);
-                    return Unauthorized();
-                }
-
-                var now = DateTime.UtcNow;
-                var encodedJwt = new JwtSecurityTokenHandler().CreateEncodedJwt(
-                    issuer: tokenAuthenticationOptions.Issuer,
-                    audience: tokenAuthenticationOptions.Audience,
-                    subject: new ClaimsIdentity(new Claim[] {
+                user = await MAX.Utils.AuthenticateUserAsync(_clientFactory, _logger,
+                    loginRequest.UserId.Value, loginRequest.Username, loginRequest.VendorId.Value,
+                    loginRequest.SerialNumber, loginRequest.Password);
+            }
+            catch (Exception e)
+            {
+                _logger.LogError(
+                    "AuthenticateUserAsync failed for {0}: {1}",
+                    MAX.LoginCredentials.Format(loginRequest.UserId.Value, loginRequest.Username,
+                        loginRequest.VendorId.Value, loginRequest.SerialNumber),
+                    e.Message);
+                return Unauthorized();
+            }
+
+            if (user == null)
+            {
+                _logger.LogInformation(
+                    "Login failed for {0}",
+                    MAX.LoginCredentials.Format(loginRequest.UserId.Value, loginRequest.Username,
+                        loginRequest.VendorId.Value, loginRequest.SerialNumber));
+                return Unauthorized();
+            }
+
+            MAX.LoginCredentials credentials;
+            try
+            {
+                credentials = await Utils.SyncUserAndVendorWithDb(_context, _dataEncryptionOptions,
+                    user, loginRequest.Password, loginRequest.VendorId.Value, loginRequest.SerialNumber);
+            }
+            catch (Exception e)
+            {
+                _logger.LogError(
+                    "SyncUserAndVendorWithDb failed for {0}: {1}",
+                    MAX.LoginCredentials.Format(loginRequest.UserId.Value, loginRequest.Username,
+                        loginRequest.VendorId.Value, loginRequest.SerialNumber),
+                    e.Message);
+                return Unauthorized();
+            }
+
+            var now = DateTime.UtcNow;
+            var encodedJwt = new JwtSecurityTokenHandler().CreateEncodedJwt(
+                issuer: _tokenAuthenticationOptions.Issuer,
+                audience: _tokenAuthenticationOptions.Audience,
+                subject: new ClaimsIdentity(new Claim[] {
                        new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
                        new Claim("xpwd", loginRequest.Password),
                        new Claim("xvid", loginRequest.VendorId.ToString()),
-                       new Claim(JwtRegisteredClaimNames.Jti, await tokenAuthenticationOptions.NonceGenerator())
-                    }),
-                    notBefore: now,
-                    expires: now.Add(tokenAuthenticationOptions.Lifetime),
-                    issuedAt: now,
-                    signingCredentials: tokenAuthenticationOptions.SigningCredentials,
-                    encryptingCredentials: tokenAuthenticationOptions.EncryptingCredentials
-                );
-
-                return Ok(new {
+                       new Claim(JwtRegisteredClaimNames.Jti, await _tokenAuthenticationOptions.NonceGenerator())
+                }),
+                notBefore: now,
+                expires: now.Add(_tokenAuthenticationOptions.Lifetime),
+                issuedAt: now,
+                signingCredentials: _tokenAuthenticationOptions.SigningCredentials,
+                encryptingCredentials: _tokenAuthenticationOptions.EncryptingCredentials
+            );
+
+            var derivedUserKey = DataEncryptionOptions.DeriveKey(credentials.Password +
+                _dataEncryptionOptions.PasswordNoise, _dataEncryptionOptions.DefaultSaltLength,
+                _dataEncryptionOptions.DefaultIterations);
+            var userKey = derivedUserKey.GetBytes(32);
+
+            var payload = Convert.ToBase64String(Encoding.UTF8.GetBytes(
+                JsonConvert.SerializeObject(new
+                    {
+                        user = credentials.User,
+                        vendor = credentials.Vendor,
+                        encryptedDatabasePassword = Convert.ToBase64String(Utils.AesReEncrypt(
+                            credentials.Vendor.EncryptedDatabasePassword,
+                            _dataEncryptionOptions.DefaultKey,
+                            userKey)),
+                        encryptedVoucherKey = Convert.ToBase64String(Utils.AesReEncrypt(
+                            credentials.Vendor.EncryptedVoucherKey,
+                            _dataEncryptionOptions.DefaultKey,
+                            userKey))
+                    })));
+
+            byte[] signature;
+            using (var hmac = new System.Security.Cryptography.HMACSHA256() { Key = userKey })
+            {
+                signature = hmac.ComputeHash(Encoding.ASCII.GetBytes(payload));
+            }
+
+            return Ok(new
+                {
                     access_token = encodedJwt,
-                    expires_in = (int)tokenAuthenticationOptions.Lifetime.TotalSeconds
+                    credentials = new
+                    {
+                        payload = payload,
+                        salt = Convert.ToBase64String(derivedUserKey.Salt),
+                        iterations = derivedUserKey.IterationCount,
+                        signature = Convert.ToBase64String(signature)
+                    },
+                    expires_in = (int)_tokenAuthenticationOptions.Lifetime.TotalSeconds
                 });
-            }
         }
     }
 }

BulkPrintingAPI/Controllers/ProductsController.cs

@@ -0,0 +1,37 @@
+using MAX.Models;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Logging;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Controllers
+{
+    [Produces("application/json")]
+    [Route("api/v1/[controller]")]
+    public class ProductsController : Controller
+    {
+        private readonly ILogger _logger;
+        private readonly IMemoryCache _cache;
+        private readonly MAX.ClientFactory _clientFactory;
+        private readonly MAXContext _context;
+
+        public ProductsController(ILoggerFactory loggerFactory, IMemoryCache cache,
+            MAX.ClientFactory clientFactory, MAXContext context)
+        {
+            _cache = cache;
+            _logger = loggerFactory.CreateLogger(GetType().FullName);
+            _clientFactory = clientFactory;
+            _context = context;
+        }
+
+        [HttpGet]
+        public async Task<List<Network>> Get()
+        {
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            var catalogue = await Utils.GetProductCatalogueAsync(_clientFactory, _logger, _cache,
+                credentials);
+            return catalogue.Networks;
+        }
+    }
+}

BulkPrintingAPI/Controllers/Utils.cs

@@ -0,0 +1,353 @@
+using BulkPrintingAPI.Configuration;
+using CoreFtp;
+using MAX.Models;
+using Microsoft.AspNetCore.Http;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Logging;
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Controllers
+{
+    public static class Utils
+    {
+        public static byte GetMinimalBitmask(byte value)
+        {
+            if (value == 0)
+            {
+                return 0;
+            }
+            value--;
+            value |= (byte)(value >> 1);
+            value |= (byte)(value >> 2);
+            value |= (byte)(value >> 4);
+            return value;
+        }
+
+        public static string GenerateRandomStringFromAlphabet(int length, string alphabet =
+            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_-+=[{]};:<>|./?")
+        {
+            if (alphabet.Length > 255)
+            {
+                throw new ArgumentException("Alphabet too long", nameof(alphabet));
+            }
+
+            var minimalBitmask = GetMinimalBitmask((byte)alphabet.Length);
+            var builder = new StringBuilder(length);
+            var randomBytes = new byte[length * 2];
+            int offset = randomBytes.Length;
+            using (var rng = RandomNumberGenerator.Create())
+            {
+                while (builder.Length < length)
+                {
+                    if (offset >= randomBytes.Length)
+                    {
+                        rng.GetBytes(randomBytes);
+                        offset = 0;
+                    }
+
+                    // We constrain c using minimalBitmask (minimal power of
+                    // two greater than alphabetSize, minus 1) so that it is as
+                    // close to fitting within alphabet.Length as possible while still
+                    // being evenly distributed. We then throw away any numbers >=
+                    // alphabet.Length. This is wasteful but it is the only way of
+                    // generating an unbiased selection, and random number
+                    // generators are very fast.
+                    byte c = (byte)(randomBytes[offset] & minimalBitmask);
+                    if (c < alphabet.Length)
+                    {
+                        builder.Append(alphabet[c]);
+                    }
+                    offset++;
+                }
+            }
+
+            return builder.ToString();
+        }
+
+        public static byte[] GenerateAndAesEncryptKey(int keyLength, byte[] encryptingKey)
+        {
+            var key = new byte[keyLength];
+            using (var rng = RandomNumberGenerator.Create())
+            {
+                rng.GetBytes(key);
+            }
+            using (var aes = Aes.Create())
+            using (var encryptor = aes.CreateEncryptor(encryptingKey, new byte[16]))
+            {
+                return MAX.Utils.Transform(encryptor, key);
+            }
+        }
+
+        public static byte[] GenerateAndAesEncryptPassword(int passwordLength, byte[] encryptingKey)
+        {
+            var password = GenerateRandomStringFromAlphabet(passwordLength);
+            using (var aes = Aes.Create())
+            using (var encryptor = aes.CreateEncryptor(encryptingKey, new byte[16]))
+            {
+                return MAX.Utils.Transform(encryptor, Encoding.ASCII.GetBytes(password));
+            }
+        }
+
+        public static byte[] AesDecryptBytes(byte[] cipherText, byte[] key)
+        {
+            using (var aes = Aes.Create())
+            using (var decryptor = aes.CreateDecryptor(key, new byte[16]))
+            {
+                return MAX.Utils.Transform(decryptor, cipherText);
+            }
+        }
+
+        public static string AesDecryptString(byte[] cipherText, byte[] key)
+        {
+            return Encoding.ASCII.GetString(AesDecryptBytes(cipherText, key));
+        }
+
+        public static byte[] AesReEncrypt(byte[] cipherText, byte[] originalKey, byte[] newKey)
+        {
+            using (var aes = Aes.Create())
+            {
+                byte[] plainText;
+                using (var decryptor = aes.CreateDecryptor(originalKey, new byte[16]))
+                {
+                    plainText = MAX.Utils.Transform(decryptor, cipherText);
+                }
+                using (var encryptor = aes.CreateEncryptor(newKey, new byte[16]))
+                {
+                    return MAX.Utils.Transform(encryptor, plainText);
+                }
+            }
+        }
+
+        public static async Task<MAX.LoginCredentials> SyncUserAndVendorWithDb(MAXContext context,
+            DataEncryptionOptions dataEncryptionOptions, User user, string password, int vendorId,
+            string serialNumber)
+        {
+            var warehouse = user.Account.Warehouse;
+            var existingWarehouse = await context.Warehouses.FindAsync(warehouse.Id).ConfigureAwait(false);
+            if (existingWarehouse == null)
+            {
+                context.Warehouses.Add(warehouse);
+            }
+            else
+            {
+                existingWarehouse.Name = warehouse.Name;
+                warehouse = existingWarehouse;
+            }
+
+            var account = user.Account;
+            var existingAccount = await context.Accounts.FindAsync(account.Id).ConfigureAwait(false);
+            if (existingAccount == null)
+            {
+                context.Accounts.Add(account);
+            }
+            else
+            {
+                existingAccount.Name = account.Name;
+                existingAccount.Status = account.Status;
+                existingAccount.Reference = account.Reference;
+                existingAccount.Balance = account.Balance;
+
+                account = existingAccount;
+            }
+            account.Warehouse = warehouse;
+
+            var existingUser = await context.Users.FindAsync(user.Id).ConfigureAwait(false);
+            if (existingUser == null)
+            {
+                context.Users.Add(user);
+            }
+            else
+            {
+                existingUser.Username = user.Username;
+                existingUser.FirstName = user.FirstName;
+                existingUser.Surname = user.Surname;
+                existingUser.Enabled = user.Enabled;
+                existingUser.Level = user.Level;
+                existingUser.System = user.System;
+                existingUser.LastLogin = user.LastLogin;
+
+                existingUser.CanPrintOffline = user.CanPrintOffline;
+                existingUser.CanPrintOnline = user.CanPrintOnline;
+                existingUser.CanReprintOffline = user.CanReprintOffline;
+                existingUser.CanReprintOnline = user.CanReprintOnline;
+                existingUser.OfflinePrintValue = user.OfflinePrintValue;
+                existingUser.OfflineReprintValue = user.OfflineReprintValue;
+                existingUser.OnlinePrintValue = user.OnlinePrintValue;
+                existingUser.OnlineReprintValue = user.OnlineReprintValue;
+
+                user = existingUser;
+            }
+            user.Account = account;
+
+            var vendor = await context.Vendors.FindAsync(vendorId).ConfigureAwait(false);
+            if (vendor == null)
+            {
+                vendor = new Vendor()
+                {
+                    Id = vendorId,
+                    SerialNumber = serialNumber,
+                    Account = account,
+                    EncryptedDatabasePassword =
+                        // A password length of 31 bytes results keeps us inside 2 AES blocks (32 bytes)
+                        // as padding is a minimum of 1 byte.
+                        GenerateAndAesEncryptPassword(31, dataEncryptionOptions.DefaultKey),
+                    EncryptedVoucherKey =
+                        GenerateAndAesEncryptKey(24, dataEncryptionOptions.DefaultKey)
+                };
+                context.Add(vendor);
+            }
+            else
+            {
+                vendor.SerialNumber = serialNumber;
+                vendor.Account = account;
+            }
+
+            await context.SaveChangesAsync().ConfigureAwait(false);
+
+            return new MAX.LoginCredentials
+            {
+                User = user,
+                Vendor = vendor,
+                Password = password
+            };
+        }
+
+        public static async Task<MAX.LoginCredentials> GetLoginCredentialsFromRequest(
+            HttpContext httpContext, MAXContext dbContext)
+        {
+            var authInfo = await httpContext.Authentication.GetAuthenticateInfoAsync("Bearer");
+            if (authInfo == null)
+            {
+                throw new Exception("Not authenticated");
+            }
+
+            int userId = -1;
+            int vendorId = -1;
+            string password = null;
+            foreach (var claim in authInfo.Principal.Claims)
+            {
+                switch (claim.Type)
+                {
+                    case ClaimTypes.NameIdentifier:
+                        userId = int.Parse(claim.Value);
+                        break;
+                    case "xvid":
+                        vendorId = int.Parse(claim.Value);
+                        break;
+                    case "xpwd":
+                        password = claim.Value;
+                        break;
+                }
+            }
+
+            var credentials = new MAX.LoginCredentials()
+            {
+                User = await dbContext.Users
+                    .Include(u => u.Account)
+                    .ThenInclude(a => a.Warehouse)
+                    .SingleOrDefaultAsync(u => u.Id == userId)
+                    .ConfigureAwait(false),
+                Vendor = await dbContext.Vendors
+                    .Include(v => v.Account) // Technically not necessary as the account is loaded above
+                    .SingleOrDefaultAsync(v => v.Id == vendorId)
+                    .ConfigureAwait(false),
+                Password = password
+            };
+
+            if ((credentials.User == null) || (credentials.Vendor == null))
+            {
+                throw new Exception(String.Format(
+                    "Missing user or vendor information for userId={0} vendorId={1}",
+                    userId, vendorId));
+            }
+
+            return credentials;
+        }
+
+        public static async Task<ProductCatalogue> GetProductCatalogueAsync(
+            MAX.ClientFactory clientFactory, ILogger logger, IMemoryCache cache,
+            MAX.LoginCredentials credentials)
+        {
+            return await cache.GetOrCreateAsync(
+                CacheKeys.GetAccountProductsKey(credentials.User.AccountId),
+                entry =>
+                {
+                    // TODO: set expiry time, etc.
+                    return MAX.Utils.GetProductCatalogueAsync(clientFactory, logger, credentials);
+                }).ConfigureAwait(false);
+        }
+
+        [Conditional("DEBUG")]
+        private static void VoucherSanityCheck(Batch batch, decimal faceValue, int batchId,
+            string productDescription)
+        {
+            if (batch.FaceValue != faceValue)
+            {
+                throw new Exception("Voucher face value mismatch");
+            }
+            if (batch.Id != batchId)
+            {
+                throw new Exception("Voucher batch ID mismatch");
+            }
+            if (batch.ProductDescription != productDescription)
+            {
+                throw new Exception("Voucher product description mismatch");
+            }
+        }
+
+        public static async Task DownloadVouchersAsync(MAXContext context, Batch batch)
+        {
+            var remoteFileName = string.Format("{0}_{1}.dat", batch.Account.Id, batch.Id);
+            using (var voucherStream = new MemoryStream())
+            {
+                using (var ftp = new FtpClient(new FtpClientConfiguration()
+                {
+                    Host = "41.223.25.5",
+                    Username = "anonymous",
+                    Password = "andrew@"
+                }))
+                {
+                    await ftp.LoginAsync().ConfigureAwait(false);
+                    using (var downloadStream = await ftp.OpenFileReadStreamAsync(remoteFileName)
+                        .ConfigureAwait(false))
+                    {
+                        await downloadStream.CopyToAsync(voucherStream).ConfigureAwait(false);
+                    }
+                }
+
+                voucherStream.Position = 0;
+                using (var streamReader = new StreamReader(voucherStream))
+                {
+                    while (streamReader.Peek() >= 0)
+                    {
+                        var line = streamReader.ReadLine();
+                        var parts = line.Split('|');
+
+                        VoucherSanityCheck(batch, decimal.Parse(parts[4]), int.Parse(parts[5]),
+                            parts[7]);
+
+                        context.Add(new Voucher()
+                        {
+                            Id = int.Parse(parts[0]),
+                            ExpiryDate = DateTime.Parse(parts[1]),
+                            Serial = parts[2],
+                            EncryptedPIN = parts[3],
+                            SequenceNumber = int.Parse(parts[6]),
+                            Batch = batch
+                        });
+                    }
+                }
+            }
+
+            batch.ReadyForDownload = true;
+            await context.SaveChangesAsync().ConfigureAwait(false);
+        }
+    }
+}

BulkPrintingAPI/Controllers/ValuesController.cs

@@ -1,42 +0,0 @@
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc;
-using System.Collections.Generic;
-
-namespace BulkPrintingAPI.Controllers
-{
-    [Route("api/[controller]")]
-    public class ValuesController : Controller
-    {
-        // GET api/values
-        [HttpGet]
-        public IEnumerable<string> Get()
-        {
-            return new string[] { "value1", "value2" };
-        }
-
-        // GET api/values/5
-        [HttpGet("{id}")]
-        public string Get(int id)
-        {
-            return "value";
-        }
-
-        // POST api/values
-        [HttpPost]
-        public void Post([FromBody]string value)
-        {
-        }
-
-        // PUT api/values/5
-        [HttpPut("{id}")]
-        public void Put(int id, [FromBody]string value)
-        {
-        }
-
-        // DELETE api/values/5
-        [HttpDelete("{id}")]
-        public void Delete(int id)
-        {
-        }
-    }
-}

BulkPrintingAPI/Controllers/VouchersController.cs

@@ -0,0 +1,68 @@
+using BulkPrintingAPI.Configuration;
+using MAX.Models;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.Logging;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Controllers
+{
+    [Produces("application/json")]
+    [Route("api/v1/batches/{batchId}/[controller]")]
+    public class VouchersController : Controller
+    {
+        private readonly ILogger _logger;
+        private readonly DataEncryptionOptions _dataEncryptionOptions;
+        private readonly MAXContext _context;
+
+        public VouchersController(ILoggerFactory loggerFactory,
+            DataEncryptionOptions dataEncryptionOptions, MAXContext context)
+        {
+            _logger = loggerFactory.CreateLogger(GetType().FullName);
+            _dataEncryptionOptions = dataEncryptionOptions;
+            _context = context;
+        }
+
+        [HttpGet]
+        public async Task<IActionResult> GetVouchers([FromRoute] int batchId)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            return Ok(VouchersForBatchAndVendor(batchId, credentials.Vendor.Id)
+                .OrderBy(v => new { v.BatchId, v.SequenceNumber }));
+        }
+
+        [HttpGet("{sequenceNumber}")]
+        public async Task<IActionResult> GetVoucher([FromRoute] int batchId, [FromRoute] int sequenceNumber)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var credentials = await Utils.GetLoginCredentialsFromRequest(HttpContext, _context);
+            var voucher = await VouchersForBatchAndVendor(batchId, credentials.Vendor.Id)
+                .SingleOrDefaultAsync(v => (v.BatchId == batchId) && (v.SequenceNumber == sequenceNumber));
+
+            if (voucher == null)
+            {
+                return NotFound();
+            }
+
+            return Ok(voucher);
+        }
+
+
+        private IQueryable<Voucher> VouchersForBatchAndVendor(int batchId, int vendorId)
+        {
+            return _context.Vouchers
+                .Include(v => v.Batch)
+                .Where(v => (v.BatchId == batchId) && (v.Batch.VendorId == vendorId));
+        }
+    }
+}

BulkPrintingAPI/Db/DbHelpers.cs

@@ -1,84 +0,0 @@
-using MAX.Models;
-using System.Threading.Tasks;
-
-namespace BulkPrintingAPI.Db
-{
-    public static class DbHelpers
-    {
-        public static async Task SyncUserAndVendorWithDb(MAXDbContext dbContext,
-            User user, int vendorId, string serialNumber)
-        {
-            var warehouse = user.Account.Warehouse;
-            var existingWarehouse = await dbContext.Warehouses.FindAsync(warehouse.Id).ConfigureAwait(false);
-            if (existingWarehouse == null)
-            {
-                dbContext.Warehouses.Add(warehouse);
-            }
-            else
-            {
-                existingWarehouse.Name = warehouse.Name;
-                warehouse = existingWarehouse;
-            }
-
-            var account = user.Account;
-            var existingAccount = await dbContext.Accounts.FindAsync(account.Id).ConfigureAwait(false);
-            if (existingAccount ==  null)
-            {
-                dbContext.Accounts.Add(account);
-            }
-            else
-            {
-                existingAccount.Name = account.Name;
-                existingAccount.Status = account.Status;
-                existingAccount.Reference = account.Reference;
-                existingAccount.Balance = account.Balance;
-                account = existingAccount;
-            }
-            account.Warehouse = warehouse;
-
-            var existingUser = await dbContext.Users.FindAsync(user.Id).ConfigureAwait(false);
-            if (existingUser == null)
-            {
-                dbContext.Users.Add(user);
-            }
-            else
-            {
-                existingUser.Username = user.Username;
-                existingUser.FirstName = user.FirstName;
-                existingUser.Surname = user.Surname;
-                existingUser.Enabled = user.Enabled;
-                existingUser.Level = user.Level;
-                existingUser.System = user.System;
-                existingUser.LastLogin = user.LastLogin;
-
-                existingUser.CanPrintOffline = user.CanPrintOffline;
-                existingUser.CanPrintOnline = user.CanPrintOnline;
-                existingUser.CanReprintOffline = user.CanReprintOffline;
-                existingUser.CanReprintOnline = user.CanReprintOnline;
-                existingUser.OfflinePrintValue = user.OfflinePrintValue;
-                existingUser.OfflineReprintValue = user.OfflineReprintValue;
-                existingUser.OnlinePrintValue = user.OnlinePrintValue;
-                existingUser.OnlineReprintValue = user.OnlineReprintValue;
-            }
-            user.Account = account;
-
-            var vendor = await dbContext.Vendors.FindAsync(vendorId).ConfigureAwait(false);
-            if (vendor == null)
-            {
-                dbContext.Add(new Vendor()
-                {
-                    Id = vendorId,
-                    SerialNumber = serialNumber,
-                    Account = account
-                });
-            }
-            else
-            {
-                vendor.SerialNumber = serialNumber;
-                vendor.Account = account;
-            }
-
-            await dbContext.SaveChangesAsync().ConfigureAwait(false);
-        }
-    }
-}

BulkPrintingAPI/Migrations/20170701135738_InitialCreate.Designer.cs

@@ -7,8 +7,8 @@ using MAX.Models;
 
 namespace BulkPrintingAPI.Migrations
 {
-    [DbContext(typeof(MAXDbContext))]
-    [Migration("20170701135738_InitialCreate")]
+    [DbContext(typeof(MAXContext))]
+    [Migration("20170705113945_InitialCreate")]
     partial class InitialCreate
     {
         protected override void BuildTargetModel(ModelBuilder modelBuilder)
@@ -24,9 +24,11 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<decimal>("Balance");
 
                     b.Property<string>("Name")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<string>("Reference")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<int>("Status");
@@ -40,6 +42,57 @@ namespace BulkPrintingAPI.Migrations
                     b.ToTable("Accounts");
                 });
 
+            modelBuilder.Entity("MAX.Models.Batch", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<decimal>("Cost");
+
+                    b.Property<int>("DeliveredQuantity");
+
+                    b.Property<decimal>("DiscountPercentage");
+
+                    b.Property<decimal>("FaceValue");
+
+                    b.Property<int>("NetworkId");
+
+                    b.Property<string>("NetworkName")
+                        .IsRequired()
+                        .HasMaxLength(20);
+
+                    b.Property<DateTime>("OrderDate");
+
+                    b.Property<string>("OrderReference")
+                        .IsRequired()
+                        .HasMaxLength(20);
+
+                    b.Property<int>("OrderedById");
+
+                    b.Property<string>("ProductDescription")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.Property<int>("ProductId");
+
+                    b.Property<bool>("ReadyForDownload");
+
+                    b.Property<int>("RequestedQuantity");
+
+                    b.Property<int>("VendorId");
+
+                    b.Property<int>("VoucherType");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.HasIndex("ReadyForDownload", "OrderDate");
+
+                    b.ToTable("Batches");
+                });
+
             modelBuilder.Entity("MAX.Models.User", b =>
                 {
                     b.Property<int>("Id");
@@ -57,6 +110,7 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<bool>("Enabled");
 
                     b.Property<string>("FirstName")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<DateTime>("LastLogin");
@@ -72,11 +126,13 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<decimal>("OnlineReprintValue");
 
                     b.Property<string>("Surname")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<int>("System");
 
                     b.Property<string>("Username")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -92,7 +148,16 @@ namespace BulkPrintingAPI.Migrations
 
                     b.Property<int>("AccountId");
 
+                    b.Property<byte[]>("EncryptedDatabasePassword")
+                        .IsRequired()
+                        .HasMaxLength(32);
+
+                    b.Property<byte[]>("EncryptedVoucherKey")
+                        .IsRequired()
+                        .HasMaxLength(32);
+
                     b.Property<string>("SerialNumber")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -102,11 +167,39 @@ namespace BulkPrintingAPI.Migrations
                     b.ToTable("Vendors");
                 });
 
+            modelBuilder.Entity("MAX.Models.Voucher", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("BatchId");
+
+                    b.Property<string>("EncryptedPIN")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.Property<DateTime>("ExpiryDate")
+                        .HasColumnType("Date");
+
+                    b.Property<int>("SequenceNumber");
+
+                    b.Property<string>("Serial")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("BatchId", "SequenceNumber")
+                        .IsUnique();
+
+                    b.ToTable("Vouchers");
+                });
+
             modelBuilder.Entity("MAX.Models.Warehouse", b =>
                 {
                     b.Property<int>("Id");
 
                     b.Property<string>("Name")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -122,6 +215,14 @@ namespace BulkPrintingAPI.Migrations
                         .OnDelete(DeleteBehavior.Cascade);
                 });
 
+            modelBuilder.Entity("MAX.Models.Batch", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany()
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
             modelBuilder.Entity("MAX.Models.User", b =>
                 {
                     b.HasOne("MAX.Models.Account", "Account")
@@ -137,6 +238,14 @@ namespace BulkPrintingAPI.Migrations
                         .HasForeignKey("AccountId")
                         .OnDelete(DeleteBehavior.Cascade);
                 });
+
+            modelBuilder.Entity("MAX.Models.Voucher", b =>
+                {
+                    b.HasOne("MAX.Models.Batch", "Batch")
+                        .WithMany("Vouchers")
+                        .HasForeignKey("BatchId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
         }
     }
 }

BulkPrintingAPI/Migrations/20170701135738_InitialCreate.cs

@@ -13,7 +13,7 @@ namespace BulkPrintingAPI.Migrations
                 columns: table => new
                 {
                     Id = table.Column<int>(nullable: false),
-                    Name = table.Column<string>(maxLength: 50, nullable: true)
+                    Name = table.Column<string>(maxLength: 50, nullable: false)
                 },
                 constraints: table =>
                 {
@@ -26,8 +26,8 @@ namespace BulkPrintingAPI.Migrations
                 {
                     Id = table.Column<int>(nullable: false),
                     Balance = table.Column<decimal>(nullable: false),
-                    Name = table.Column<string>(maxLength: 50, nullable: true),
-                    Reference = table.Column<string>(maxLength: 50, nullable: true),
+                    Name = table.Column<string>(maxLength: 50, nullable: false),
+                    Reference = table.Column<string>(maxLength: 50, nullable: false),
                     Status = table.Column<int>(nullable: false),
                     WarehouseId = table.Column<int>(nullable: false)
                 },
@@ -43,6 +43,39 @@ namespace BulkPrintingAPI.Migrations
                 });
 
             migrationBuilder.CreateTable(
+                name: "Batches",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    AccountId = table.Column<int>(nullable: false),
+                    Cost = table.Column<decimal>(nullable: false),
+                    DeliveredQuantity = table.Column<int>(nullable: false),
+                    DiscountPercentage = table.Column<decimal>(nullable: false),
+                    FaceValue = table.Column<decimal>(nullable: false),
+                    NetworkId = table.Column<int>(nullable: false),
+                    NetworkName = table.Column<string>(maxLength: 20, nullable: false),
+                    OrderDate = table.Column<DateTime>(nullable: false),
+                    OrderReference = table.Column<string>(maxLength: 20, nullable: false),
+                    OrderedById = table.Column<int>(nullable: false),
+                    ProductDescription = table.Column<string>(maxLength: 50, nullable: false),
+                    ProductId = table.Column<int>(nullable: false),
+                    ReadyForDownload = table.Column<bool>(nullable: false),
+                    RequestedQuantity = table.Column<int>(nullable: false),
+                    VendorId = table.Column<int>(nullable: false),
+                    VoucherType = table.Column<int>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Batches", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Batches_Accounts_AccountId",
+                        column: x => x.AccountId,
+                        principalTable: "Accounts",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
                 name: "Users",
                 columns: table => new
                 {
@@ -53,16 +86,16 @@ namespace BulkPrintingAPI.Migrations
                     CanReprintOffline = table.Column<bool>(nullable: false),
                     CanReprintOnline = table.Column<bool>(nullable: false),
                     Enabled = table.Column<bool>(nullable: false),
-                    FirstName = table.Column<string>(maxLength: 50, nullable: true),
+                    FirstName = table.Column<string>(maxLength: 50, nullable: false),
                     LastLogin = table.Column<DateTime>(nullable: false),
                     Level = table.Column<int>(nullable: false),
                     OfflinePrintValue = table.Column<decimal>(nullable: false),
                     OfflineReprintValue = table.Column<decimal>(nullable: false),
                     OnlinePrintValue = table.Column<decimal>(nullable: false),
                     OnlineReprintValue = table.Column<decimal>(nullable: false),
-                    Surname = table.Column<string>(maxLength: 50, nullable: true),
+                    Surname = table.Column<string>(maxLength: 50, nullable: false),
                     System = table.Column<int>(nullable: false),
-                    Username = table.Column<string>(maxLength: 50, nullable: true)
+                    Username = table.Column<string>(maxLength: 50, nullable: false)
                 },
                 constraints: table =>
                 {
@@ -81,7 +114,9 @@ namespace BulkPrintingAPI.Migrations
                 {
                     Id = table.Column<int>(nullable: false),
                     AccountId = table.Column<int>(nullable: false),
-                    SerialNumber = table.Column<string>(maxLength: 50, nullable: true)
+                    EncryptedDatabasePassword = table.Column<byte[]>(maxLength: 32, nullable: false),
+                    EncryptedVoucherKey = table.Column<byte[]>(maxLength: 32, nullable: false),
+                    SerialNumber = table.Column<string>(maxLength: 50, nullable: false)
                 },
                 constraints: table =>
                 {
@@ -94,12 +129,44 @@ namespace BulkPrintingAPI.Migrations
                         onDelete: ReferentialAction.Cascade);
                 });
 
+            migrationBuilder.CreateTable(
+                name: "Vouchers",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    BatchId = table.Column<int>(nullable: false),
+                    EncryptedPIN = table.Column<string>(maxLength: 50, nullable: false),
+                    ExpiryDate = table.Column<DateTime>(type: "Date", nullable: false),
+                    SequenceNumber = table.Column<int>(nullable: false),
+                    Serial = table.Column<string>(maxLength: 50, nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Vouchers", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Vouchers_Batches_BatchId",
+                        column: x => x.BatchId,
+                        principalTable: "Batches",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
             migrationBuilder.CreateIndex(
                 name: "IX_Accounts_WarehouseId",
                 table: "Accounts",
                 column: "WarehouseId");
 
             migrationBuilder.CreateIndex(
+                name: "IX_Batches_AccountId",
+                table: "Batches",
+                column: "AccountId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Batches_ReadyForDownload_OrderDate",
+                table: "Batches",
+                columns: new[] { "ReadyForDownload", "OrderDate" });
+
+            migrationBuilder.CreateIndex(
                 name: "IX_Users_AccountId",
                 table: "Users",
                 column: "AccountId");
@@ -108,6 +175,12 @@ namespace BulkPrintingAPI.Migrations
                 name: "IX_Vendors_AccountId",
                 table: "Vendors",
                 column: "AccountId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Vouchers_BatchId_SequenceNumber",
+                table: "Vouchers",
+                columns: new[] { "BatchId", "SequenceNumber" },
+                unique: true);
         }
 
         protected override void Down(MigrationBuilder migrationBuilder)
@@ -119,6 +192,12 @@ namespace BulkPrintingAPI.Migrations
                 name: "Vendors");
 
             migrationBuilder.DropTable(
+                name: "Vouchers");
+
+            migrationBuilder.DropTable(
+                name: "Batches");
+
+            migrationBuilder.DropTable(
                 name: "Accounts");
 
             migrationBuilder.DropTable(

BulkPrintingAPI/Migrations/MAXDbContextModelSnapshot.cs

@@ -7,8 +7,8 @@ using MAX.Models;
 
 namespace BulkPrintingAPI.Migrations
 {
-    [DbContext(typeof(MAXDbContext))]
-    partial class MAXDbContextModelSnapshot : ModelSnapshot
+    [DbContext(typeof(MAXContext))]
+    partial class MAXContextModelSnapshot : ModelSnapshot
     {
         protected override void BuildModel(ModelBuilder modelBuilder)
         {
@@ -23,9 +23,11 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<decimal>("Balance");
 
                     b.Property<string>("Name")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<string>("Reference")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<int>("Status");
@@ -39,6 +41,57 @@ namespace BulkPrintingAPI.Migrations
                     b.ToTable("Accounts");
                 });
 
+            modelBuilder.Entity("MAX.Models.Batch", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<decimal>("Cost");
+
+                    b.Property<int>("DeliveredQuantity");
+
+                    b.Property<decimal>("DiscountPercentage");
+
+                    b.Property<decimal>("FaceValue");
+
+                    b.Property<int>("NetworkId");
+
+                    b.Property<string>("NetworkName")
+                        .IsRequired()
+                        .HasMaxLength(20);
+
+                    b.Property<DateTime>("OrderDate");
+
+                    b.Property<string>("OrderReference")
+                        .IsRequired()
+                        .HasMaxLength(20);
+
+                    b.Property<int>("OrderedById");
+
+                    b.Property<string>("ProductDescription")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.Property<int>("ProductId");
+
+                    b.Property<bool>("ReadyForDownload");
+
+                    b.Property<int>("RequestedQuantity");
+
+                    b.Property<int>("VendorId");
+
+                    b.Property<int>("VoucherType");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.HasIndex("ReadyForDownload", "OrderDate");
+
+                    b.ToTable("Batches");
+                });
+
             modelBuilder.Entity("MAX.Models.User", b =>
                 {
                     b.Property<int>("Id");
@@ -56,6 +109,7 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<bool>("Enabled");
 
                     b.Property<string>("FirstName")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<DateTime>("LastLogin");
@@ -71,11 +125,13 @@ namespace BulkPrintingAPI.Migrations
                     b.Property<decimal>("OnlineReprintValue");
 
                     b.Property<string>("Surname")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.Property<int>("System");
 
                     b.Property<string>("Username")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -91,7 +147,16 @@ namespace BulkPrintingAPI.Migrations
 
                     b.Property<int>("AccountId");
 
+                    b.Property<byte[]>("EncryptedDatabasePassword")
+                        .IsRequired()
+                        .HasMaxLength(32);
+
+                    b.Property<byte[]>("EncryptedVoucherKey")
+                        .IsRequired()
+                        .HasMaxLength(32);
+
                     b.Property<string>("SerialNumber")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -101,11 +166,39 @@ namespace BulkPrintingAPI.Migrations
                     b.ToTable("Vendors");
                 });
 
+            modelBuilder.Entity("MAX.Models.Voucher", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("BatchId");
+
+                    b.Property<string>("EncryptedPIN")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.Property<DateTime>("ExpiryDate")
+                        .HasColumnType("Date");
+
+                    b.Property<int>("SequenceNumber");
+
+                    b.Property<string>("Serial")
+                        .IsRequired()
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("BatchId", "SequenceNumber")
+                        .IsUnique();
+
+                    b.ToTable("Vouchers");
+                });
+
             modelBuilder.Entity("MAX.Models.Warehouse", b =>
                 {
                     b.Property<int>("Id");
 
                     b.Property<string>("Name")
+                        .IsRequired()
                         .HasMaxLength(50);
 
                     b.HasKey("Id");
@@ -121,6 +214,14 @@ namespace BulkPrintingAPI.Migrations
                         .OnDelete(DeleteBehavior.Cascade);
                 });
 
+            modelBuilder.Entity("MAX.Models.Batch", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany()
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
             modelBuilder.Entity("MAX.Models.User", b =>
                 {
                     b.HasOne("MAX.Models.Account", "Account")
@@ -136,6 +237,14 @@ namespace BulkPrintingAPI.Migrations
                         .HasForeignKey("AccountId")
                         .OnDelete(DeleteBehavior.Cascade);
                 });
+
+            modelBuilder.Entity("MAX.Models.Voucher", b =>
+                {
+                    b.HasOne("MAX.Models.Batch", "Batch")
+                        .WithMany("Vouchers")
+                        .HasForeignKey("BatchId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
         }
     }
 }

BulkPrintingAPI/Properties/launchSettings.json

@@ -1,4 +1,4 @@
-{
+{
   "iisSettings": {
     "windowsAuthentication": false,
     "anonymousAuthentication": true,
@@ -11,7 +11,7 @@
     "IIS Express": {
       "commandName": "IISExpress",
       "launchBrowser": true,
-      "launchUrl": "api/values",
+      "launchUrl": "api/products",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }
@@ -26,4 +26,4 @@
       "applicationUrl": "http://localhost:50070"
     }
   }
-}
+}

BulkPrintingAPI/Startup.cs

@@ -28,10 +28,9 @@ namespace BulkPrintingAPI
 
         public IConfigurationRoot Configuration { get; }
 
-        // This method gets called by the runtime. Use this method to add services to the container.
         public void ConfigureServices(IServiceCollection services)
         {
-            // Add framework services.
+            services.AddMemoryCache();
             services.AddMvc(config =>
             {
                 var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
@@ -39,15 +38,16 @@ namespace BulkPrintingAPI
             });
             services.AddSingleton(new TokenAuthenticationOptions(
                 Configuration.GetSection("TokenAuthentication")));
-            services.AddSingleton(new Services.MAXClientFactory(
+            services.AddSingleton(new DataEncryptionOptions(
+                Configuration.GetSection("DataEncryption")));
+            services.AddSingleton(new MAX.ClientFactory(
                 Configuration.GetSection("MAX")));
-            services.AddDbContext<MAX.Models.MAXDbContext>(
+            services.AddDbContext<MAX.Models.MAXContext>(
                 options => options.UseSqlServer(
                     Configuration["Database:ConnectionString"],
                     b => b.MigrationsAssembly("BulkPrintingAPI")));
         }
 
-        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         public void Configure(IApplicationBuilder app, IHostingEnvironment env,
             ILoggerFactory loggerFactory, TokenAuthenticationOptions tokenAuthenticationOptions)
         {

MAXClient/Client.cs

@@ -2,7 +2,6 @@
 using MAX.Models;
 using Microsoft.Extensions.Logging;
 using System;
-using System.IO;
 using System.Net.Sockets;
 using System.Security.Cryptography;
 using System.Text;
@@ -14,37 +13,43 @@ namespace MAX
 {
     public class Client : IDisposable
     {
-        private ILogger logger;
-        private string host;
-        private int port;
-        private int vendorId;
-        private string serialNumber;
-        private int userId;
-        private string username;
-        private string password;
+        private ILogger _logger;
+        private string _host;
+        private int _port;
+        private int _vendorId;
+        private string _serialNumber;
+        private int _userId;
+        private string _username;
+        private string _password;
 
-        private TcpClient connection = null;
-        private NetworkStream connectionStream = null;
-        private TripleDES des = null;
+        private TcpClient _connection = null;
+        private NetworkStream _connectionStream = null;
+        private TripleDES _des = null;
 
-        private bool disposed = false;
+        private bool _disposed = false;
 
         public Client(ILogger logger, string host, int port, int vendorId, string serialNumber, int userId, string username, string password)
         {
-            this.logger = logger;
-            this.host = host;
-            this.port = port;
-            this.vendorId = vendorId;
-            this.serialNumber = serialNumber;
-            this.userId = userId;
-            this.username = username;
-            this.password = password;
+            _logger = logger;
+            _host = host;
+            _port = port;
+            _vendorId = vendorId;
+            _serialNumber = serialNumber;
+            _userId = userId;
+            _username = username;
+            _password = password;
 
             ConnectTimeout = 10000;
             ReceiveTimeout = 10000;
             SendTimeout = 10000;
         }
 
+        public Client(ILogger logger, string host, int port, LoginCredentials credentials)
+            : this(logger, host, port, credentials.Vendor.Id, credentials.Vendor.SerialNumber,
+                  credentials.User.Id, credentials.User.Username, credentials.Password)
+        {
+        }
+
         public void Close()
         {
             Dispose(true);
@@ -52,39 +57,39 @@ namespace MAX
 
         public async Task<User> ConnectAsync()
         {
-            if (connection != null)
+            if (_connection != null)
                 throw new Exception("Already connected");
 
-            connection = new TcpClient(AddressFamily.InterNetwork);
-            connection.ReceiveTimeout = ReceiveTimeout;
-            connection.SendTimeout = SendTimeout;
+            _connection = new TcpClient(AddressFamily.InterNetwork);
+            _connection.ReceiveTimeout = ReceiveTimeout;
+            _connection.SendTimeout = SendTimeout;
 
             // Connect to the server
             try
             {
                 using (var cancellationSource = new CancellationTokenSource(ConnectTimeout))
                 {
-                    await connection.ConnectAsync(host, port).WithCancellation(cancellationSource.Token).ConfigureAwait(false);
+                    await _connection.ConnectAsync(_host, _port).WithCancellation(cancellationSource.Token).ConfigureAwait(false);
                 }
             }
             catch (OperationCanceledException)
             {
                 throw new Exception("Connect timeout");
             }
-            connectionStream = connection.GetStream();
+            _connectionStream = _connection.GetStream();
 
             // Device authentication
             await WriteMessageAsync(new MessageBuilder()
                 .Append("Hi ")
-                .Append(serialNumber)
+                .Append(_serialNumber)
                 .Append("|V")
-                .Append(vendorId)
+                .Append(_vendorId)
                 .Append("|123451234512345||||||")).ConfigureAwait(false);
 
             var response = await ReadMessageAsync().ConfigureAwait(false);
             if (!response.StartsWith("Hi "))
             {
-                logger.LogError("Device authentication failed: {0}", response);
+                _logger.LogError("Device authentication failed: {0}", response);
                 return null;
             }
 
@@ -93,11 +98,11 @@ namespace MAX
             response = await ReadMessageAsync().ConfigureAwait(false);
 
             // Key exchange
-            des = TripleDES.Create();
-            des.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0 };
+            _des = TripleDES.Create();
+            _des.IV = new byte[8];
             await WriteMessageAsync(new MessageBuilder()
                 .Append("3D ")
-                .Append(EncryptRSA(response, BitConverter.ToString(des.Key).Replace("-", "")))).ConfigureAwait(false);
+                .Append(EncryptRSA(response, BitConverter.ToString(_des.Key).Replace("-", "")))).ConfigureAwait(false);
 
             response = await ReadMessageAsync().ConfigureAwait(false);
             if (!response.StartsWith("OK"))
@@ -109,11 +114,11 @@ namespace MAX
             await WriteMessageAsync(new MessageBuilder()
                 .Append("User ")
                 .Append(Encrypt(new StringBuilder()
-                    .Append(userId)
+                    .Append(_userId)
                     .Append("|")
-                    .Append(username)
+                    .Append(_username)
                     .Append("|")
-                    .Append(password).ToString()))).ConfigureAwait(false);
+                    .Append(_password).ToString()))).ConfigureAwait(false);
 
             response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
             if (response.StartsWith("OK"))
@@ -121,8 +126,8 @@ namespace MAX
                 var parts = response.Split('|');
                 var user = new User()
                 {
-                    Id = userId,
-                    Username = username,
+                    Id = _userId,
+                    Username = _username,
                     FirstName = parts[4],
                     Surname = parts[3],
                     Enabled = bool.Parse(parts[6]),
@@ -143,40 +148,11 @@ namespace MAX
                     user.OnlineReprintValue = decimal.Parse(parts[14]);
                 }
 
-                // Account information
-                await WriteMessageAsync(new MessageBuilder().Append("Acc")).ConfigureAwait(false);
-                response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
-                if (response.StartsWith("OK"))
-                {
-                    parts = response.Split('|');
-                    user.Account = new Account()
-                    {
-                        Id = int.Parse(parts[1]),
-                        Name = parts[2],
-                        Balance = decimal.Parse(parts[3]),
-                        Status = (Account.AccountStatus)int.Parse(parts[4]),
-                        Reference = parts[5],
-                        Warehouse = new Warehouse()
-                        {
-                            Id = int.Parse(parts[6]),
-                            Name = parts[7]
-                        }
-                    };
-                    return user;
-                }
-                else if (response.StartsWith("ER"))
-                {
-                    logger.LogError("Error retrieving account information: {0}", response);
-                    return null;
-                }
-                else
-                {
-                    throw new Exception(String.Format("Invalid account information response: {0}", response));
-                }
+                return user;
             }
             else if (response.StartsWith("ER"))
             {
-                logger.LogInformation("User authentication failed: {0}", response);
+                _logger.LogInformation("User authentication failed: {0}", response);
                 return null;
             }
             else
@@ -189,28 +165,28 @@ namespace MAX
 
         protected virtual void Dispose(bool disposing)
         {
-            if (disposed)
+            if (_disposed)
                 return;
 
-            disposed = true;
+            _disposed = true;
 
             // No unmanaged resources are disposed so we don't need the full finalisation pattern.
             if (disposing)
             {
-                if (des != null)
+                if (_des != null)
                 {
-                    des.Dispose();
-                    des = null;
+                    _des.Dispose();
+                    _des = null;
                 }
-                if (connectionStream != null)
+                if (_connectionStream != null)
                 {
-                    connectionStream.Dispose();
-                    connectionStream = null;
+                    _connectionStream.Dispose();
+                    _connectionStream = null;
                 }
-                if (connection != null)
+                if (_connection != null)
                 {
-                    connection.Dispose();
-                    connection = null;
+                    _connection.Dispose();
+                    _connection = null;
                 }
             }
         }
@@ -222,18 +198,12 @@ namespace MAX
 
         private string Decrypt(string cipherText)
         {
-            using (var decryptor = des.CreateDecryptor(des.Key, des.IV))
-            {
-                return Encoding.UTF8.GetString(Transform(decryptor, Convert.FromBase64String(cipherText)));
-            }
+            return Utils.TripleDESDecrypt(cipherText, _des);
         }
 
         private string Encrypt(string plainText)
         {
-            using (var encryptor = des.CreateEncryptor(des.Key, des.IV))
-            {
-                return Convert.ToBase64String(Transform(encryptor, Encoding.UTF8.GetBytes(plainText)));
-            }
+            return Utils.TripleDESEncrypt(plainText, _des);
         }
 
         private string EncryptRSA(string publicKey, string plainText)
@@ -283,13 +253,153 @@ namespace MAX
             }
         }
 
+        public async Task<Account> GetAccountAsync()
+        {
+            await WriteMessageAsync(new MessageBuilder().Append("Acc")).ConfigureAwait(false);
+            var response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+            if (response.StartsWith("OK"))
+            {
+                var parts = response.Split('|');
+                return new Account()
+                {
+                    Id = int.Parse(parts[1]),
+                    Name = parts[2],
+                    Balance = decimal.Parse(parts[3]),
+                    Status = (Account.AccountStatus)int.Parse(parts[4]),
+                    Reference = parts[5],
+                    Warehouse = new Warehouse()
+                    {
+                        Id = int.Parse(parts[6]),
+                        Name = parts[7]
+                    }
+                };
+            }
+            else
+            {
+                throw new Exception(String.Format("Invalid account information response: {0}", response));
+            }
+        }
+
+        public async Task<ProductCatalogue> GetProductCatalogueAsync(Account account)
+        {
+            var encryptedWarehouseName = Encrypt(account.Warehouse.Name);
+            await WriteMessageAsync(new MessageBuilder()
+                .Append("Pdt ")
+                .Append(encryptedWarehouseName)).ConfigureAwait(false);
+            var response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+            if (response.StartsWith("OK"))
+            {
+                var parts = response.Split('|');
+                var count = int.Parse(parts[1]);
+
+                var catalogue = new ProductCatalogue();
+            
+                var listCommand = new MessageBuilder().Append("List ")
+                    .Append(encryptedWarehouseName).GetBytes();
+                for (var i = 0; i < count; i++)
+                {
+                    await _connectionStream.WriteAsync(listCommand, 0, listCommand.Length).ConfigureAwait(false);
+                    response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+                    if (response.StartsWith("OK"))
+                    {
+                        parts = response.Split('|');
+                        int networkId = int.Parse(parts[4]);
+                        Network network;
+                        if (! catalogue.NetworkMap.TryGetValue(networkId, out network))
+                        {
+                            network = catalogue.AddNetwork(networkId, parts[5]);
+                        }
+
+                        catalogue.AddProduct(
+                            network: network,
+                            id: int.Parse(parts[1]),
+                            faceValue: decimal.Parse(parts[2]),
+                            description: parts[3],
+                            voucherType: (Batch.Vouchertype)int.Parse(parts[6]),
+                            discountPercentage: decimal.Parse(parts[7])
+                        );
+                    }
+                    else
+                    {
+                        throw new Exception(String.Format("Invalid product item response: {0}", response));
+                    }
+                }
+
+                return catalogue;
+            }
+            else
+            {
+                throw new Exception(String.Format("Invalid product catalogue response: {0}", response));
+            }
+        }
+
+        public async Task<OrderResponse> PlaceOrderAsync(int accountId, Product product, int quantity,
+            string customerReference, byte[] key)
+        {
+            if (key.Length != 24)
+            {
+                throw new ArgumentException("24 byte key expected", nameof(key));
+            }
+
+            await WriteMessageAsync(new MessageBuilder()
+                .Append("Order ")
+                .Append(Encrypt(new StringBuilder()
+                    .Append(product.Id)
+                    .Append("|")
+                    .Append(quantity)
+                    .Append("|")
+                    .Append(customerReference)
+                    .Append("|2|") // EncType: 0:None, 1:DES, 2:Triple DES
+                    .Append(BitConverter.ToString(key, 0, 8).Replace("-", ""))
+                    .Append("|")
+                    .Append(BitConverter.ToString(key, 8, 8).Replace("-", ""))
+                    .Append("|")
+                    .Append(BitConverter.ToString(key, 16, 8).Replace("-", ""))
+                    .ToString()))).ConfigureAwait(false);
+
+            var response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+
+            if (response.StartsWith("OK"))
+            {
+                var parts = response.Split('|');
+                return new OrderResponse()
+                {
+                    Batch = new Batch()
+                    {
+                        Id = int.Parse(parts[1]),
+                        OrderReference = parts[2],
+                        RequestedQuantity = int.Parse(parts[3]),
+                        DeliveredQuantity = int.Parse(parts[4]),
+                        Cost = decimal.Parse(parts[5]),
+                        AccountId = accountId,
+                        VendorId = _vendorId,
+                        ProductId = product.Id,
+                        ProductDescription = product.Description,
+                        VoucherType = product.VoucherType,
+                        FaceValue = product.FaceValue,
+                        DiscountPercentage = product.DiscountPercentage,
+                        NetworkId = product.Network.Id,
+                        NetworkName = product.Network.Name,
+                        OrderDate = DateTime.Now,
+                        OrderedById = _userId,
+                        ReadyForDownload = false
+                    },
+                    RemainingBalance = decimal.Parse(parts[6])
+                };
+            }
+            else
+            {
+                throw new Exception(string.Format("Invalid order response: {0}", response));
+            }
+        }
+
         private async Task<byte[]> ReadBytesAsync(int count)
         {
             int totalBytesRead = 0;
             byte[] buffer = new byte[count];
             while (totalBytesRead < count)
             {
-                int bytesRead = await connectionStream.ReadAsync(buffer, totalBytesRead, count - totalBytesRead).ConfigureAwait(false);
+                int bytesRead = await _connectionStream.ReadAsync(buffer, totalBytesRead, count - totalBytesRead).ConfigureAwait(false);
                 if (bytesRead == 0)
                     throw new Exception("Connection closed unexpectedly");
                 totalBytesRead += bytesRead;
@@ -301,6 +411,10 @@ namespace MAX
         {
             byte[] buffer = await ReadBytesAsync(2).ConfigureAwait(false);
             int size = buffer[0] * 256 + buffer[1];
+            if (size <= 0)
+            {
+                throw new Exception("Invalid message size");
+            }
             return Encoding.ASCII.GetString(await ReadBytesAsync(size).ConfigureAwait(false));
         }
 
@@ -308,21 +422,10 @@ namespace MAX
 
         public int SendTimeout { get; set; }
 
-        private byte[] Transform(ICryptoTransform transform, byte[] input)
-        {
-            using (var memoryStream = new MemoryStream())
-            using (var cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write))
-            {
-                cryptoStream.Write(input, 0, input.Length);
-                cryptoStream.FlushFinalBlock();
-                return memoryStream.ToArray();
-            }
-        }
-
         private async Task WriteMessageAsync(MessageBuilder message)
         {
             byte[] data = message.GetBytes();
-            await connectionStream.WriteAsync(data, 0, data.Length).ConfigureAwait(false);
+            await _connectionStream.WriteAsync(data, 0, data.Length).ConfigureAwait(false);
         }
     }
 }

BulkPrintingAPI/Services/MAXClientFactory.cs

@@ -1,19 +1,19 @@
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Logging;
 
-namespace BulkPrintingAPI.Services
+namespace MAX
 {
-    public class MAXClientFactory
+    public class ClientFactory
     {
-        public MAXClientFactory(IConfiguration configuration)
+        public ClientFactory(IConfiguration configuration)
         {
             configuration.Bind(this);
         }
 
-        public MAX.Client GetClient(ILogger logger, int vendorId, string serialNumber, int userId,
+        public Client GetClient(ILogger logger, int vendorId, string serialNumber, int userId,
             string username, string password)
         {
-            var client = new MAX.Client(logger, Host, Port, vendorId, serialNumber, userId,
+            var client = new Client(logger, Host, Port, vendorId, serialNumber, userId,
                 username, password);
             client.ConnectTimeout = ConnectTimeout;
             client.ReceiveTimeout = ReceiveTimeout;
@@ -21,8 +21,17 @@ namespace BulkPrintingAPI.Services
             return client;
         }
 
+        public Client GetClient(ILogger logger, LoginCredentials credentials)
+        {
+            var client = new Client(logger, Host, Port, credentials);
+            client.ConnectTimeout = ConnectTimeout;
+            client.ReceiveTimeout = ReceiveTimeout;
+            client.SendTimeout = SendTimeout;
+            return client;
+        }
+
         public string Host { get; set; }
-        
+
         public int Port { get; set; }
 
         public int ConnectTimeout { get; set; }
@@ -31,4 +40,4 @@ namespace BulkPrintingAPI.Services
 
         public int SendTimeout { get; set; }
     }
-}
+}

MAXClient/LoginCredentials.cs

@@ -0,0 +1,24 @@
+using MAX.Models;
+
+namespace MAX
+{
+    public class LoginCredentials
+    {
+        public User User { get; set; }
+
+        public Vendor Vendor { get; set; }
+
+        public string Password { get; set; }
+
+        public override string ToString()
+        {
+            return Format(User.Id, User.Username, Vendor.Id, Vendor.SerialNumber);
+        }
+
+        public static string Format(int userId, string username, int vendorId, string serialNumber)
+        {
+            return string.Format("userId={0} username={1} vendorId={2} serialNumber={3}",
+                userId, username, vendorId, serialNumber);
+        }
+    }
+}

MAXClient/MAXClient.csproj

@@ -5,7 +5,10 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="1.1.2" />
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="1.1.2" />
+    <PackageReference Include="System.Runtime.Serialization.Primitives" Version="4.3.0" />
     <PackageReference Include="System.Xml.XmlDocument" Version="4.3.0" />
   </ItemGroup>
 

MAXClient/MessageBuilder.cs

@@ -5,30 +5,30 @@ namespace MAX
 {
     public class MessageBuilder
     {
-        private StringBuilder builder;
+        private StringBuilder _builder;
 
         public MessageBuilder()
         {
-            builder = new StringBuilder(1024);
-            builder.Append("\0\0");
+            _builder = new StringBuilder(1024);
+            _builder.Append("\0\0");
         }
 
         public MessageBuilder Append<T>(T value)
         {
-            builder.Append(value);
+            _builder.Append(value);
             return this;
         }
 
         public byte[] GetBytes()
         {
-            int length = builder.Length - 2;
+            int length = _builder.Length - 2;
             if (length <= 0)
                 throw new Exception("Message is too short");
             else if (length > 65535)
                 throw new Exception("Message is too long");
-            builder[0] = (char)(length / 256);
-            builder[1] = (char)(length % 256);
-            return Encoding.ASCII.GetBytes(builder.ToString());
+            _builder[0] = (char)(length / 256);
+            _builder[1] = (char)(length % 256);
+            return Encoding.ASCII.GetBytes(_builder.ToString());
         }
     }
 }

MAXClient/Models/Network.cs

@@ -0,0 +1,13 @@
+using System.Collections.Generic;
+
+namespace MAX.Models
+{
+    public class Network
+    {
+        public int Id { get; set; }
+
+        public string Name { get; set; }
+
+        public List<Product> Products { get; set; } = new List<Product>();
+    }
+}

MAXClient/Models/OrderResponse.cs

@@ -0,0 +1,9 @@
+namespace MAX.Models
+{
+    public class OrderResponse
+    {
+        public Batch Batch { get; set; }
+
+        public decimal RemainingBalance { get; set; }
+    }
+}

MAXClient/Models/Product.cs

@@ -0,0 +1,20 @@
+using System.Runtime.Serialization;
+
+namespace MAX.Models
+{
+    public class Product
+    {
+        public int Id { get; set; }
+
+        public Batch.Vouchertype VoucherType { get; set; }
+
+        public string Description { get; set; }
+
+        public decimal FaceValue { get; set; }
+
+        public decimal DiscountPercentage { get; set; }
+
+        [IgnoreDataMember]
+        public Network Network { get; set; }
+    }
+}

MAXClient/Models/ProductCatalogue.cs

@@ -0,0 +1,42 @@
+using System.Collections.Generic;
+
+namespace MAX.Models
+{
+    public class ProductCatalogue
+    {
+        public Network AddNetwork(int id, string name)
+        {
+            var network = new Network()
+            {
+                Id = id,
+                Name = name
+            };
+            Networks.Add(network);
+            NetworkMap.Add(id, network);
+            return network;
+        }
+
+        public Product AddProduct(Network network, int id, decimal faceValue, string description,
+            Batch.Vouchertype voucherType, decimal discountPercentage)
+        {
+            var product = new Product()
+            {
+                Id = id,
+                Network = network,
+                FaceValue = faceValue,
+                Description = description,
+                VoucherType = voucherType,
+                DiscountPercentage = discountPercentage
+            };
+            network.Products.Add(product);
+            ProductMap.Add(id, product);
+            return product;
+        }
+
+        public List<Network> Networks { get; set; } = new List<Network>();
+
+        public Dictionary<int, Network> NetworkMap { get; set; } = new Dictionary<int, Network>();
+
+        public Dictionary<int, Product> ProductMap { get; set; } = new Dictionary<int, Product>();
+    }
+}

MAXClient/Utils.cs

@@ -0,0 +1,108 @@
+using MAX.Models;
+using Microsoft.Extensions.Logging;
+using System;
+using System.IO;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace MAX
+{
+    public static class Utils
+    {
+        public static byte[] Transform(ICryptoTransform transform, byte[] input)
+        {
+            using (var memoryStream = new MemoryStream())
+            using (var cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write))
+            {
+                cryptoStream.Write(input, 0, input.Length);
+                cryptoStream.FlushFinalBlock();
+                return memoryStream.ToArray();
+            }
+        }
+
+        public static string TripleDESDecrypt(string cipherText, TripleDES des)
+        {
+            using (var decryptor = des.CreateDecryptor(des.Key, des.IV))
+            {
+                return Encoding.UTF8.GetString(Utils.Transform(decryptor, Convert.FromBase64String(cipherText)));
+            }
+        }
+
+        public static string TripleDESDecrypt(string cipherText, byte[] key)
+        {
+            using (var des = TripleDES.Create())
+            {
+                des.Key = key;
+                des.IV = new byte[8];
+                return TripleDESDecrypt(cipherText, des);
+            }
+        }
+
+        public static string TripleDESEncrypt(string plainText, TripleDES des)
+        {
+            using (var encryptor = des.CreateEncryptor(des.Key, des.IV))
+            {
+                return Convert.ToBase64String(Utils.Transform(encryptor, Encoding.UTF8.GetBytes(plainText)));
+            }
+        }
+
+        public static string TripleDESEncrypt(string plainText, byte[] key)
+        {
+            using (var des = TripleDES.Create())
+            {
+                des.Key = key;
+                des.IV = new byte[8];
+                return TripleDESEncrypt(plainText, des);
+            }
+        }
+
+        public static async Task<User> AuthenticateUserAsync(ClientFactory clientFactory,
+            ILogger logger, int userId, string username, int vendorId, string serialNumber,
+            string password)
+        {
+            using (var client = clientFactory.GetClient(logger, vendorId, serialNumber,
+                userId, username, password))
+            {
+                var user = await client.ConnectAsync().ConfigureAwait(false);
+                if (user != null)
+                {
+                    user.Account = await client.GetAccountAsync().ConfigureAwait(false);
+                }
+                return user;
+            }
+        }
+
+        public static async Task<ProductCatalogue> GetProductCatalogueAsync(
+            ClientFactory clientFactory, ILogger logger, LoginCredentials credentials)
+        {
+            using (var client = clientFactory.GetClient(logger, credentials))
+            {
+                var user = await client.ConnectAsync().ConfigureAwait(false);
+                if (user == null)
+                {
+                    throw new Exception(string.Format("Invalid login credentials for {0}",
+                        credentials.ToString()));
+                }
+                return await client.GetProductCatalogueAsync(credentials.User.Account).ConfigureAwait(false);
+            }
+        }
+
+        public static async Task<OrderResponse> PlaceOrderAsync(
+            ClientFactory clientFactory, ILogger logger, LoginCredentials credentials,
+            Product product, int quantity, string customerReference, byte[] key)
+        {
+            using (var client = clientFactory.GetClient(logger, credentials))
+            {
+                var user = await client.ConnectAsync().ConfigureAwait(false);
+                if (user == null)
+                {
+                    throw new Exception(string.Format("Invalid login credentials for {0}",
+                        credentials.ToString()));
+                }
+                return await client.PlaceOrderAsync(credentials.User.AccountId,
+                    product, quantity, customerReference, key).ConfigureAwait(false);
+            }
+        }
+    }
+}

MAXData/MAXModels.csproj

@@ -6,6 +6,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="1.1.2" />
+    <PackageReference Include="System.Runtime.Serialization.Primitives" Version="4.3.0" />
   </ItemGroup>
 
 </Project>

MAXData/Models/Account.cs

@@ -17,21 +17,21 @@ namespace MAX.Models
         [DatabaseGenerated(DatabaseGeneratedOption.None)]
         public int Id { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string Name { get; set; }
 
         public AccountStatus Status { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string Reference { get; set; }
 
-        public decimal Balance { get; set; }
-
         public int WarehouseId { get; set; }
         public Warehouse Warehouse { get; set; }
 
         public ICollection<User> Users { get; set; }
 
         public ICollection<Vendor> Vendors { get; set; }
+
+        public decimal Balance { get; set; }
     }
 }

MAXData/Models/Batch.cs

@@ -0,0 +1,73 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using System.Runtime.Serialization;
+
+namespace MAX.Models
+{
+    public class Batch
+    {
+        public enum Vouchertype
+        {
+            Voucher = 1,
+            SMS,
+            Data
+        }
+
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [IgnoreDataMember]
+        public int AccountId { get; set; }
+
+        [IgnoreDataMember]
+        public Account Account { get; set; }
+
+        [IgnoreDataMember]
+        public int VendorId { get; set; }
+
+        // Results in a foreign key clash
+        //[IgnoreDataMember]
+        //public Vendor Vendor { get; set; }
+
+        [IgnoreDataMember]
+        public int OrderedById { get; set; }
+
+        // Results in a foreign key clash
+        //[IgnoreDataMember]
+        //public User OrderedBy { get; set; }
+
+        public DateTime OrderDate { get; set; }
+
+        [Required, MaxLength(20)]
+        public string OrderReference { get; set; }
+
+        public int NetworkId { get; set; }
+
+        [Required, MaxLength(20)]
+        public string NetworkName { get; set; }
+
+        public int ProductId { get; set; }
+
+        [Required, MaxLength(50)]
+        public string ProductDescription { get; set; }
+
+        public Vouchertype VoucherType { get; set; }
+
+        public decimal FaceValue { get; set; }
+
+        public decimal DiscountPercentage { get; set; }
+
+        public int RequestedQuantity { get; set; }
+
+        public int DeliveredQuantity { get; set; }
+
+        public decimal Cost { get; set; }
+
+        public bool ReadyForDownload { get; set; }
+
+        [IgnoreDataMember]
+        public ICollection<Voucher> Vouchers { get; set; }
+    }
+}

MAXData/Models/MAXContext.cs

@@ -0,0 +1,34 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Metadata;
+
+namespace MAX.Models
+{
+    public class MAXContext : DbContext
+    {
+        public MAXContext(DbContextOptions<MAXContext> options) : base(options) { }
+
+        protected override void OnModelCreating(ModelBuilder modelBuilder)
+        {
+            base.OnModelCreating(modelBuilder);
+
+            modelBuilder.Entity<Batch>()
+                .HasIndex(b => new { b.ReadyForDownload, b.OrderDate });
+
+            modelBuilder.Entity<Voucher>()
+                .HasIndex(v => new { v.BatchId, v.SequenceNumber })
+                .IsUnique();
+        }
+
+        public DbSet<Account> Accounts { get; set;  }
+
+        public DbSet<Batch> Batches { get; set; }
+
+        public DbSet<User> Users { get; set; }
+
+        public DbSet<Vendor> Vendors { get; set; }
+
+        public DbSet<Voucher> Vouchers { get; set; }
+
+        public DbSet<Warehouse> Warehouses { get; set;  }
+    }
+}

MAXData/Models/MAXDbContext.cs

@@ -1,14 +0,0 @@
-using Microsoft.EntityFrameworkCore;
-
-namespace MAX.Models
-{
-    public class MAXDbContext : DbContext
-    {
-        public MAXDbContext(DbContextOptions<MAXDbContext> options) : base(options) { }
-
-        public DbSet<Account> Accounts { get; set;  }
-        public DbSet<User> Users { get; set; }
-        public DbSet<Vendor> Vendors { get; set; }
-        public DbSet<Warehouse> Warehouses { get; set;  }
-    }
-}

MAXData/Models/User.cs

@@ -1,6 +1,7 @@
 using System;
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
+using System.Runtime.Serialization;
 
 namespace MAX.Models
 {
@@ -16,16 +17,18 @@ namespace MAX.Models
         [DatabaseGenerated(DatabaseGeneratedOption.None)]
         public int Id { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string Username { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string FirstName { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string Surname { get; set; }
 
+        [IgnoreDataMember]
         public int AccountId { get; set; }
+
         public Account Account { get; set; }
 
         public bool Enabled { get; set; }

MAXData/Models/Vendor.cs

@@ -1,5 +1,6 @@
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
+using System.Runtime.Serialization;
 
 namespace MAX.Models
 {
@@ -8,10 +9,20 @@ namespace MAX.Models
         [DatabaseGenerated(DatabaseGeneratedOption.None)]
         public int Id { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string SerialNumber { get; set; }
 
         public int AccountId { get; set; }
+
+        [IgnoreDataMember]
         public Account Account { get; set; }
+
+        [IgnoreDataMember]
+        [Required, MaxLength(32)]
+        public byte[] EncryptedDatabasePassword { get; set; }
+
+        [IgnoreDataMember]
+        [Required, MaxLength(32)]
+        public byte[] EncryptedVoucherKey { get; set; }
     }
 }

MAXData/Models/Voucher.cs

@@ -0,0 +1,30 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using System.Runtime.Serialization;
+
+namespace MAX.Models
+{
+    public class Voucher
+    {
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [IgnoreDataMember]
+        public int BatchId { get; set; }
+
+        [IgnoreDataMember]
+        public Batch Batch { get; set; }
+
+        public int SequenceNumber { get; set; }
+
+        [Column(TypeName = "Date")]
+        public DateTime ExpiryDate { get; set; }
+        
+        [Required, MaxLength(50)]
+        public string Serial { get; set; }
+
+        [Required, MaxLength(50)]
+        public string EncryptedPIN { get; set; }
+    }
+}

MAXData/Models/Warehouse.cs

@@ -9,7 +9,7 @@ namespace MAX.Models
         [DatabaseGenerated(DatabaseGeneratedOption.None)]
         public int Id { get; set; }
 
-        [MaxLength(50)]
+        [Required, MaxLength(50)]
         public string Name { get; set; }
 
         public ICollection<Account> Accounts { get; set; }