Initial user authentication and user account database synchronisation now working.

BulkPrintingAPI.sln

@@ -5,6 +5,10 @@ VisualStudioVersion = 15.0.26430.13
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "BulkPrintingAPI", "BulkPrintingAPI\BulkPrintingAPI.csproj", "{92EEB85E-10FF-4902-9F73-BA4D58344824}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MAXClient", "MAXClient\MAXClient.csproj", "{DDE80401-F7D7-4006-AC06-2FDB57C77798}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MAXModels", "MAXData\MAXModels.csproj", "{2F570746-72B2-495E-AFEE-085E1A8E4CA8}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -15,6 +19,14 @@ Global
 		{92EEB85E-10FF-4902-9F73-BA4D58344824}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{92EEB85E-10FF-4902-9F73-BA4D58344824}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{92EEB85E-10FF-4902-9F73-BA4D58344824}.Release|Any CPU.Build.0 = Release|Any CPU
+		{DDE80401-F7D7-4006-AC06-2FDB57C77798}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DDE80401-F7D7-4006-AC06-2FDB57C77798}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DDE80401-F7D7-4006-AC06-2FDB57C77798}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DDE80401-F7D7-4006-AC06-2FDB57C77798}.Release|Any CPU.Build.0 = Release|Any CPU
+		{2F570746-72B2-495E-AFEE-085E1A8E4CA8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{2F570746-72B2-495E-AFEE-085E1A8E4CA8}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{2F570746-72B2-495E-AFEE-085E1A8E4CA8}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{2F570746-72B2-495E-AFEE-085E1A8E4CA8}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

BulkPrintingAPI/Authentication/TokenProviderMiddleware.cs

@@ -1,134 +0,0 @@
-using Microsoft.AspNetCore.Http;
-using Microsoft.Extensions.Options;
-using Newtonsoft.Json;
-using System;
-using System.IdentityModel.Tokens.Jwt;
-using System.Security.Claims;
-using System.Threading.Tasks;
-
-namespace BulkPrintingAPI.Authentication
-{
-    public class TokenProviderMiddleware
-    {
-        private readonly RequestDelegate _next;
-        private readonly TokenProviderOptions _options;
-        private readonly JsonSerializerSettings _serializerSettings;
-
-        public TokenProviderMiddleware(
-            RequestDelegate next,
-            IOptions<TokenProviderOptions> options)
-        {
-            _next = next;
-
-            _options = options.Value;
-            ThrowIfInvalidOptions(_options);
-
-            _serializerSettings = new JsonSerializerSettings
-            {
-                Formatting = Formatting.Indented
-            };
-        }
-
-        public Task Invoke(HttpContext context)
-        {
-            if (!context.Request.Path.Equals(_options.Path, StringComparison.Ordinal))
-            {
-                return _next(context);
-            }
-
-            if (!context.Request.Method.Equals("POST")
-               || !context.Request.HasFormContentType)
-            {
-                context.Response.StatusCode = 400;
-                return context.Response.WriteAsync("Bad request.");
-            }
-
-            return GenerateToken(context);
-        }
-
-        private async Task GenerateToken(HttpContext context)
-        {
-            var username = context.Request.Form["username"];
-            var password = context.Request.Form["password"];
-
-            var identity = await _options.IdentityResolver(username, password);
-            if (identity == null)
-            {
-                context.Response.StatusCode = 400;
-                await context.Response.WriteAsync("Invalid username or password.");
-                return;
-            }
-
-            var now = DateTime.UtcNow;
-
-            var claims = new Claim[]
-            {
-                new Claim(JwtRegisteredClaimNames.Sub, username),
-                new Claim(JwtRegisteredClaimNames.Jti, await _options.NonceGenerator())
-            };
-
-            var encodedJwt = new JwtSecurityTokenHandler().CreateEncodedJwt(
-                issuer: _options.Issuer,
-                audience: _options.Audience,
-                subject: new ClaimsIdentity(claims),
-                notBefore: now,
-                expires: now.Add(_options.Expiration),
-                issuedAt: now,
-                signingCredentials: _options.SigningCredentials,
-                encryptingCredentials: _options.EncryptingCredentials
-            );
-
-            var response = new
-            {
-                access_token = encodedJwt,
-                expires_in = (int)_options.Expiration.TotalSeconds
-            };
-
-            context.Response.ContentType = "application/json";
-            await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
-        }
-
-        private static void ThrowIfInvalidOptions(TokenProviderOptions options)
-        {
-            if (string.IsNullOrEmpty(options.Path))
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.Path));
-            }
-
-            if (string.IsNullOrEmpty(options.Issuer))
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.Issuer));
-            }
-
-            if (string.IsNullOrEmpty(options.Audience))
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.Audience));
-            }
-
-            if (options.Expiration == TimeSpan.Zero)
-            {
-                throw new ArgumentException("Must be a non-zero TimeSpan.", nameof(TokenProviderOptions.Expiration));
-            }
-
-            if (options.IdentityResolver == null)
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.IdentityResolver));
-            }
-
-            if (options.SigningCredentials == null)
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.SigningCredentials));
-            }
-
-            if (options.EncryptingCredentials == null)
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.EncryptingCredentials));
-            }
-
-            if (options.NonceGenerator == null)
-            {
-                throw new ArgumentNullException(nameof(TokenProviderOptions.NonceGenerator));
-            }
-        }
-    }
-}

BulkPrintingAPI/Authentication/TokenProviderOptions.cs

@@ -1,54 +0,0 @@
-using Microsoft.IdentityModel.Tokens;
-using System;
-using System.Security.Claims;
-using System.Threading.Tasks;
-
-namespace BulkPrintingAPI.Authentication
-{
-    public class TokenProviderOptions
-    {
-        /// <summary>
-        /// The relative request path to listen on.
-        /// </summary>
-        /// <remarks>The default path is <c>/token</c>.</remarks>
-        public string Path { get; set; } = "/token";
-
-        /// <summary>
-        ///  The Issuer (iss) claim for generated tokens.
-        /// </summary>
-        public string Issuer { get; set; }
-
-        /// <summary>
-        /// The Audience (aud) claim for the generated tokens.
-        /// </summary>
-        public string Audience { get; set; }
-
-        /// <summary>
-        /// The expiration time for the generated tokens.
-        /// </summary>
-        /// <remarks>The default is five minutes (300 seconds).</remarks>
-        public TimeSpan Expiration { get; set; } = TimeSpan.FromDays(1);
-
-        /// <summary>
-        /// The signing key to use when generating tokens.
-        /// </summary>
-        public SigningCredentials SigningCredentials { get; set; }
-
-        /// <summary>
-        /// The encryption key to use when generating tokens.
-        /// </summary>
-        public EncryptingCredentials EncryptingCredentials { get; set; }
-
-        /// <summary>
-        /// Resolves a user identity given a username and password.
-        /// </summary>
-        public Func<string, string, Task<ClaimsIdentity>> IdentityResolver { get; set; }
-
-        /// <summary>
-        /// Generates a random value (nonce) for each generated token.
-        /// </summary>
-        /// <remarks>The default nonce is a random GUID.</remarks>
-        public Func<Task<string>> NonceGenerator { get; set; }
-            = () => Task.FromResult(Guid.NewGuid().ToString());
-    }
-}

BulkPrintingAPI/BulkPrintingAPI.csproj

@@ -2,10 +2,11 @@
 
   <PropertyGroup>
     <TargetFramework>netcoreapp1.1</TargetFramework>
+    <PackageTargetFallback>portable-net45+win8</PackageTargetFallback>
   </PropertyGroup>
 
   <ItemGroup>
-    <Folder Include="MAX\" />
+    <Folder Include="Models\" />
     <Folder Include="wwwroot\" />
   </ItemGroup>
   <ItemGroup>
@@ -13,7 +14,16 @@
     <PackageReference Include="Microsoft.AspNetCore" Version="1.1.2" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.2" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.3" />
+    <PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="1.1.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="1.1.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="1.1.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer.Design" Version="1.1.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="1.1.1" />
     <PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.2" />
+    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.2" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.BrowserLink" Version="1.1.2" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="1.1.1" />
   </ItemGroup>
   <ItemGroup>
     <DotNetCliToolReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Tools" Version="1.0.1" />
@@ -21,5 +31,9 @@
   <ItemGroup>
     <None Include="secrets.Development.json" />
   </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\MAXClient\MAXClient.csproj" />
+    <ProjectReference Include="..\MAXData\MAXModels.csproj" />
+  </ItemGroup>
 
 </Project>

BulkPrintingAPI/Configuration/TokenAuthenticationOptions.cs

@@ -0,0 +1,51 @@
+using Microsoft.Extensions.Configuration;
+using Microsoft.IdentityModel.Tokens;
+using System;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Configuration
+{
+    public class TokenAuthenticationOptions
+    {
+        public TokenAuthenticationOptions(IConfiguration configuration)
+        {
+            string secretKey = configuration["SecretKey"];
+            if (String.IsNullOrEmpty(secretKey))
+                throw new ArgumentException("Missing 'SecretKey' value", nameof(configuration));
+
+            string salt = configuration["Salt"];
+            if (String.IsNullOrEmpty(secretKey))
+                throw new ArgumentException("Missing 'Salt' value", nameof(configuration));
+
+            var rawKey = new Rfc2898DeriveBytes(
+                    Encoding.ASCII.GetBytes(secretKey),
+                    Encoding.ASCII.GetBytes(salt),
+                    configuration.GetValue("Iterations", 4096)).GetBytes(32);
+
+            Issuer = configuration.GetValue("Issuer", "bulk");
+            Audience = configuration.GetValue("Audience", "bulk");
+            Lifetime = TimeSpan.FromSeconds(configuration.GetValue("TokenLifetime", 600));
+            Key = new SymmetricSecurityKey(rawKey);
+            SigningCredentials = new SigningCredentials(Key, SecurityAlgorithms.HmacSha256);
+            EncryptingCredentials = new EncryptingCredentials(Key, "dir",
+                SecurityAlgorithms.Aes128CbcHmacSha256);
+        }
+
+        public string Issuer { get; set; }
+
+        public string Audience { get; set; }
+
+        public TimeSpan Lifetime { get; set; }
+
+        public SecurityKey Key { get; set; }
+
+        public SigningCredentials SigningCredentials { get; set; }
+
+        public EncryptingCredentials EncryptingCredentials { get; set; }
+
+        public Func<Task<string>> NonceGenerator { get; set; }
+            = () => Task.FromResult(Guid.NewGuid().ToString());
+    }
+}

BulkPrintingAPI/Controllers/LoginController.cs

@@ -0,0 +1,128 @@
+using BulkPrintingAPI.Configuration;
+using BulkPrintingAPI.Db;
+using BulkPrintingAPI.Services;
+using MAX.Models;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+using Microsoft.Extensions.Logging;
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Controllers
+{
+    //[Produces("application/json")]
+    [Route("api/[controller]")]
+    public class LoginController : Controller
+    {
+        public class LoginRequest
+        {
+            [Required]
+            public int? VendorId { get; set; }
+
+            [Required]
+            public string SerialNumber { get; set; }
+
+            [Required]
+            public int? UserId { get; set; }
+
+            [Required]
+            public string Username { get; set; }
+
+            [Required]
+            public string Password { get; set; }
+        }
+
+        private ILogger logger;
+        private TokenAuthenticationOptions tokenAuthenticationOptions;
+        private MAXClientFactory clientFactory;
+        private MAXDbContext dbContext;
+
+        public LoginController(ILoggerFactory loggerFactory,
+            TokenAuthenticationOptions tokenAuthenticationOptions,
+            MAXClientFactory clientFactory,
+            MAXDbContext dbContext)
+        {
+            logger = loggerFactory.CreateLogger(GetType().FullName);
+            this.tokenAuthenticationOptions = tokenAuthenticationOptions;
+            this.clientFactory = clientFactory;
+            this.dbContext = dbContext;
+        }
+
+        [HttpPost]
+        [AllowAnonymous]
+        public async Task<IActionResult> Post([FromBody] LoginRequest loginRequest)
+        {
+            if (! ModelState.IsValid)
+                return BadRequest();
+
+            using (var client = clientFactory.GetClient(logger, loginRequest.VendorId.Value,
+                loginRequest.SerialNumber, loginRequest.UserId.Value, loginRequest.Username,
+                loginRequest.Password))
+            {
+                User user;
+                try
+                {
+                    user = await client.ConnectAsync();
+                }
+                catch (Exception e)
+                {
+                    logger.LogError(
+                        "ConnectAsync failed for vendorId={0} serialNumber={1} userId={2} username={3}: {4}",
+                        loginRequest.VendorId, loginRequest.SerialNumber,
+                        loginRequest.UserId, loginRequest.Username, e.Message);
+                    return Unauthorized();
+                }
+
+                if (user == null)
+                {
+                    logger.LogInformation(
+                        "Login failed for vendorId={0} serialNumber={1} userId={2} username={3}",
+                        loginRequest.VendorId, loginRequest.SerialNumber,
+                        loginRequest.UserId, loginRequest.Username);
+                    return Unauthorized();
+                }
+
+                try
+                {
+                    await DbHelpers.SyncUserAndVendorWithDb(dbContext, user,
+                        loginRequest.VendorId.Value,
+                        loginRequest.SerialNumber);
+                }
+                catch (Exception e)
+                {
+                    logger.LogError(
+                        "SyncUserAndVendorWithDb failed for vendorId={0} serialNumber={1} userId={2} username={3}: {4}",
+                        loginRequest.VendorId, loginRequest.SerialNumber,
+                        loginRequest.UserId, loginRequest.Username, e.Message);
+                    return Unauthorized();
+                }
+
+                var now = DateTime.UtcNow;
+                var encodedJwt = new JwtSecurityTokenHandler().CreateEncodedJwt(
+                    issuer: tokenAuthenticationOptions.Issuer,
+                    audience: tokenAuthenticationOptions.Audience,
+                    subject: new ClaimsIdentity(new Claim[] {
+                       new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
+                       new Claim("xpwd", loginRequest.Password),
+                       new Claim("xvid", loginRequest.VendorId.ToString()),
+                       new Claim(JwtRegisteredClaimNames.Jti, await tokenAuthenticationOptions.NonceGenerator())
+                    }),
+                    notBefore: now,
+                    expires: now.Add(tokenAuthenticationOptions.Lifetime),
+                    issuedAt: now,
+                    signingCredentials: tokenAuthenticationOptions.SigningCredentials,
+                    encryptingCredentials: tokenAuthenticationOptions.EncryptingCredentials
+                );
+
+                return Ok(new {
+                    access_token = encodedJwt,
+                    expires_in = (int)tokenAuthenticationOptions.Lifetime.TotalSeconds
+                });
+            }
+        }
+    }
+}

BulkPrintingAPI/Controllers/ValuesController.cs

@@ -9,7 +9,6 @@ namespace BulkPrintingAPI.Controllers
     {
         // GET api/values
         [HttpGet]
-        [Authorize]
         public IEnumerable<string> Get()
         {
             return new string[] { "value1", "value2" };

BulkPrintingAPI/Db/DbHelpers.cs

@@ -0,0 +1,84 @@
+using MAX.Models;
+using System.Threading.Tasks;
+
+namespace BulkPrintingAPI.Db
+{
+    public static class DbHelpers
+    {
+        public static async Task SyncUserAndVendorWithDb(MAXDbContext dbContext,
+            User user, int vendorId, string serialNumber)
+        {
+            var warehouse = user.Account.Warehouse;
+            var existingWarehouse = await dbContext.Warehouses.FindAsync(warehouse.Id).ConfigureAwait(false);
+            if (existingWarehouse == null)
+            {
+                dbContext.Warehouses.Add(warehouse);
+            }
+            else
+            {
+                existingWarehouse.Name = warehouse.Name;
+                warehouse = existingWarehouse;
+            }
+
+            var account = user.Account;
+            var existingAccount = await dbContext.Accounts.FindAsync(account.Id).ConfigureAwait(false);
+            if (existingAccount ==  null)
+            {
+                dbContext.Accounts.Add(account);
+            }
+            else
+            {
+                existingAccount.Name = account.Name;
+                existingAccount.Status = account.Status;
+                existingAccount.Reference = account.Reference;
+                existingAccount.Balance = account.Balance;
+                account = existingAccount;
+            }
+            account.Warehouse = warehouse;
+
+            var existingUser = await dbContext.Users.FindAsync(user.Id).ConfigureAwait(false);
+            if (existingUser == null)
+            {
+                dbContext.Users.Add(user);
+            }
+            else
+            {
+                existingUser.Username = user.Username;
+                existingUser.FirstName = user.FirstName;
+                existingUser.Surname = user.Surname;
+                existingUser.Enabled = user.Enabled;
+                existingUser.Level = user.Level;
+                existingUser.System = user.System;
+                existingUser.LastLogin = user.LastLogin;
+
+                existingUser.CanPrintOffline = user.CanPrintOffline;
+                existingUser.CanPrintOnline = user.CanPrintOnline;
+                existingUser.CanReprintOffline = user.CanReprintOffline;
+                existingUser.CanReprintOnline = user.CanReprintOnline;
+                existingUser.OfflinePrintValue = user.OfflinePrintValue;
+                existingUser.OfflineReprintValue = user.OfflineReprintValue;
+                existingUser.OnlinePrintValue = user.OnlinePrintValue;
+                existingUser.OnlineReprintValue = user.OnlineReprintValue;
+            }
+            user.Account = account;
+
+            var vendor = await dbContext.Vendors.FindAsync(vendorId).ConfigureAwait(false);
+            if (vendor == null)
+            {
+                dbContext.Add(new Vendor()
+                {
+                    Id = vendorId,
+                    SerialNumber = serialNumber,
+                    Account = account
+                });
+            }
+            else
+            {
+                vendor.SerialNumber = serialNumber;
+                vendor.Account = account;
+            }
+
+            await dbContext.SaveChangesAsync().ConfigureAwait(false);
+        }
+    }
+}

BulkPrintingAPI/Migrations/20170701135738_InitialCreate.Designer.cs

@@ -0,0 +1,142 @@
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+using MAX.Models;
+
+namespace BulkPrintingAPI.Migrations
+{
+    [DbContext(typeof(MAXDbContext))]
+    [Migration("20170701135738_InitialCreate")]
+    partial class InitialCreate
+    {
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+            modelBuilder
+                .HasAnnotation("ProductVersion", "1.1.2")
+                .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn);
+
+            modelBuilder.Entity("MAX.Models.Account", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<decimal>("Balance");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(50);
+
+                    b.Property<string>("Reference")
+                        .HasMaxLength(50);
+
+                    b.Property<int>("Status");
+
+                    b.Property<int>("WarehouseId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("WarehouseId");
+
+                    b.ToTable("Accounts");
+                });
+
+            modelBuilder.Entity("MAX.Models.User", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<bool>("CanPrintOffline");
+
+                    b.Property<bool>("CanPrintOnline");
+
+                    b.Property<bool>("CanReprintOffline");
+
+                    b.Property<bool>("CanReprintOnline");
+
+                    b.Property<bool>("Enabled");
+
+                    b.Property<string>("FirstName")
+                        .HasMaxLength(50);
+
+                    b.Property<DateTime>("LastLogin");
+
+                    b.Property<int>("Level");
+
+                    b.Property<decimal>("OfflinePrintValue");
+
+                    b.Property<decimal>("OfflineReprintValue");
+
+                    b.Property<decimal>("OnlinePrintValue");
+
+                    b.Property<decimal>("OnlineReprintValue");
+
+                    b.Property<string>("Surname")
+                        .HasMaxLength(50);
+
+                    b.Property<int>("System");
+
+                    b.Property<string>("Username")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.ToTable("Users");
+                });
+
+            modelBuilder.Entity("MAX.Models.Vendor", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<string>("SerialNumber")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.ToTable("Vendors");
+                });
+
+            modelBuilder.Entity("MAX.Models.Warehouse", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Warehouses");
+                });
+
+            modelBuilder.Entity("MAX.Models.Account", b =>
+                {
+                    b.HasOne("MAX.Models.Warehouse", "Warehouse")
+                        .WithMany("Accounts")
+                        .HasForeignKey("WarehouseId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("MAX.Models.User", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany("Users")
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("MAX.Models.Vendor", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany("Vendors")
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+        }
+    }
+}

BulkPrintingAPI/Migrations/20170701135738_InitialCreate.cs

@@ -0,0 +1,128 @@
+using System;
+using System.Collections.Generic;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+namespace BulkPrintingAPI.Migrations
+{
+    public partial class InitialCreate : Migration
+    {
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "Warehouses",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    Name = table.Column<string>(maxLength: 50, nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Warehouses", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "Accounts",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    Balance = table.Column<decimal>(nullable: false),
+                    Name = table.Column<string>(maxLength: 50, nullable: true),
+                    Reference = table.Column<string>(maxLength: 50, nullable: true),
+                    Status = table.Column<int>(nullable: false),
+                    WarehouseId = table.Column<int>(nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Accounts", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Accounts_Warehouses_WarehouseId",
+                        column: x => x.WarehouseId,
+                        principalTable: "Warehouses",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "Users",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    AccountId = table.Column<int>(nullable: false),
+                    CanPrintOffline = table.Column<bool>(nullable: false),
+                    CanPrintOnline = table.Column<bool>(nullable: false),
+                    CanReprintOffline = table.Column<bool>(nullable: false),
+                    CanReprintOnline = table.Column<bool>(nullable: false),
+                    Enabled = table.Column<bool>(nullable: false),
+                    FirstName = table.Column<string>(maxLength: 50, nullable: true),
+                    LastLogin = table.Column<DateTime>(nullable: false),
+                    Level = table.Column<int>(nullable: false),
+                    OfflinePrintValue = table.Column<decimal>(nullable: false),
+                    OfflineReprintValue = table.Column<decimal>(nullable: false),
+                    OnlinePrintValue = table.Column<decimal>(nullable: false),
+                    OnlineReprintValue = table.Column<decimal>(nullable: false),
+                    Surname = table.Column<string>(maxLength: 50, nullable: true),
+                    System = table.Column<int>(nullable: false),
+                    Username = table.Column<string>(maxLength: 50, nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Users", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Users_Accounts_AccountId",
+                        column: x => x.AccountId,
+                        principalTable: "Accounts",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "Vendors",
+                columns: table => new
+                {
+                    Id = table.Column<int>(nullable: false),
+                    AccountId = table.Column<int>(nullable: false),
+                    SerialNumber = table.Column<string>(maxLength: 50, nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_Vendors", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_Vendors_Accounts_AccountId",
+                        column: x => x.AccountId,
+                        principalTable: "Accounts",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Accounts_WarehouseId",
+                table: "Accounts",
+                column: "WarehouseId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Users_AccountId",
+                table: "Users",
+                column: "AccountId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_Vendors_AccountId",
+                table: "Vendors",
+                column: "AccountId");
+        }
+
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "Users");
+
+            migrationBuilder.DropTable(
+                name: "Vendors");
+
+            migrationBuilder.DropTable(
+                name: "Accounts");
+
+            migrationBuilder.DropTable(
+                name: "Warehouses");
+        }
+    }
+}

BulkPrintingAPI/Migrations/MAXDbContextModelSnapshot.cs

@@ -0,0 +1,141 @@
+using System;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+using MAX.Models;
+
+namespace BulkPrintingAPI.Migrations
+{
+    [DbContext(typeof(MAXDbContext))]
+    partial class MAXDbContextModelSnapshot : ModelSnapshot
+    {
+        protected override void BuildModel(ModelBuilder modelBuilder)
+        {
+            modelBuilder
+                .HasAnnotation("ProductVersion", "1.1.2")
+                .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn);
+
+            modelBuilder.Entity("MAX.Models.Account", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<decimal>("Balance");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(50);
+
+                    b.Property<string>("Reference")
+                        .HasMaxLength(50);
+
+                    b.Property<int>("Status");
+
+                    b.Property<int>("WarehouseId");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("WarehouseId");
+
+                    b.ToTable("Accounts");
+                });
+
+            modelBuilder.Entity("MAX.Models.User", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<bool>("CanPrintOffline");
+
+                    b.Property<bool>("CanPrintOnline");
+
+                    b.Property<bool>("CanReprintOffline");
+
+                    b.Property<bool>("CanReprintOnline");
+
+                    b.Property<bool>("Enabled");
+
+                    b.Property<string>("FirstName")
+                        .HasMaxLength(50);
+
+                    b.Property<DateTime>("LastLogin");
+
+                    b.Property<int>("Level");
+
+                    b.Property<decimal>("OfflinePrintValue");
+
+                    b.Property<decimal>("OfflineReprintValue");
+
+                    b.Property<decimal>("OnlinePrintValue");
+
+                    b.Property<decimal>("OnlineReprintValue");
+
+                    b.Property<string>("Surname")
+                        .HasMaxLength(50);
+
+                    b.Property<int>("System");
+
+                    b.Property<string>("Username")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.ToTable("Users");
+                });
+
+            modelBuilder.Entity("MAX.Models.Vendor", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<int>("AccountId");
+
+                    b.Property<string>("SerialNumber")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("AccountId");
+
+                    b.ToTable("Vendors");
+                });
+
+            modelBuilder.Entity("MAX.Models.Warehouse", b =>
+                {
+                    b.Property<int>("Id");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(50);
+
+                    b.HasKey("Id");
+
+                    b.ToTable("Warehouses");
+                });
+
+            modelBuilder.Entity("MAX.Models.Account", b =>
+                {
+                    b.HasOne("MAX.Models.Warehouse", "Warehouse")
+                        .WithMany("Accounts")
+                        .HasForeignKey("WarehouseId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("MAX.Models.User", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany("Users")
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+
+            modelBuilder.Entity("MAX.Models.Vendor", b =>
+                {
+                    b.HasOne("MAX.Models.Account", "Account")
+                        .WithMany("Vendors")
+                        .HasForeignKey("AccountId")
+                        .OnDelete(DeleteBehavior.Cascade);
+                });
+        }
+    }
+}

BulkPrintingAPI/ScaffoldingReadMe.txt

@@ -0,0 +1,49 @@
+
+ASP.NET MVC core dependencies have been added to the project.
+However you may still need to do make changes to your project.
+
+1. Suggested changes to Startup class:
+    1.1 Add a constructor:
+        public IConfigurationRoot Configuration { get; }
+
+        public Startup(IHostingEnvironment env)
+        {
+            var builder = new ConfigurationBuilder()
+                .SetBasePath(env.ContentRootPath)
+                .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
+                .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
+                .AddEnvironmentVariables();
+            Configuration = builder.Build();
+        }
+    1.2 Add MVC services:
+        public void ConfigureServices(IServiceCollection services)
+        {
+            // Add framework services.
+            services.AddMvc();
+       }
+
+    1.3 Configure web app to use use Configuration and use MVC routing:
+
+        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
+        {
+            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
+            loggerFactory.AddDebug();
+
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+            else
+            {
+                app.UseExceptionHandler("/Home/Error");
+            }
+
+            app.UseStaticFiles();
+
+            app.UseMvc(routes =>
+            {
+                routes.MapRoute(
+                    name: "default",
+                    template: "{controller=Home}/{action=Index}/{id?}");
+            });
+        }

BulkPrintingAPI/Services/MAXClientFactory.cs

@@ -0,0 +1,34 @@
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Logging;
+
+namespace BulkPrintingAPI.Services
+{
+    public class MAXClientFactory
+    {
+        public MAXClientFactory(IConfiguration configuration)
+        {
+            configuration.Bind(this);
+        }
+
+        public MAX.Client GetClient(ILogger logger, int vendorId, string serialNumber, int userId,
+            string username, string password)
+        {
+            var client = new MAX.Client(logger, Host, Port, vendorId, serialNumber, userId,
+                username, password);
+            client.ConnectTimeout = ConnectTimeout;
+            client.ReceiveTimeout = ReceiveTimeout;
+            client.SendTimeout = SendTimeout;
+            return client;
+        }
+
+        public string Host { get; set; }
+        
+        public int Port { get; set; }
+
+        public int ConnectTimeout { get; set; }
+
+        public int ReceiveTimeout { get; set; }
+
+        public int SendTimeout { get; set; }
+    }
+}

BulkPrintingAPI/Startup.Auth.cs

@@ -1,76 +0,0 @@
-using BulkPrintingAPI.Authentication;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Tokens;
-using System;
-using System.Security.Claims;
-using System.Security.Cryptography;
-using System.Security.Principal;
-using System.Text;
-using System.Threading.Tasks;
-
-namespace BulkPrintingAPI
-{
-    public partial class Startup
-    {
-        private void ConfigureAuth(IApplicationBuilder app)
-        {
-            var rawKey = new Rfc2898DeriveBytes(
-                    Encoding.ASCII.GetBytes(Configuration.GetSection("TokenAuthentication:SecretKey").Value),
-                    Encoding.ASCII.GetBytes(Configuration.GetSection("TokenAuthentication:Salt").Value),
-                    int.Parse(Configuration.GetSection("TokenAuthentication:Iterations").Value)
-                ).GetBytes(32);
-            var securityKey = new SymmetricSecurityKey(rawKey);
-
-            var tokenValidationParameters = new TokenValidationParameters
-            {
-                ValidateIssuerSigningKey = true,
-                IssuerSigningKey = securityKey,
-                TokenDecryptionKey = securityKey,
-                
-                ValidateIssuer = true,
-                ValidIssuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
-
-                ValidateAudience = true,
-                ValidAudience = Configuration.GetSection("TokenAuthentication:Audience").Value,
-
-                ValidateLifetime = true,
-                ClockSkew = TimeSpan.Zero
-            };
-
-            var bearerOptions = new JwtBearerOptions
-            {
-                AutomaticAuthenticate = true,
-                AutomaticChallenge = true,
-                SaveToken = true,
-                TokenValidationParameters = tokenValidationParameters
-            };
-
-            app.UseJwtBearerAuthentication(bearerOptions);
-
-            var tokenProviderOptions = new TokenProviderOptions
-            {
-                Path = Configuration.GetSection("TokenAuthentication:TokenPath").Value,
-                Audience = Configuration.GetSection("TokenAuthentication:Audience").Value,
-                Issuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
-                SigningCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256),
-                EncryptingCredentials = new EncryptingCredentials(securityKey, "dir", SecurityAlgorithms.Aes128CbcHmacSha256),
-                IdentityResolver = GetIdentity
-            };
-
-            app.UseMiddleware<TokenProviderMiddleware>(Options.Create(tokenProviderOptions));
-        }
-
-        private Task<ClaimsIdentity> GetIdentity(string username, string password)
-        {
-            // Don't do this in production, obviously!
-            if (username == "TEST" && password == "TEST123")
-            {
-                return Task.FromResult(new ClaimsIdentity(new GenericIdentity(username, "Token"), new Claim[] { }));
-            }
-
-            // Credentials are invalid, or account doesn't exist
-            return Task.FromResult<ClaimsIdentity>(null);
-        }
-    }
-}

BulkPrintingAPI/Startup.cs

@@ -1,12 +1,18 @@
-using Microsoft.AspNetCore.Builder;
+using BulkPrintingAPI.Configuration;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Mvc.Authorization;
+using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.IdentityModel.Tokens;
+using System;
 
 namespace BulkPrintingAPI
 {
-    public partial class Startup
+    public class Startup
     {
         public Startup(IHostingEnvironment env)
         {
@@ -26,16 +32,53 @@ namespace BulkPrintingAPI
         public void ConfigureServices(IServiceCollection services)
         {
             // Add framework services.
-            services.AddMvc();
+            services.AddMvc(config =>
+            {
+                var policy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build();
+                config.Filters.Add(new AuthorizeFilter(policy));
+            });
+            services.AddSingleton(new TokenAuthenticationOptions(
+                Configuration.GetSection("TokenAuthentication")));
+            services.AddSingleton(new Services.MAXClientFactory(
+                Configuration.GetSection("MAX")));
+            services.AddDbContext<MAX.Models.MAXDbContext>(
+                options => options.UseSqlServer(
+                    Configuration["Database:ConnectionString"],
+                    b => b.MigrationsAssembly("BulkPrintingAPI")));
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
-        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
+        public void Configure(IApplicationBuilder app, IHostingEnvironment env,
+            ILoggerFactory loggerFactory, TokenAuthenticationOptions tokenAuthenticationOptions)
         {
             loggerFactory.AddConsole(Configuration.GetSection("Logging"));
             loggerFactory.AddDebug();
 
-            ConfigureAuth(app);
+            var tokenValidationParameters = new TokenValidationParameters
+            {
+                ValidateIssuerSigningKey = true,
+                IssuerSigningKey = tokenAuthenticationOptions.Key,
+                TokenDecryptionKey = tokenAuthenticationOptions.Key,
+
+                ValidateIssuer = true,
+                ValidIssuer = tokenAuthenticationOptions.Issuer,
+
+                ValidateAudience = true,
+                ValidAudience = tokenAuthenticationOptions.Audience,
+
+                ValidateLifetime = true,
+                ClockSkew = TimeSpan.Zero
+            };
+
+            var bearerOptions = new JwtBearerOptions
+            {
+                AutomaticAuthenticate = true,
+                AutomaticChallenge = true,
+                SaveToken = true,
+                TokenValidationParameters = tokenValidationParameters
+            };
+
+            app.UseJwtBearerAuthentication(bearerOptions);
 
             app.UseMvc();
         }

BulkPrintingAPI/appsettings.Development.json

@@ -6,5 +6,12 @@
       "System": "Information",
       "Microsoft": "Information"
     }
+  },
+  "MAX": {
+    "Host": "41.223.25.5",
+    "Port": 4006,
+    "ConnectTimeout": 10000,
+    "ReceiveTimeout": 10000,
+    "SendTimeout":  10000
   }
 }

BulkPrintingAPI/appsettings.json

@@ -1,4 +1,7 @@
 {
+  "Database": {
+    "ConnectionString": "SET IN secrets.json"
+  },
   "Logging": {
     "IncludeScopes": false,
     "LogLevel": {
@@ -10,8 +13,6 @@
     "Issuer": "bulk",
     "SecretKey": "SET IN secrets.json",
     "Salt": "SET IN secrets.json",
-    "Iterations": 4096,
-    "TokenPath": "/token",
-    "CookieName": "access_token"
+    "TokenLifetime": 86400
   }
 }

MAXClient/Client.cs

@@ -0,0 +1,328 @@
+using ExtensionMethods;
+using MAX.Models;
+using Microsoft.Extensions.Logging;
+using System;
+using System.IO;
+using System.Net.Sockets;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Xml;
+
+namespace MAX
+{
+    public class Client : IDisposable
+    {
+        private ILogger logger;
+        private string host;
+        private int port;
+        private int vendorId;
+        private string serialNumber;
+        private int userId;
+        private string username;
+        private string password;
+
+        private TcpClient connection = null;
+        private NetworkStream connectionStream = null;
+        private TripleDES des = null;
+
+        private bool disposed = false;
+
+        public Client(ILogger logger, string host, int port, int vendorId, string serialNumber, int userId, string username, string password)
+        {
+            this.logger = logger;
+            this.host = host;
+            this.port = port;
+            this.vendorId = vendorId;
+            this.serialNumber = serialNumber;
+            this.userId = userId;
+            this.username = username;
+            this.password = password;
+
+            ConnectTimeout = 10000;
+            ReceiveTimeout = 10000;
+            SendTimeout = 10000;
+        }
+
+        public void Close()
+        {
+            Dispose(true);
+        }
+
+        public async Task<User> ConnectAsync()
+        {
+            if (connection != null)
+                throw new Exception("Already connected");
+
+            connection = new TcpClient(AddressFamily.InterNetwork);
+            connection.ReceiveTimeout = ReceiveTimeout;
+            connection.SendTimeout = SendTimeout;
+
+            // Connect to the server
+            try
+            {
+                using (var cancellationSource = new CancellationTokenSource(ConnectTimeout))
+                {
+                    await connection.ConnectAsync(host, port).WithCancellation(cancellationSource.Token).ConfigureAwait(false);
+                }
+            }
+            catch (OperationCanceledException)
+            {
+                throw new Exception("Connect timeout");
+            }
+            connectionStream = connection.GetStream();
+
+            // Device authentication
+            await WriteMessageAsync(new MessageBuilder()
+                .Append("Hi ")
+                .Append(serialNumber)
+                .Append("|V")
+                .Append(vendorId)
+                .Append("|123451234512345||||||")).ConfigureAwait(false);
+
+            var response = await ReadMessageAsync().ConfigureAwait(false);
+            if (!response.StartsWith("Hi "))
+            {
+                logger.LogError("Device authentication failed: {0}", response);
+                return null;
+            }
+
+            // Request server RSA key
+            await WriteMessageAsync(new MessageBuilder().Append("PK")).ConfigureAwait(false);
+            response = await ReadMessageAsync().ConfigureAwait(false);
+
+            // Key exchange
+            des = TripleDES.Create();
+            des.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0 };
+            await WriteMessageAsync(new MessageBuilder()
+                .Append("3D ")
+                .Append(EncryptRSA(response, BitConverter.ToString(des.Key).Replace("-", "")))).ConfigureAwait(false);
+
+            response = await ReadMessageAsync().ConfigureAwait(false);
+            if (!response.StartsWith("OK"))
+            {
+                throw new Exception(String.Format("Key exchange failed: {0}", response));
+            }
+
+            // User authentication
+            await WriteMessageAsync(new MessageBuilder()
+                .Append("User ")
+                .Append(Encrypt(new StringBuilder()
+                    .Append(userId)
+                    .Append("|")
+                    .Append(username)
+                    .Append("|")
+                    .Append(password).ToString()))).ConfigureAwait(false);
+
+            response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+            if (response.StartsWith("OK"))
+            {
+                var parts = response.Split('|');
+                var user = new User()
+                {
+                    Id = userId,
+                    Username = username,
+                    FirstName = parts[4],
+                    Surname = parts[3],
+                    Enabled = bool.Parse(parts[6]),
+                    Level = (User.UserLevel)int.Parse(parts[1]),
+                    System = int.Parse(parts[2]),
+                    LastLogin = DateTime.Parse(parts[5])
+                };
+
+                if (user.Level == User.UserLevel.CustomUser)
+                {
+                    user.CanPrintOffline = bool.Parse(parts[7]);
+                    user.OfflinePrintValue = decimal.Parse(parts[8]);
+                    user.CanPrintOnline = bool.Parse(parts[9]);
+                    user.OnlinePrintValue = decimal.Parse(parts[10]);
+                    user.CanReprintOffline = bool.Parse(parts[11]);
+                    user.OfflineReprintValue = decimal.Parse(parts[12]);
+                    user.CanReprintOnline = bool.Parse(parts[13]);
+                    user.OnlineReprintValue = decimal.Parse(parts[14]);
+                }
+
+                // Account information
+                await WriteMessageAsync(new MessageBuilder().Append("Acc")).ConfigureAwait(false);
+                response = Decrypt(await ReadMessageAsync().ConfigureAwait(false));
+                if (response.StartsWith("OK"))
+                {
+                    parts = response.Split('|');
+                    user.Account = new Account()
+                    {
+                        Id = int.Parse(parts[1]),
+                        Name = parts[2],
+                        Balance = decimal.Parse(parts[3]),
+                        Status = (Account.AccountStatus)int.Parse(parts[4]),
+                        Reference = parts[5],
+                        Warehouse = new Warehouse()
+                        {
+                            Id = int.Parse(parts[6]),
+                            Name = parts[7]
+                        }
+                    };
+                    return user;
+                }
+                else if (response.StartsWith("ER"))
+                {
+                    logger.LogError("Error retrieving account information: {0}", response);
+                    return null;
+                }
+                else
+                {
+                    throw new Exception(String.Format("Invalid account information response: {0}", response));
+                }
+            }
+            else if (response.StartsWith("ER"))
+            {
+                logger.LogInformation("User authentication failed: {0}", response);
+                return null;
+            }
+            else
+            {
+                throw new Exception(String.Format("Invalid user information response: {0}", response));
+            }
+        }
+
+        public int ConnectTimeout { get; set; }
+
+        protected virtual void Dispose(bool disposing)
+        {
+            if (disposed)
+                return;
+
+            disposed = true;
+
+            // No unmanaged resources are disposed so we don't need the full finalisation pattern.
+            if (disposing)
+            {
+                if (des != null)
+                {
+                    des.Dispose();
+                    des = null;
+                }
+                if (connectionStream != null)
+                {
+                    connectionStream.Dispose();
+                    connectionStream = null;
+                }
+                if (connection != null)
+                {
+                    connection.Dispose();
+                    connection = null;
+                }
+            }
+        }
+
+        public void Dispose()
+        {
+            Dispose(true);
+        }
+
+        private string Decrypt(string cipherText)
+        {
+            using (var decryptor = des.CreateDecryptor(des.Key, des.IV))
+            {
+                return Encoding.UTF8.GetString(Transform(decryptor, Convert.FromBase64String(cipherText)));
+            }
+        }
+
+        private string Encrypt(string plainText)
+        {
+            using (var encryptor = des.CreateEncryptor(des.Key, des.IV))
+            {
+                return Convert.ToBase64String(Transform(encryptor, Encoding.UTF8.GetBytes(plainText)));
+            }
+        }
+
+        private string EncryptRSA(string publicKey, string plainText)
+        {
+            RSAParameters parameters = new RSAParameters();
+
+            var xml = new XmlDocument();
+            xml.LoadXml(publicKey);
+            if (! xml.DocumentElement.Name.Equals("RSAKeyValue"))
+                throw new Exception("Invalid RSA key");
+
+            foreach (XmlNode node in xml.DocumentElement.ChildNodes)
+            {
+                switch (node.Name)
+                {
+                    case "Modulus": parameters.Modulus = Convert.FromBase64String(node.InnerText); break;
+                    case "Exponent": parameters.Exponent = Convert.FromBase64String(node.InnerText); break;
+                    case "P": parameters.P = Convert.FromBase64String(node.InnerText); break;
+                    case "Q": parameters.Q = Convert.FromBase64String(node.InnerText); break;
+                    case "DP": parameters.DP = Convert.FromBase64String(node.InnerText); break;
+                    case "DQ": parameters.DQ = Convert.FromBase64String(node.InnerText); break;
+                    case "InverseQ": parameters.InverseQ = Convert.FromBase64String(node.InnerText); break;
+                    case "D": parameters.D = Convert.FromBase64String(node.InnerText); break;
+                }
+            }
+
+            using (var rsa = RSA.Create())
+            {
+                rsa.ImportParameters(parameters);
+                var blockSize = rsa.KeySize / 8 - 42;
+                var offset = 0;
+                var input = Encoding.UTF32.GetBytes(plainText);
+                StringBuilder output = new StringBuilder();
+                while (offset < input.Length)
+                {
+                    var length = input.Length - offset;
+                    if (length > blockSize)
+                        length = blockSize;
+                    var block = new byte[length];
+                    Array.Copy(input, offset, block, 0, length);
+                    var cipherText = rsa.Encrypt(block, RSAEncryptionPadding.OaepSHA1);
+                    Array.Reverse(cipherText);
+                    output.Append(Convert.ToBase64String(cipherText));
+                    offset += length;
+                }
+                return output.ToString();
+            }
+        }
+
+        private async Task<byte[]> ReadBytesAsync(int count)
+        {
+            int totalBytesRead = 0;
+            byte[] buffer = new byte[count];
+            while (totalBytesRead < count)
+            {
+                int bytesRead = await connectionStream.ReadAsync(buffer, totalBytesRead, count - totalBytesRead).ConfigureAwait(false);
+                if (bytesRead == 0)
+                    throw new Exception("Connection closed unexpectedly");
+                totalBytesRead += bytesRead;
+            }
+            return buffer;
+        }
+
+        private async Task<string> ReadMessageAsync()
+        {
+            byte[] buffer = await ReadBytesAsync(2).ConfigureAwait(false);
+            int size = buffer[0] * 256 + buffer[1];
+            return Encoding.ASCII.GetString(await ReadBytesAsync(size).ConfigureAwait(false));
+        }
+
+        public int ReceiveTimeout { get; set; }
+
+        public int SendTimeout { get; set; }
+
+        private byte[] Transform(ICryptoTransform transform, byte[] input)
+        {
+            using (var memoryStream = new MemoryStream())
+            using (var cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write))
+            {
+                cryptoStream.Write(input, 0, input.Length);
+                cryptoStream.FlushFinalBlock();
+                return memoryStream.ToArray();
+            }
+        }
+
+        private async Task WriteMessageAsync(MessageBuilder message)
+        {
+            byte[] data = message.GetBytes();
+            await connectionStream.WriteAsync(data, 0, data.Length).ConfigureAwait(false);
+        }
+    }
+}

MAXClient/ExtensionMethods.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace ExtensionMethods
+{
+    public static class ExtensionMethods
+    {
+        public static async Task WithCancellation(this Task task,
+            CancellationToken cancellationToken)
+        {
+            var completionSource = new TaskCompletionSource<bool>();
+            using (cancellationToken.Register(
+                s => ((TaskCompletionSource<bool>)s).TrySetResult(true),
+                completionSource))
+            {
+                if (task != await Task.WhenAny(task, completionSource.Task).ConfigureAwait(false))
+                    throw new OperationCanceledException(cancellationToken);
+            }
+        }
+    }
+}

MAXClient/MAXClient.csproj

@@ -0,0 +1,16 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp1.1</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="1.1.2" />
+    <PackageReference Include="System.Xml.XmlDocument" Version="4.3.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\MAXData\MAXModels.csproj" />
+  </ItemGroup>
+
+</Project>

MAXClient/MessageBuilder.cs

@@ -0,0 +1,34 @@
+using System;
+using System.Text;
+
+namespace MAX
+{
+    public class MessageBuilder
+    {
+        private StringBuilder builder;
+
+        public MessageBuilder()
+        {
+            builder = new StringBuilder(1024);
+            builder.Append("\0\0");
+        }
+
+        public MessageBuilder Append<T>(T value)
+        {
+            builder.Append(value);
+            return this;
+        }
+
+        public byte[] GetBytes()
+        {
+            int length = builder.Length - 2;
+            if (length <= 0)
+                throw new Exception("Message is too short");
+            else if (length > 65535)
+                throw new Exception("Message is too long");
+            builder[0] = (char)(length / 256);
+            builder[1] = (char)(length % 256);
+            return Encoding.ASCII.GetBytes(builder.ToString());
+        }
+    }
+}

MAXData/MAXModels.csproj

@@ -0,0 +1,11 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp1.1</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="1.1.2" />
+  </ItemGroup>
+
+</Project>

MAXData/Models/Account.cs

@@ -0,0 +1,37 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace MAX.Models
+{
+    public class Account
+    {
+        public enum AccountStatus
+        {
+            Unknown,
+            Enabled,
+            Suspended,
+            Closed
+        }
+
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [MaxLength(50)]
+        public string Name { get; set; }
+
+        public AccountStatus Status { get; set; }
+
+        [MaxLength(50)]
+        public string Reference { get; set; }
+
+        public decimal Balance { get; set; }
+
+        public int WarehouseId { get; set; }
+        public Warehouse Warehouse { get; set; }
+
+        public ICollection<User> Users { get; set; }
+
+        public ICollection<Vendor> Vendors { get; set; }
+    }
+}

MAXData/Models/MAXDbContext.cs

@@ -0,0 +1,14 @@
+using Microsoft.EntityFrameworkCore;
+
+namespace MAX.Models
+{
+    public class MAXDbContext : DbContext
+    {
+        public MAXDbContext(DbContextOptions<MAXDbContext> options) : base(options) { }
+
+        public DbSet<Account> Accounts { get; set;  }
+        public DbSet<User> Users { get; set; }
+        public DbSet<Vendor> Vendors { get; set; }
+        public DbSet<Warehouse> Warehouses { get; set;  }
+    }
+}

MAXData/Models/User.cs

@@ -0,0 +1,55 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace MAX.Models
+{
+    public class User
+    {
+        public enum UserLevel
+        {
+            Unknown = 0,
+            Administrator = 4,
+            CustomUser = 6
+        }
+
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [MaxLength(50)]
+        public string Username { get; set; }
+
+        [MaxLength(50)]
+        public string FirstName { get; set; }
+
+        [MaxLength(50)]
+        public string Surname { get; set; }
+
+        public int AccountId { get; set; }
+        public Account Account { get; set; }
+
+        public bool Enabled { get; set; }
+
+        public UserLevel Level { get; set; }
+
+        public int System { get; set; }
+
+        public DateTime LastLogin { get; set; }
+
+        public bool CanPrintOnline { get; set; }
+
+        public decimal OnlinePrintValue { get; set; }
+
+        public bool CanReprintOnline { get; set; }
+
+        public decimal OnlineReprintValue { get; set; }
+
+        public bool CanPrintOffline { get; set; }
+
+        public decimal OfflinePrintValue { get; set; }
+
+        public bool CanReprintOffline { get; set; }
+
+        public decimal OfflineReprintValue { get; set; }
+    }
+}

MAXData/Models/Vendor.cs

@@ -0,0 +1,17 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace MAX.Models
+{
+    public class Vendor
+    {
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [MaxLength(50)]
+        public string SerialNumber { get; set; }
+
+        public int AccountId { get; set; }
+        public Account Account { get; set; }
+    }
+}

MAXData/Models/Warehouse.cs

@@ -0,0 +1,17 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace MAX.Models
+{
+    public class Warehouse
+    {
+        [DatabaseGenerated(DatabaseGeneratedOption.None)]
+        public int Id { get; set; }
+
+        [MaxLength(50)]
+        public string Name { get; set; }
+
+        public ICollection<Account> Accounts { get; set; }
+    }
+}