This is the third post in the series if you have not read the other post please consider to do so.

In this post we will be building the foundation for our master service, and we will be creating a web service to create a token for our two factor authentication,
all the code in this post will be written in C# so you will need Visual Studio to follow these examples, and as always then all my code can be found on her on GIT HUB

First thing we have to do is create a new project in Visual Studio, I have called my project MasterDataService, when creating a new project in Visual Studio, there are a lot
of project types to choose from, but the one we need is called ASP.NET Web Application:

And then choose Blank with Web API:

This will create a new project which is ready to publish a web service, if you run this project it will automatically setup a IIS and show you a web site that is ready to handle your queries.
Now let us add some functionality to our web service, the first thing we have to do is add a reference to our NAV web service, to find our SOAP link you can go to your NAV and search for web services and here you should find our TwoFactor web service, now copy the SOAP link:

 With the SOAP url in your clip board go back to your Visual Studio, and right click on the folder called service reference and click Add service reference:

this will open a window where you have to click Advance, then Add Web Reference, then insert the NAV SOAP link, give your service a name and click add:

This will generate a proxy class for communication with our NAV web service, now with the setup out of the way, let us get started. The first thing we have to do is create a new class called TwoFactor in your model folder, which will look like this:

public class TwoFactor
{
public string UserName { get; set; }
public string LoginToken { get; set; }
public string SecretToken { get; set; }
}

The next thing is to create a new controller this is done by right clicking Controller -> Add-> Controller:

And then choose Web API 2 Controller – Empty

And call the controller TwoFactorController, and add the following method:

public class TwoFactorController : ApiController
{
  public IHttpActionResult GetToken(string token)
  {
    TwoFactorService.TwoFactor_Service service = new TwoFactorService.TwoFactor_Service();
    service.Url = @"http://localhost:7047/DynamicsNAV110/WS/CRONUS%20Danmark%20A%2FS/Page/TwoFactor";
    NetworkCredential networkCredential = new NetworkCredential(@"UserName", "password");
    //service.UseDefaultCredentials = true;
    service.Credentials = networkCredential;
    List<TwoFactorService.TwoFactor_Filter> filterArray = new List<TwoFactorService.TwoFactor_Filter>();
    TwoFactorService.TwoFactor_Filter tokenFilter = new TwoFactorService.TwoFactor_Filter();
    tokenFilter.Field = TwoFactorService.TwoFactor_Fields.Secret_Token;
    tokenFilter.Criteria = token;
    filterArray.Add(tokenFilter);

   TwoFactorService.TwoFactor[] list = service.ReadMultiple(filterArray.ToArray(), null, 1);
   if (list.Count() == 0)
   {
     return NotFound();
   }
   TwoFactor twoFactor = new TwoFactor();
   Random random = new Random();
   int tempToken = random.Next(10000,88888) + DateTime.Now.Second;
   string secretToken = tempToken.ToString();
   list[0].Login_Token = secretToken;
   service.Update(ref list[0]);
   twoFactor.UserName = list[0].User_ID;
   twoFactor.SecretToken = list[0].Secret_Token;
   twoFactor.LoginToken = list[0].Login_Token;
   return Ok(JsonConvert.SerializeObject(twoFactor));
  }
}

One thing to note here is that the name and type of our metode IHttpActionResult is a special type used for
web requests, GetToken(string token) is the name that you must use to call the method and it takes a parameter
of type string, that will contain the Secret Token, which is used to find the correct record in NAV.

Let us break the code down:

TwoFactorService.TwoFactor_Service service = new TwoFactorService.TwoFactor_Service(); 
service.Url = @"http://localhost:7047/DynamicsNAV110/WS/CRONUS%20Danmark%20A%2FS/Page/TwoFactor"; 
NetworkCredential networkCredential = new NetworkCredential(@"UserName", "password"); 
service.Credentials = networkCredential;

This part sets up your connection to the NAV web service change the url to your own url, and in the
network credentials enter a valid NAV user to run your service. Best practice is to create a windows service account for your web service communication. The next part will create a filter to send to your NAV:

List<TwoFactorService.TwoFactor_Filter> filterArray = new List<TwoFactorService.TwoFactor_Filter>();
TwoFactorService.TwoFactor_Filter tokenFilter = new TwoFactorService.TwoFactor_Filter();
tokenFilter.Field = TwoFactorService.TwoFactor_Fields.Secret_Token;
tokenFilter.Criteria = token;
filterArray.Add(tokenFilter);
TwoFactorService.TwoFactor[] list = service.ReadMultiple(filterArray.ToArray(), null, 1); 
if (list.Count() == 0)
{
  return NotFound();
}

In the above code we set a filter on our NAV field Secret_Token based on what is passed to our web service. If we do not find
a users based on the passed token, it will return an error.

The next code handles what happens if we find a valid user based on the passed token:

TwoFactor twoFactor = new TwoFactor(); 
Random random = new Random(); 
int tempToken = random.Next(10000,88888) + DateTime.Now.Second; 
string secretToken = tempToken.ToString(); 
list[0].Login_Token = secretToken; 
service.Update(ref list[0]); 
twoFactor.UserName = list[0].User_ID; 
twoFactor.SecretToken = list[0].Secret_Token; 
twoFactor.LoginToken = list[0].Login_Token; 
return Ok(JsonConvert.SerializeObject(twoFactor));

What the code above does is create an random token and writes it back to NAV, where after it returns the token as JSON which we will
use in our mobile app in the next post. That is it, you are all set, now all you have to do is install your new Web App on an IIS and
you have a working Two Factor Authentication, to test it open a browser and navigate to you web service url and pass the secret token
from your 2 factor users in NAV, and it should result in something like this:

You can now use the LoginToken to login to your NAV, and if we look in your NAV you should see something like this:

And we are done for this post, the next post we will create the mobile app.

Leave a Reply