/// <summary>
/// Removes Roles from a user.
/// </summary>
/// <param name="id">The ID of the user to remove roles from.</param>
/// <param name="request">A <see cref="AssignRolesRequest" /> containing the role IDs to remove to the user.</param>
/// <returns>A <see cref="Task"/> that represents the asynchronous remove operation.</returns>
public Task RemoveRolesAsync(string id, AssignRolesRequest request)
{
return(Connection.DeleteAsync <object>("users/{id}/roles", request, new Dictionary <string, string>
{
{ "id", id },
}, null
));
}
/// <summary>
/// Assigns Roles to a user.
/// </summary>
/// <param name="id">The ID of the user to assign roles to.</param>
/// <param name="request">A <see cref="AssignRolesRequest" /> containing the role IDs to assign to the user.</param>
/// <returns>A <see cref="Task"/> that represents the asynchronous assign operation.</returns>
public Task AssignRolesAsync(string id, AssignRolesRequest request)
{
return(Connection.PostAsync <AssignRolesRequest>("users/{id}/roles", request, null, null,
new Dictionary <string, string>
{
{ "id", id },
}, null, null));
}
public async Task Test_roles_assign_role_to_user()
{
// Add a new role
var newRoleRequest = new RoleCreateRequest
{
Name = $"{Guid.NewGuid():N}role",
Description = $"{Guid.NewGuid():N}description",
};
var role = await _apiClient.Roles.CreateAsync(newRoleRequest);
role.Should().NotBeNull();
role.Name.Should().Be(newRoleRequest.Name);
role.Description.Should().Be(newRoleRequest.Description);
// Create a user
var newUserRequest = new UserCreateRequest
{
Connection = _connection.Name,
Email = $"{Guid.NewGuid():N}@nonexistingdomain.aaa",
EmailVerified = true,
Password = Password
};
var user = await _apiClient.Users.CreateAsync(newUserRequest);
// Assign a user to the role
var assignRolesRequest = new AssignRolesRequest()
{
Roles = new[]
{
role.Id
}
};
await _apiClient.Users.AssignRolesAsync(user.UserId, assignRolesRequest);
// Ensure the Role is assigned to user
var assignedRoles = await _apiClient.Users.GetRolesAsync(user.UserId, new PaginationInfo());
assignedRoles.Should().NotBeNull();
assignedRoles.Should().HaveCount(1);
assignedRoles.First().Id.Should().Be(role.Id);
// Remove role from user
await _apiClient.Users.RemoveRolesAsync(user.UserId, assignRolesRequest);
// Ensure the Role has been removed from user
var removedRoles = await _apiClient.Users.GetRolesAsync(user.UserId, new PaginationInfo());
removedRoles.Should().NotBeNull();
removedRoles.Should().HaveCount(0);
// Clean Up
await _apiClient.Roles.DeleteAsync(role.Id);
await _apiClient.Users.DeleteAsync(user.UserId);
}
public async Task CreateAsync(Domain.User.User internalUser, CancellationToken cancellationToken = default)
{
var client = await _auth0ManagementApiClientCreator.GetClient(cancellationToken);
User user = null;
try
{
user = await client.Users.GetAsync(string.Concat("auth0|", internalUser.Id.ToString()), cancellationToken : cancellationToken);
// we're likely in a retry for an exception that occured after the user was successfully created in auth0.
}
catch (ErrorApiException ex) when(ex.ApiError?.ErrorCode == "inexistent_user")
{
}
if (user == null)
{
var userCreateRequest = new UserCreateRequest
{
Connection = _environmentSettings.Auth0.Connection,
UserId = internalUser.Id.ToString(),
Email = internalUser.Email,
EmailVerified = false,
Password = string.Concat(internalUser.Id.ToString(), "@", new Random().Next(9999)),
FirstName = internalUser.GivenName,
LastName = $"{internalUser.MiddleName} {internalUser.FamilyName}".Trim(),
VerifyEmail = false
};
user = await client.Users.CreateAsync(userCreateRequest, cancellationToken);
}
var roles = _environmentSettings.Auth0.Auth0RoleMappings
.Where(mapping => internalUser.UserRoles.Any(userRole => userRole.RoleId == mapping.InternalRoleId))
.Select(x => x.Auth0RoleId)
.ToArray();
var assignRolesRequest = new AssignRolesRequest
{
Roles = roles
};
await client.Users.AssignRolesAsync(user.UserId, assignRolesRequest, cancellationToken);
}
public async Task RemoveUserFromRoles(UserRole objUserRole, Auth0ConfigModel objAuth0Config)
{
MethodCollection methodCollection = new MethodCollection();
string token = await methodCollection.GetAccessToken(objAuth0Config);
var managementApiClient = new ManagementApiClient(token, objAuth0Config.Domain);
GetRolesRequest getRolesRequest = new GetRolesRequest {
NameFilter = objUserRole.RoleNames[0]
};
IPagedList <Role> roles = await managementApiClient.Roles.GetAllAsync(getRolesRequest);
List <string> rolesList = new List <string>
{
roles[0].Id
};
AssignRolesRequest objAssignRoleRequest = new AssignRolesRequest {
Roles = rolesList.ToArray()
};
await managementApiClient.Users.RemoveRolesAsync(objUserRole.UserId, objAssignRoleRequest);
}
public async Task SyncRolesToAuth0Async(Domain.User.User internalUser, CancellationToken cancellationToken = default)
{
var client = await _auth0ManagementApiClientCreator.GetClient(cancellationToken);
var roleIdsAssignedToUser = _environmentSettings.Auth0.Auth0RoleMappings
.Where(x => internalUser.UserRoles.Any(y => y.RoleId == x.InternalRoleId))
.Select(x => x.Auth0RoleId);
var roleIdsAssignedToUserInAuth0 = (await client.Users.GetRolesAsync(internalUser.Id.ToString(), null, cancellationToken))
.Select(x => x.Id);
var rolesToAdd = roleIdsAssignedToUser
.Where(internalRoleId => !roleIdsAssignedToUserInAuth0.Any(auth0RoleId => auth0RoleId == internalRoleId))
.ToArray();
if (rolesToAdd.Length > 0)
{
var assignRolesRequest = new AssignRolesRequest
{
Roles = rolesToAdd
};
await client.Users.AssignRolesAsync(internalUser.Id.ToString(), assignRolesRequest, cancellationToken);
}
var rolesToRemove = roleIdsAssignedToUserInAuth0
.Where(auth0RoleId => !roleIdsAssignedToUser.Any(internalRoleId => internalRoleId == auth0RoleId))
.ToArray();
if (rolesToRemove.Length > 0)
{
var removeRolesRequest = new AssignRolesRequest
{
Roles = rolesToRemove
};
await client.Users.RemoveRolesAsync(internalUser.Id.ToString(), removeRolesRequest, cancellationToken);
}
}
/// <summary>
/// Assigns Roles to a user.
/// </summary>
/// <param name="id">The ID of the user to assign roles to.</param>
/// <param name="request">A <see cref="AssignRolesRequest" /> containing the role IDs to assign to the user.</param>
/// <returns>A <see cref="Task"/> that represents the asynchronous assign operation.</returns>
public Task AssignRolesAsync(string id, AssignRolesRequest request)
{
return(Connection.SendAsync <AssignRolesRequest>(HttpMethod.Post, BuildUri($"users/{EncodePath(id)}/roles"), request, DefaultHeaders));
}
/// <summary>
/// Removes Roles from a user.
/// </summary>
/// <param name="id">The ID of the user to remove roles from.</param>
/// <param name="request">A <see cref="AssignRolesRequest" /> containing the role IDs to remove to the user.</param>
/// <returns>A <see cref="Task"/> that represents the asynchronous remove operation.</returns>
public Task RemoveRolesAsync(string id, AssignRolesRequest request)
{
return(Connection.SendAsync <object>(HttpMethod.Delete, BuildUri($"users/{id}/roles"), request, DefaultHeaders));
}
