public async Task DynamoRoleStore_Update_UpdatesRole()
{
var roleName = TestUtils.RandomString(10);
var role = new DynamoIdentityRole(roleName);
using (var dbProvider = DynamoDbServerTestUtils.CreateDatabase())
{
var roleStore = new DynamoRoleStore <DynamoIdentityRole>();
await roleStore.EnsureInitializedAsync(dbProvider.Client, dbProvider.Context);
await roleStore.CreateAsync(role, CancellationToken.None);
role.AddClaim(new Claim("test", "test"));
// ACT
await roleStore.UpdateAsync(role, CancellationToken.None);
// ASSERT
var result = await roleStore.FindByIdAsync(role.Id, CancellationToken.None);
Assert.Equal(role.Id, result.Id);
Assert.Contains("test", result.ClaimTypes);
Assert.Contains("test", result.ClaimValues);
}
}
public async Task DynamoRoleStore_Delete_DeletesRole()
{
var roleName = TestUtils.RandomString(10);
var role = new DynamoIdentityRole(roleName);
using (var dbProvider = DynamoDbServerTestUtils.CreateDatabase())
{
var roleStore = new DynamoRoleStore <DynamoIdentityRole>();
await roleStore.EnsureInitializedAsync(dbProvider.Client, dbProvider.Context);
await roleStore.CreateAsync(role, CancellationToken.None);
await Task.Delay(2000);
role = await roleStore.FindByIdAsync(role.Id, CancellationToken.None);
// ACT
await roleStore.DeleteAsync(role, CancellationToken.None);
// ASSERT
var result = await roleStore.FindByIdAsync(role.Id, CancellationToken.None);
Assert.Null(result);
}
}
public async Task DynamoRoleStore_FindByName_FindsRole()
{
var roleName = TestUtils.RandomString(10);
var role = new DynamoIdentityRole(roleName);
Assert.Equal(roleName.ToUpper(), role.NormalizedName);
using (var dbProvider = DynamoDbServerTestUtils.CreateDatabase())
{
var roleStore = new DynamoRoleStore <DynamoIdentityRole>();
await roleStore.EnsureInitializedAsync(dbProvider.Client, dbProvider.Context);
await roleStore.CreateAsync(role, CancellationToken.None);
// ACT
var result = await roleStore.FindByNameAsync(roleName.ToUpper(), CancellationToken.None);
// ASSERT
Assert.NotNull(result);
Assert.Equal(roleName, result.Name);
Assert.Equal(role.Id, result.Id);
}
}
static void Main(string[] args)
{
/*
* This cli is only for bootstrapping the DB with
* an admin user.
* For all other cases, use the admin features in the
* auth service.
*
* # use cases:
* 2. Grant role to user
* 3. Remove role from user
* 4. Create admin role
*/
var loggerFactory = new LoggerFactory();
loggerFactory
.AddConsole()
.AddDebug();
var keyNormalizer = new UpperInvariantLookupNormalizer();
var roleUsersStore = new DynamoRoleUsersStore <DynamoIdentityRole, DynamoIdentityUser>();
var userStore = new DynamoUserStore <DynamoIdentityUser, DynamoIdentityRole>(roleUsersStore);
var roleStore = new DynamoRoleStore <DynamoIdentityRole>();
var app = new CommandLineApplication();
app.HelpOption("-? | -h | --help");
var dbUrl = app.Option("-d|--dynamodb", "DynamoDB endpoint", CommandOptionType.SingleValue);
var region = app.Option("-R|--region", "AWS Region", CommandOptionType.SingleValue);
var tableNamePrefix = app.Option("-p|--prefix", "Table Name Prefix", CommandOptionType.SingleValue);
app.Command("role", roleCommand =>
{
roleCommand.HelpOption("-? | -h | --help");
var roleName = roleCommand.Option("-r|--role <role>", "role name", CommandOptionType.SingleValue);
roleCommand.Command("add", addRole =>
{
addRole.HelpOption("-? | -h | --help");
addRole.OnExecute(() =>
{
Program program = new Program(
loggerFactory,
userStore,
roleStore,
roleUsersStore,
keyNormalizer,
dbUrl.Value(),
region.Value(),
tableNamePrefix.Value());
program.CreateRole(roleName.Value()).Wait();
return(0);
});
});
roleCommand.Command("remove", removeRole =>
{
removeRole.HelpOption("-? | -h | --help");
removeRole.OnExecute(() =>
{
Program program = new Program(
loggerFactory,
userStore,
roleStore,
roleUsersStore,
keyNormalizer,
dbUrl.Value(),
region.Value(),
tableNamePrefix.Value());
program.RemoveRole(roleName.Value()).Wait();
return(0);
});
});
});
app.Command("claim", claimCommand =>
{
claimCommand.HelpOption("-? | -h | --help");
var roleName = claimCommand.Option("-r|--role <role>", "role name", CommandOptionType.SingleValue);
var claimType = claimCommand.Option("-t|--claim-type <type>", "claim type", CommandOptionType.SingleValue);
var claimValue = claimCommand.Option("-v|--claim-value <value>", "claim value", CommandOptionType.SingleValue);
claimCommand.Command("get", getClaims =>
{
getClaims.HelpOption("-? | -h | --help");
getClaims.OnExecute(() =>
{
Program program = new Program(
loggerFactory,
userStore,
roleStore,
roleUsersStore,
keyNormalizer,
dbUrl.Value(),
region.Value(),
tableNamePrefix.Value());
var claims = program.GetClaims(roleName.Value()).Result;
Console.WriteLine(JsonConvert.SerializeObject(claims, Formatting.Indented));
return(0);
});
});
claimCommand.Command("add", addClaim =>
{
addClaim.HelpOption("-? | -h | --help");
addClaim.OnExecute(() =>
{
Program program = new Program(
loggerFactory,
userStore,
roleStore,
roleUsersStore,
keyNormalizer,
dbUrl.Value(),
region.Value(),
tableNamePrefix.Value());
var claim = new Claim(claimType.Value(), claimValue.Value());
program.AddClaim(roleName.Value(), claim).Wait();
return(0);
});
});
claimCommand.Command("remove", removeClaim =>
{
removeClaim.HelpOption("-? | -h | --help");
removeClaim.OnExecute(() =>
{
Program program = new Program(
loggerFactory,
userStore,
roleStore,
roleUsersStore,
keyNormalizer,
dbUrl.Value(),
region.Value(),
tableNamePrefix.Value());
var claim = new Claim(claimType.Value(), claimValue.Value());
program.RemoveClaim(roleName.Value(), claim).Wait();
return(0);
});
});
});
app.Execute(args);
}
public Program(ILoggerFactory loggerFactory,
DynamoUserStore <DynamoIdentityUser, DynamoIdentityRole> userStore,
DynamoRoleStore <DynamoIdentityRole> roleStore,
DynamoRoleUsersStore <DynamoIdentityRole, DynamoIdentityUser> roleUsersStore,
ILookupNormalizer keyNormalizer,
string dbUrl,
string regionName,
string tableNamePrefix)
{
this.logger = loggerFactory.CreateLogger <Program>();
this.userStore = userStore;
this.roleStore = roleStore;
this.roleUsersStore = roleUsersStore;
this.keyNormalizer = keyNormalizer;
var dbConfig = new AmazonDynamoDBConfig
{
ServiceURL = dbUrl
};
if (regionName != null)
{
var region = RegionEndpoint.GetBySystemName(regionName);
dbConfig.RegionEndpoint = region;
}
var client = new AmazonDynamoDBClient(dbConfig);
var contextConfig = new DynamoDBContextConfig
{
TableNamePrefix = tableNamePrefix
};
var context = new DynamoDBContext(client, contextConfig);
var prefix = tableNamePrefix ?? "";
roleUsersTableName = $"{prefix}roleUsers";
usersTableName = $"{prefix}users";
rolesTableName = $"{prefix}roles";
var tables = client.ListTablesAsync().Result;
if (!tables.TableNames.Contains(usersTableName))
{
throw new Exception($"can't find table {usersTableName}");
}
if (!tables.TableNames.Contains(rolesTableName))
{
throw new Exception($"can't find table {rolesTableName}");
}
if (!tables.TableNames.Contains(roleUsersTableName))
{
throw new Exception($"can't find table {roleUsersTableName}");
}
roleUsersStore.EnsureInitializedAsync(client, context, roleUsersTableName).Wait();
userStore.EnsureInitializedAsync(client, context, usersTableName).Wait();
roleStore.EnsureInitializedAsync(client, context, rolesTableName).Wait();
}
