Beispiel #1
0
 private void ShowCreateDownParty(PartyTypes type, OAuthSubPartyTypes?oauthSubPartyType = null)
 {
     if (type == PartyTypes.Oidc)
     {
         var oidcDownParty = new GeneralOidcDownPartyViewModel();
         oidcDownParty.CreateMode = true;
         oidcDownParty.Edit       = true;
         downParties.Add(oidcDownParty);
     }
     else if (type == PartyTypes.OAuth2)
     {
         var oauthDownParty = new GeneralOAuthDownPartyViewModel();
         if (!oauthSubPartyType.HasValue)
         {
             throw new ArgumentNullException(nameof(oauthSubPartyType), "Required for OAuth 2.0 down parties.");
         }
         oauthDownParty.SubPartyType = oauthSubPartyType.Value;
         oauthDownParty.CreateMode   = true;
         oauthDownParty.Edit         = true;
         downParties.Add(oauthDownParty);
     }
     else if (type == PartyTypes.Saml2)
     {
         var samlDownParty = new GeneralSamlDownPartyViewModel();
         samlDownParty.CreateMode = true;
         samlDownParty.Edit       = true;
         downParties.Add(samlDownParty);
     }
 }
Beispiel #2
0
        private SamlDownPartyViewModel ToViewModel(GeneralSamlDownPartyViewModel generalSamlDownParty, SamlDownParty samlDownParty)
        {
            return(samlDownParty.Map <SamlDownPartyViewModel>(afterMap =>
            {
                generalSamlDownParty.KeyInfoList.Clear();
                if (afterMap.Keys?.Count() > 0)
                {
                    foreach (var key in afterMap.Keys)
                    {
                        generalSamlDownParty.KeyInfoList.Add(new KeyInfoViewModel
                        {
                            Subject = key.CertificateInfo.Subject,
                            ValidFrom = key.CertificateInfo.ValidFrom,
                            ValidTo = key.CertificateInfo.ValidTo,
                            Thumbprint = key.CertificateInfo.Thumbprint,
                            Key = key
                        });
                    }
                }

                if (afterMap.ClaimTransforms?.Count > 0)
                {
                    afterMap.ClaimTransforms = afterMap.ClaimTransforms.MapClaimTransforms();
                }
            }));
        }
Beispiel #3
0
 private void RemoveSamlDownPartyCertificate(GeneralSamlDownPartyViewModel generalSamlDownParty, KeyInfoViewModel keyInfo)
 {
     generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
     if (generalSamlDownParty.Form.Model.Keys.Remove(keyInfo.Key))
     {
         generalSamlDownParty.KeyInfoList.Remove(keyInfo);
     }
 }
Beispiel #4
0
        private async Task OnEditSamlDownPartyValidSubmitAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, EditContext editContext)
        {
            try
            {
                if (generalSamlDownParty.Form.Model.ClaimTransforms?.Count() > 0)
                {
                    foreach (var claimTransform in generalSamlDownParty.Form.Model.ClaimTransforms)
                    {
                        if (claimTransform is SamlClaimTransformClaimInViewModel claimTransformClaimIn && !claimTransformClaimIn.ClaimIn.IsNullOrWhiteSpace())
                        {
                            claimTransform.ClaimsIn = new List <string> {
                                claimTransformClaimIn.ClaimIn
                            };
                        }
                    }
                }

                var samlDownParty = generalSamlDownParty.Form.Model.Map <SamlDownParty>(afterMap =>
                {
                    if (afterMap.ClaimTransforms?.Count() > 0)
                    {
                        int order = 1;
                        foreach (var claimTransform in afterMap.ClaimTransforms)
                        {
                            claimTransform.Order = order++;
                        }
                    }
                });

                if (generalSamlDownParty.CreateMode)
                {
                    var samlDownPartyResult = await DownPartyService.CreateSamlDownPartyAsync(samlDownParty);

                    generalSamlDownParty.Form.UpdateModel(ToViewModel(generalSamlDownParty, samlDownPartyResult));
                    generalSamlDownParty.CreateMode = false;
                    toastService.ShowSuccess("SAML 2.0 Down-party created.", "SUCCESS");
                }
                else
                {
                    var samlDownPartyResult = await DownPartyService.UpdateSamlDownPartyAsync(samlDownParty);

                    generalSamlDownParty.Form.UpdateModel(ToViewModel(generalSamlDownParty, samlDownPartyResult));
                    toastService.ShowSuccess("SAML 2.0 Down-party updated.", "SUCCESS");
                }
                generalSamlDownParty.Name = generalSamlDownParty.Form.Model.Name;
            }
            catch (FoxIDsApiException ex)
            {
                if (ex.StatusCode == System.Net.HttpStatusCode.Conflict)
                {
                    generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Name), ex.Message);
                }
                else
                {
                    throw;
                }
            }
        }
Beispiel #5
0
 private void SamlDownPartyViewModelAfterInit(GeneralSamlDownPartyViewModel samlDownParty, SamlDownPartyViewModel model)
 {
     if (samlDownParty.CreateMode)
     {
         model.Claims = new List <string> {
             ClaimTypes.Email, ClaimTypes.Name, ClaimTypes.GivenName, ClaimTypes.Surname
         };
     }
 }
Beispiel #6
0
        private async Task OnSamlDownPartyCertificateFileSelectedAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, IFileListEntry[] files)
        {
            if (generalSamlDownParty.Form.Model.Keys == null)
            {
                generalSamlDownParty.Form.Model.Keys = new List <JwtWithCertificateInfo>();
            }
            generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
            foreach (var file in files)
            {
                if (file.Size > GeneralSamlDownPartyViewModel.CertificateMaxFileSize)
                {
                    generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), $"That's too big. Max size: {GeneralSamlDownPartyViewModel.CertificateMaxFileSize} bytes.");
                    return;
                }

                generalSamlDownParty.CertificateFileStatus = "Loading...";

                using (var memoryStream = new MemoryStream())
                {
                    await file.Data.CopyToAsync(memoryStream);

                    try
                    {
                        var base64UrlEncodeCertificate = WebEncoders.Base64UrlEncode(memoryStream.ToArray());
                        var jwtWithCertificateInfo     = await HelpersService.ReadCertificateAsync(new CertificateAndPassword { EncodeCertificate = base64UrlEncodeCertificate });

                        if (generalSamlDownParty.Form.Model.Keys.Any(k => k.X5t.Equals(jwtWithCertificateInfo.X5t, StringComparison.OrdinalIgnoreCase)))
                        {
                            generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), "Signature validation keys (certificates) has duplicates.");
                            return;
                        }

                        generalSamlDownParty.KeyInfoList.Add(new KeyInfoViewModel
                        {
                            Subject    = jwtWithCertificateInfo.CertificateInfo.Subject,
                            ValidFrom  = jwtWithCertificateInfo.CertificateInfo.ValidFrom,
                            ValidTo    = jwtWithCertificateInfo.CertificateInfo.ValidTo,
                            Thumbprint = jwtWithCertificateInfo.CertificateInfo.Thumbprint,
                            Key        = jwtWithCertificateInfo
                        });
                        generalSamlDownParty.Form.Model.Keys.Add(jwtWithCertificateInfo);
                    }
                    catch (Exception ex)
                    {
                        generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), ex.Message);
                    }
                }

                generalSamlDownParty.CertificateFileStatus = GeneralSamlDownPartyViewModel.DefaultCertificateFileStatus;
            }
        }
Beispiel #7
0
        private async Task OnSamlDownPartyCertificateFileSelectedAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, IFileListEntry[] files)
        {
            if (generalSamlDownParty.Form.Model.Keys == null)
            {
                generalSamlDownParty.Form.Model.Keys = new List <JsonWebKey>();
            }
            generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
            foreach (var file in files)
            {
                if (file.Size > GeneralSamlDownPartyViewModel.CertificateMaxFileSize)
                {
                    generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), $"That's too big. Max size: {GeneralSamlDownPartyViewModel.CertificateMaxFileSize} bytes.");
                    return;
                }

                generalSamlDownParty.CertificateFileStatus = "Loading...";

                using (var memoryStream = new MemoryStream())
                {
                    await file.Data.CopyToAsync(memoryStream);

                    try
                    {
                        var certificate = new X509Certificate2(memoryStream.ToArray());
                        var jwk         = await certificate.ToFTJsonWebKeyAsync();

                        if (generalSamlDownParty.Form.Model.Keys.Any(k => k.X5t.Equals(jwk.X5t, StringComparison.OrdinalIgnoreCase)))
                        {
                            generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), "Signature validation keys (certificates) has duplicates.");
                            return;
                        }

                        generalSamlDownParty.CertificateInfoList.Add(new CertificateInfoViewModel
                        {
                            Subject    = certificate.Subject,
                            ValidFrom  = certificate.NotBefore,
                            ValidTo    = certificate.NotAfter,
                            Thumbprint = certificate.Thumbprint,
                            Key        = jwk
                        });
                        generalSamlDownParty.Form.Model.Keys.Add(jwk);
                    }
                    catch (Exception ex)
                    {
                        generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), ex.Message);
                    }
                }

                generalSamlDownParty.CertificateFileStatus = GeneralSamlDownPartyViewModel.DefaultCertificateFileStatus;
            }
        }
Beispiel #8
0
        private async Task DeleteSamlDownPartyAsync(GeneralSamlDownPartyViewModel generalSamlDownParty)
        {
            try
            {
                await DownPartyService.DeleteSamlDownPartyAsync(generalSamlDownParty.Name);

                DownParties.Remove(generalSamlDownParty);
                await OnStateHasChanged.InvokeAsync(DownParty);
            }
            catch (TokenUnavailableException)
            {
                await(OpenidConnectPkce as TenantOpenidConnectPkce).TenantLoginAsync();
            }
            catch (Exception ex)
            {
                generalSamlDownParty.Form.SetError(ex.Message);
            }
        }
Beispiel #9
0
        public void ShowSamlTab(GeneralSamlDownPartyViewModel downParty, SamlTabTypes samlTabTypes)
        {
            switch (samlTabTypes)
            {
            case SamlTabTypes.Saml:
                downParty.ShowSamlTab           = true;
                downParty.ShowClaimTransformTab = false;
                break;

            case SamlTabTypes.ClaimsTransform:
                downParty.ShowSamlTab           = false;
                downParty.ShowClaimTransformTab = true;
                break;

            default:
                throw new NotSupportedException();
            }
        }
Beispiel #10
0
 private void ShowCreateDownParty(PartyTypes type)
 {
     if (type == PartyTypes.Oidc)
     {
         var oidcDownParty = new GeneralOidcDownPartyViewModel();
         oidcDownParty.CreateMode = true;
         oidcDownParty.Edit       = true;
         downParties.Add(oidcDownParty);
     }
     else if (type == PartyTypes.OAuth2)
     {
         var oauthDownParty = new GeneralOAuthDownPartyViewModel();
         oauthDownParty.CreateMode = true;
         oauthDownParty.Edit       = true;
         downParties.Add(oauthDownParty);
     }
     else if (type == PartyTypes.Saml2)
     {
         var samlDownParty = new GeneralSamlDownPartyViewModel();
         samlDownParty.CreateMode = true;
         samlDownParty.Edit       = true;
         downParties.Add(samlDownParty);
     }
 }
Beispiel #11
0
        private async Task OnEditSamlDownPartyValidSubmitAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, EditContext editContext)
        {
            try
            {
                if (generalSamlDownParty.Form.Model.ClaimTransforms?.Count() > 0)
                {
                    foreach (var claimTransform in generalSamlDownParty.Form.Model.ClaimTransforms)
                    {
                        if (claimTransform is SamlClaimTransformClaimInViewModel claimTransformClaimIn && !claimTransformClaimIn.ClaimIn.IsNullOrWhiteSpace())
                        {
                            claimTransform.ClaimsIn = new List <string> {
                                claimTransformClaimIn.ClaimIn
                            };
                        }
                    }
                }

                var samlDownParty = generalSamlDownParty.Form.Model.Map <SamlDownParty>(afterMap =>
                {
                    afterMap.AuthnBinding = new SamlBinding {
                        RequestBinding = generalSamlDownParty.Form.Model.AuthnRequestBinding, ResponseBinding = generalSamlDownParty.Form.Model.AuthnResponseBinding
                    };
                    if (!afterMap.LoggedOutUrl.IsNullOrEmpty())
                    {
                        afterMap.LogoutBinding = new SamlBinding {
                            RequestBinding = generalSamlDownParty.Form.Model.LogoutRequestBinding, ResponseBinding = generalSamlDownParty.Form.Model.LogoutResponseBinding
                        };
                    }
                    if (afterMap.ClaimTransforms?.Count() > 0)
                    {
                        int order = 1;
                        foreach (var claimTransform in afterMap.ClaimTransforms)
                        {
                            claimTransform.Order = order++;
                        }
                    }
                });

                if (generalSamlDownParty.CreateMode)
                {
                    await DownPartyService.CreateSamlDownPartyAsync(samlDownParty);
                }
                else
                {
                    await DownPartyService.UpdateSamlDownPartyAsync(samlDownParty);
                }
                generalSamlDownParty.Name = generalSamlDownParty.Form.Model.Name;
                generalSamlDownParty.Edit = false;
                await OnStateHasChanged.InvokeAsync(DownParty);
            }
            catch (FoxIDsApiException ex)
            {
                if (ex.StatusCode == System.Net.HttpStatusCode.Conflict)
                {
                    generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Name), ex.Message);
                }
                else
                {
                    throw;
                }
            }
        }