public static async Task <RemoteSite> AuthorizeApiAsync(string apiKey)
{
try
{
if (apiKey == null)
{
return(null);
}
RemoteSite site = null;
site = await SiteCache.GetSiteByApiKey(HttpRuntime.Cache, apiKey.ToString());
if (site == null)
{
return(null);
}
//we're authenticated
return(site);
}
catch (Exception ex)
{
throw new Exception("Error authorizing access", ex);
}
}
public static bool AuthAndAddClaims(RemoteSite site, ref IPrincipal principal)
{
try
{
string domainList = string.Join(",", site.SiteDomains.ToArray());
List <Claim> claims = new List <Claim>
{
new Claim(CustomClaimTypes.SiteId, site.Id),
new Claim(CustomClaimTypes.SiteDomain, domainList),
new Claim(CustomClaimTypes.OnPremDomainName, site.OnPremDomainName)
};
// create an identity with the valid claims.
ClaimsIdentity identity = new ClaimsIdentity(claims, CustomAuthTypes.Api);
// set the context principal.
principal = new ClaimsPrincipal(new[] { identity });
return(true);
}
catch (Exception ex)
{
Logging.WriteToAppLog("Auth Error", System.Diagnostics.EventLogEntryType.Error, ex);
return(false);
}
}
public RemoteSiteRes(RemoteSite site)
{
Site = site;
SiteTypes = Enum.GetValues(typeof(SiteTypes))
.Cast <SiteTypes>()
.ToDictionary(t => (int)t, t => t.ToString());
}
public static async Task <IEnumerable <RemoteSite> > AddSite(RemoteSite site)
{
site.ApiKey = Utils.GenApiKey();
var res = await DocDBRepo.DB <RemoteSite> .CreateItemAsync(site);
return(await GetAllSites());
}
private static string GetConfig(string filePath, RemoteSite site, string apiUrl)
{
var apiKey = site.ApiKey;
var file = new XmlDocument();
file.Load(filePath);
var key = file.SelectSingleNode("//add[@key='ApiKey']");
key.Attributes["value"].Value = apiKey;
key = file.SelectSingleNode("//add[@key='SiteUrl']");
key.Attributes["value"].Value = apiUrl;
if (site.SiteType == SiteTypes.MasterHQ)
{
key = file.SelectSingleNode("//add[@key='AADClientID']");
key.Attributes["value"].Value = Settings.ClientId;
key = file.SelectSingleNode("//add[@key='AADClientKey']");
key.Attributes["value"].Value = Settings.ClientSecret;
key = file.SelectSingleNode("//add[@key='AADTenantID']");
key.Attributes["value"].Value = Settings.TenantId;
}
return(file.OuterXml);
}
private static bool AuthAndAddClaims(RemoteSite site, ref IPrincipal principal, IRequest request)
{
try
{
string domainList = string.Join(",", site.SiteDomains.ToArray());
List <Claim> claims = new List <Claim>
{
new Claim(ClaimTypes.Name, site.Id),
new Claim(CustomClaimTypes.SiteId, site.Id),
new Claim(CustomClaimTypes.OnPremDomainName, site.OnPremDomainName),
new Claim(CustomClaimTypes.SiteDomain, domainList),
new Claim(CustomClaimTypes.IsHQ, (site.SiteType == SiteTypes.MasterHQ).ToString()),
new Claim(CustomClaimTypes.IsSTS, (site.ApiKey == Settings.STSApiKey).ToString())
};
ClaimsIdentity identity = new ClaimsIdentity(claims, CustomAuthTypes.Api);
principal = new ClaimsPrincipal(new[] { identity });
return(true);
}
catch (Exception ex)
{
Logging.WriteToAppLog("Auth Error", System.Diagnostics.EventLogEntryType.Error, ex);
return(false);
}
}
public override bool AuthorizeHubConnection(HubDescriptor hubDescriptor, IRequest request)
{
IPrincipal p = null;
try
{
var key = request.Headers.SingleOrDefault(h => h.Key == "apikey").Value;
if (key == Settings.STSApiKey)
{
//branch just for STS calls
if (!AuthAndAddClaims(new RemoteSite
{
ApiKey = key,
Id = key,
OnPremDomainName = "CustomSTS",
SiteType = SiteTypes.LocalADOnly
}, ref p, request))
{
return(false);
}
request.Environment["server.User"] = p;
request.GetHttpContext().User = p;
return(true);
}
RemoteSite site = null;
var task = Task.Run(async() =>
{
site = await SiteUtils.AuthorizeApiAsync(key);
});
task.Wait();
if (site == null)
{
return(false);
}
//we're authenticated
if (!AuthAndAddClaims(site, ref p, request))
{
return(false);
}
request.Environment["server.User"] = p;
request.GetHttpContext().User = p;
return(true);
}
catch (Exception ex)
{
throw new Exception("Error authorizing access", ex);
}
}
// GET: RemoteSite/Edit/5
public async Task <ActionResult> Edit(string id)
{
RemoteSite site;
if (id == null)
{
site = new RemoteSite();
}
else
{
site = await RemoteSiteUtil.GetSite(id);
}
return(View(site));
}
private static void RunConsole(RemoteSite siteConfig, string[] args)
{
if (ParseCommandLine(args))
{
relay.StartAsync().Wait();
timer.Start();
_isRunning = true;
while (_isRunning)
{
Console.TreatControlCAsInput = true;
Console.WriteLine("Press \"p\" to send a Ping test, Ctrl-C to end.");
var key = Console.ReadKey(true);
switch (key.Key)
{
case ConsoleKey.P:
WriteConsoleStatus("Sending ping...");
_pingTest = new PingEvent(DateTime.Now);
relay.Send(new RelayMessage
{
Operation = SiteOperation.Ping,
ApiKey = OrgApiCalls.ApiKey,
DestSiteId = siteConfig.Id
});
break;
case ConsoleKey.Escape:
case ConsoleKey.C:
if (key.Key == ConsoleKey.C && key.Modifiers != ConsoleModifiers.Control)
{
break;
}
Console.WriteLine("Stop the relay agent? (Y or N)");
if (Console.ReadKey().Key == ConsoleKey.Y)
{
WriteConsoleStatus("Received shutdown command.");
_isRunning = false;
}
break;
}
}
relay.Stop();
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
var key = actionContext.Request.Headers.SingleOrDefault(h => h.Key == "apikey").Value.FirstOrDefault();
RemoteSite site = null;
var task = Task.Run(async() => {
site = await SiteUtils.AuthorizeApiAsync(key);
});
task.Wait();
if (site == null)
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
if (_isAdmin && site.SiteType != SiteTypes.MasterHQ)
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
//we're authenticated
var p = actionContext.RequestContext.Principal;
if (!AuthAndAddClaims(site, ref p))
{
Unauthorized(ref actionContext);
base.OnAuthorization(actionContext);
return;
}
actionContext.RequestContext.Principal = p;
base.OnAuthorization(actionContext);
return;
}
catch (Exception ex)
{
throw new Exception("Error authorizing access", ex);
}
}
private static string GetJsonConfig(RemoteSite site, string apiUrl)
{
string apiKey = site.ApiKey;
var scriptUpdates = new Dictionary <string, string>
{
{ "ApiKey", apiKey },
{ "ApiSite", apiUrl }
};
if (site.SiteType == SiteTypes.MasterHQ)
{
//to enable GraphAPI calls for B2B invitations
scriptUpdates.Add("AADClientID", Settings.ClientId);
scriptUpdates.Add("AADClientKey", Settings.ClientSecret);
scriptUpdates.Add("AADTenantID", Settings.TenantId);
}
var config = JsonConvert.SerializeObject(scriptUpdates);
return(config);
}
private static void InitTimers(RemoteSite site)
{
//setup timers
var scripts = new List <ScriptObject>();
if (site.SiteType == SiteTypes.MasterHQ)
{
scripts.Add(new ScriptObject("sync-ad.ps1"));
scripts.Add(new ScriptObject("sync-b2b.ps1"));
}
else
{
scripts.Add(new ScriptObject("sync.ps1"));
}
ScriptTimer.ScriptFolderPath = _scriptFolderPath;
timer = new ScriptTimer(scripts.ToArray(), _timerIntervalMinutes);
timer.ErrorEvent += Timer_ErrorEvent;
timer.StatusUpdate += Timer_StatusUpdate;
}
private void CheckConfig()
{
_hasConfig = (txtApiKey.Text.Length > 0 && txtSiteUrl.Text.Length > 0);
if (_hasConfig)
{
OrgApiCalls.ApiKey = txtApiKey.Text;
OrgApiCalls.SiteUrl = txtSiteUrl.Text;
_siteConfig = OrgApiCalls.GetSiteConfig();
txtDomainName.Text = _siteConfig.OnPremDomainName;
txtSiteID.Text = _siteConfig.Id;
ADTools.ADDomainName = _siteConfig.OnPremDomainName;
txtSiteType.Text = _siteConfig.SiteType.ToString();
SaveConfig();
lstRemoteDomainList.Items.Clear();
lstRemoteDomainList.Items.AddRange(_siteConfig.SiteDomains.ToArray());
CheckDomainsToUpns();
}
else
{
MessageBox.Show("Please configure your API Key and Site URL before confirming your config.", "Need Config", MessageBoxButtons.OK, MessageBoxIcon.Stop);
return;
}
}
public static MemoryStream SetupZip(string dirPath, RemoteSite site, string apiUrl)
{
string apiKey = site.ApiKey;
var dirPath2 = Path.Combine(dirPath, _zipName);
var apiFilePath = Path.Combine(dirPath2, "api.config.txt");
var serviceConfigFilePath = Path.Combine(dirPath2, "ComplexOrgSiteAgent.exe.config");
var apiConfigFile = GetConfig(apiFilePath, site, apiUrl);
var serviceConfigFile = GetConfig(serviceConfigFilePath, site, apiUrl);
var jsonConfigFile = GetJsonConfig(site, apiUrl);
var scriptVersionFile = GetCurrSiteVersion(dirPath);
var scriptFolderName = site.SiteType.ToString();
var scriptFolderPath = Path.Combine(dirPath, scriptFolderName);
using (var zipFile = File.Open(Path.Combine(dirPath, _zipName + ".zip"), FileMode.Open))
{
Stream zipCopy = new MemoryStream();
zipFile.CopyTo(zipCopy);
var archive = new ZipArchive(zipCopy, ZipArchiveMode.Update, true);
try
{
//setup app config file
var item = archive.CreateEntry("api.config", CompressionLevel.Fastest);
using (var streamWriter = new StreamWriter(item.Open()))
{
streamWriter.Write(apiConfigFile);
}
//setup service config file
item = archive.CreateEntry("ComplexOrgSiteAgent.exe.config", CompressionLevel.Fastest);
using (var streamWriter = new StreamWriter(item.Open()))
{
streamWriter.Write(serviceConfigFile);
}
//add correct PS script folder
AddFilesAndFolders(scriptFolderPath, ref archive, "Scripts");
//setup script version file
item = archive.CreateEntry("Scripts\\ScriptVersion.txt", CompressionLevel.Fastest);
using (var streamWriter = new StreamWriter(item.Open()))
{
streamWriter.Write(scriptVersionFile);
}
//setup script variables file
item = archive.CreateEntry("Scripts\\SyncVars.json", CompressionLevel.Fastest);
using (var streamWriter = new StreamWriter(item.Open()))
{
streamWriter.Write(jsonConfigFile);
}
return(zipCopy as MemoryStream);
}
catch (Exception)
{
throw;
}
finally
{
archive.Dispose();
}
}
}
static void Main(string[] args)
{
var dir = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
_scriptFolderPath = args.Where(a => a.StartsWith("-scriptPath")).FirstOrDefault();
if (_scriptFolderPath != null)
{
_scriptFolderPath = _scriptFolderPath.Split(':')[1];
}
else
{
_scriptFolderPath = Path.GetFullPath(string.Format("{0}\\Scripts", dir));
}
ServiceName = Assembly.GetCallingAssembly().GetCustomAttribute <AssemblyTitleAttribute>().Title;
ConsoleLogSource = String.Format("{0}-console", ServiceName);
ServiceUtil.AssemblyName = AssemblyName;
ServiceUtil.ServiceName = ServiceName;
PrintLogo();
if (args.Any(a => a == "-debug"))
{
_isDebug = true;
}
var sUrl = ConfigurationManager.AppSettings["SiteUrl"];
var sDebugUrl = ConfigurationManager.AppSettings["DebugSiteUrl"];
_timerIntervalMinutes = Convert.ToInt16(ConfigurationManager.AppSettings["TimerIntervalMinutes"]);
OrgApiCalls.ApiKey = ConfigurationManager.AppSettings["ApiKey"];
OrgApiCalls.SiteUrl = (_isDebug) ? sDebugUrl : sUrl;
ConsoleLogSource = Utils.SetupLog(ConsoleLogSource);
try
{
RemoteSite siteConfig = null;
try
{
siteConfig = OrgApiCalls.GetSiteConfig();
}
catch (Exception)
{
WriteConsoleStatus("Failed retrieving site status");
}
if (siteConfig == null)
{
throw new Exception("Unable to retrieve site configuration, exiting");
}
var scriptConfig = GetJsonConfig(siteConfig, OrgApiCalls.SiteUrl);
File.WriteAllText(Path.Combine(_scriptFolderPath, "SyncVars.json"), scriptConfig);
ADTools.ADDomainName = siteConfig.OnPremDomainName;
relay = new SigRClient(OrgApiCalls.SiteUrl, OrgApiCalls.ApiKey, "SiteHub", true);
relay.StatusUpdate += Relay_StatusUpdate;
relay.ErrorEvent += Relay_ErrorEvent;
relay.PingEvent += Relay_PingEvent;
InitTimers(siteConfig);
relay.FireScriptEvent += Relay_FireScriptEvent;
if (Environment.UserInteractive)
{
RunConsole(siteConfig, args);
}
else
{
ServiceBase[] ServicesToRun;
ServicesToRun = new ServiceBase[]
{
new SiteListenerService(relay, timer)
};
ServiceBase.Run(ServicesToRun);
}
}
catch (Exception ex)
{
var msg = Utils.GetFormattedException(ex);
Utils.AddLogEntry(ConsoleLogSource, msg, EventLogEntryType.Error);
}
}
public static async Task <IEnumerable <RemoteSite> > UpdateSite(RemoteSite site)
{
var res = await DocDBRepo.DB <RemoteSite> .UpdateItemAsync(site);
return(await GetAllSites());
}
