public void DeleteReturnUrl(DeleteReturnUrlDto toDelete)
{
this.Validate(toDelete);
var resource = this.GetErrorStringLocalizer();
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myReturnUrl = returnUrlRepo.GetById(toDelete.IdReturnUrl);
if (myReturnUrl == null)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlUnknowReturnUrl"]);
}
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toDelete.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(myReturnUrl.Client.PublicId, toDelete.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlBadUserNameOrClientId"]);
}
returnUrlRepo.Delete(myReturnUrl);
context.Commit();
}
}
public int CreateReturnUrl(CreateReturnUrlDto toCreate)
{
this.Validate(toCreate);
var idCreated = 0;
var resource = this.GetErrorStringLocalizer();
if (!Uri.TryCreate(toCreate.ReturnUrl, UriKind.Absolute, out var u))
{
throw new DaOAuthServiceException(resource["CreateReturnUrlReturnUrlIncorrect"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toCreate.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(toCreate.ClientPublicId, toCreate.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlBadUserNameOrClientId"]);
}
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var client = clientRepo.GetByPublicId(toCreate.ClientPublicId);
if (client == null || !client.IsValid)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlInvalidClient"]);
}
var existingReturnUrl = client.ClientReturnUrls.FirstOrDefault(c => c.ReturnUrl.Equals(toCreate.ReturnUrl, StringComparison.OrdinalIgnoreCase));
if (existingReturnUrl != null)
{
idCreated = existingReturnUrl.Id;
}
else
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
idCreated = returnUrlRepo.Add(new Domain.ClientReturnUrl()
{
ClientId = client.Id,
ReturnUrl = toCreate.ReturnUrl
});
}
context.Commit();
}
return(idCreated);
}
public void Delete(DeleteClientDto toDelete)
{
Logger.LogInformation(String.Format("Try to create delete by user {0}", toDelete != null ? toDelete.UserName : String.Empty));
Validate(toDelete);
using (var context = RepositoriesFactory.CreateContext())
{
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var clientReturnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myUser = userRepo.GetByUserName(toDelete.UserName);
if (myUser == null || !myUser.IsValid)
{
throw new DaOAuthServiceException("DeleteClientInvalidUserName");
}
var myClient = clientRepo.GetById(toDelete.Id);
if (myClient == null)
{
throw new DaOAuthServiceException("DeleteClientUnknowClient");
}
var myUserClient = userClientRepo
.GetUserClientByClientPublicIdAndUserName(myClient.PublicId, toDelete.UserName);
if (myUserClient == null || !myUserClient.Client.UserCreator.UserName.Equals(toDelete.UserName, StringComparison.OrdinalIgnoreCase))
{
throw new DaOAuthServiceException("DeleteClientWrongUser");
}
foreach (var cr in clientReturnUrlRepo.GetAllByClientPublicId(myClient.PublicId).ToList())
{
clientReturnUrlRepo.Delete(cr);
}
foreach (var cs in clientScopeRepo.GetAllByClientId(myClient.Id).ToList())
{
clientScopeRepo.Delete(cs);
}
foreach (var uc in userClientRepo.GetAllByClientId(myClient.Id).ToList())
{
userClientRepo.Delete(uc);
}
userClientRepo.Delete(myUserClient);
clientRepo.Delete(myClient);
context.Commit();
}
}
public void UpdateReturnUrl(UpdateReturnUrlDto toUpdate)
{
this.Validate(toUpdate);
var resource = this.GetErrorStringLocalizer();
if (!Uri.TryCreate(toUpdate.ReturnUrl, UriKind.Absolute, out var u))
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlReturnUrlIncorrect"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myReturnUrl = returnUrlRepo.GetById(toUpdate.IdReturnUrl);
if (myReturnUrl == null)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlUnknowReturnUrl"]);
}
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toUpdate.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(myReturnUrl.Client.PublicId, toUpdate.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlBadUserNameOrClientId"]);
}
myReturnUrl.ReturnUrl = toUpdate.ReturnUrl;
returnUrlRepo.Update(myReturnUrl);
context.Commit();
}
}
private bool CheckIfClientIsValid(string clientPublicId, Uri requestRedirectUri, EClientType clientType)
{
using (var context = RepositoriesFactory.CreateContext())
{
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var clientReturnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var client = clientRepo.GetByPublicId(clientPublicId);
if (client == null)
{
return(false);
}
if (!client.IsValid)
{
return(false);
}
if (client.ClientTypeId != (int)clientType)
{
return(false);
}
IList <Uri> clientUris = new List <Uri>();
foreach (var uri in clientReturnUrlRepo.GetAllByClientPublicId(clientPublicId))
{
clientUris.Add(new Uri(uri.ReturnUrl, UriKind.Absolute));
}
if (!clientUris.Contains(requestRedirectUri))
{
return(false);
}
}
return(true);
}
public ClientDto Update(UpdateClientDto toUpdate)
{
IList <ValidationResult> ExtendValidation(UpdateClientDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (toValidate.ReturnUrls == null || toValidate.ReturnUrls.Count() == 0)
{
result.Add(new ValidationResult(resource["UpdateClientDtoDefaultReturnUrlRequired"]));
}
if (toValidate.ReturnUrls != null)
{
foreach (var ur in toValidate.ReturnUrls)
{
if (!Uri.TryCreate(ur, UriKind.Absolute, out var u))
{
result.Add(new ValidationResult(resource["UpdateClientDtoReturnUrlIncorrect"]));
}
}
}
if (toValidate.ClientType != ClientTypeName.Confidential && toValidate.ClientType != ClientTypeName.Public)
{
result.Add(new ValidationResult(resource["UpdateClientDtoTypeIncorrect"]));
}
if (!toValidate.ClientSecret.IsMatchClientSecretPolicy())
{
result.Add(new ValidationResult(resource["UpdateClientDtoClientSecretDontMatchPolicy"]));
}
return(result);
}
Logger.LogInformation(String.Format("Try to update client for user {0}", toUpdate != null ? toUpdate.UserName : String.Empty));
Validate(toUpdate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var resource = this.GetErrorStringLocalizer();
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var scopeRepo = RepositoriesFactory.GetScopeRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientReturnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var myClient = clientRepo.GetById(toUpdate.Id);
if (myClient == null || !myClient.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidClient"]);
}
var ucs = userClientRepo.GetAllByCriterias(toUpdate.UserName, toUpdate.Name, null, null, 0, 50);
if (ucs != null && ucs.Count() > 0)
{
var myUc = ucs.First();
if (myUc.ClientId != myClient.Id)
{
throw new DaOAuthServiceException(resource["UpdateClientNameAlreadyUsed"]);
}
}
var cl = clientRepo.GetByPublicId(toUpdate.PublicId);
if (cl != null && cl.Id != myClient.Id)
{
throw new DaOAuthServiceException(resource["UpdateClientpublicIdAlreadyUsed"]);
}
var scopes = scopeRepo.GetAll();
if (toUpdate.ScopesIds != null)
{
IList <int> ids = scopes.Select(s => s.Id).ToList();
foreach (var scopeId in toUpdate.ScopesIds)
{
if (!ids.Contains(scopeId))
{
throw new DaOAuthServiceException(resource["UpdateClientScopeDontExists"]);
}
}
}
var myUser = userRepo.GetByUserName(toUpdate.UserName);
if (myUser == null || !myUser.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidUser"]);
}
var myUserClient = userClientRepo.
GetUserClientByClientPublicIdAndUserName(myClient.PublicId, toUpdate.UserName);
if (myUserClient == null || !myUserClient.Client.UserCreator.UserName.Equals(toUpdate.UserName, StringComparison.OrdinalIgnoreCase))
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidUser"]);
}
// update returns urls
foreach (var ru in clientReturnUrlRepo.GetAllByClientPublicId(myClient.PublicId).ToList())
{
clientReturnUrlRepo.Delete(ru);
}
foreach (var ru in toUpdate.ReturnUrls)
{
clientReturnUrlRepo.Add(new ClientReturnUrl()
{
ClientId = myClient.Id,
ReturnUrl = ru
});
}
// updates clients scopes
foreach (var s in clientScopeRepo.GetAllByClientId(myClient.Id).ToList())
{
clientScopeRepo.Delete(s);
}
if (toUpdate.ScopesIds != null)
{
foreach (var s in toUpdate.ScopesIds)
{
clientScopeRepo.Add(new ClientScope()
{
ClientId = myClient.Id,
ScopeId = s
});
}
}
// update client
myClient.ClientSecret = toUpdate.ClientSecret;
myClient.ClientTypeId = toUpdate.ClientType.Equals(
ClientTypeName.Confidential, StringComparison.OrdinalIgnoreCase)
? (int)EClientType.CONFIDENTIAL : (int)EClientType.PUBLIC;
myClient.Description = toUpdate.Description;
myClient.Name = toUpdate.Name;
myClient.PublicId = toUpdate.PublicId;
clientRepo.Update(myClient);
context.Commit();
return(myClient.ToDto(true));
}
}
public int CreateClient(CreateClientDto toCreate)
{
IList <ValidationResult> ExtendValidation(CreateClientDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (toValidate.ReturnUrls == null || toValidate.ReturnUrls.Count() == 0)
{
result.Add(new ValidationResult(resource["CreateClientDtoDefaultReturnUrlRequired"]));
}
foreach (var ur in toValidate.ReturnUrls)
{
if (!Uri.TryCreate(ur, UriKind.Absolute, out var u))
{
result.Add(new ValidationResult(resource["CreateClientDtoReturnUrlIncorrect"]));
}
}
if (toValidate.ClientType != ClientTypeName.Confidential && toValidate.ClientType != ClientTypeName.Public)
{
result.Add(new ValidationResult(resource["CreateClientDtoTypeIncorrect"]));
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toValidate.UserName);
if (user == null || !user.IsValid)
{
result.Add(new ValidationResult(String.Format(resource["CreateClientDtoInvalidUser"], toCreate.UserName)));
}
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
if (!String.IsNullOrEmpty(toValidate.Name) && userClientRepo.GetAllByCriteriasCount(toValidate.UserName, toValidate.Name, null, null) > 0)
{
result.Add(new ValidationResult(resource["CreateClientDtoNameAlreadyUse"]));
}
}
return(result);
}
Logger.LogInformation(String.Format("Try to create client by user {0}", toCreate != null ? toCreate.UserName : String.Empty));
this.Validate(toCreate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var user = userRepo.GetByUserName(toCreate.UserName);
var client = new Client()
{
ClientSecret = RandomService.GenerateRandomString(16),
ClientTypeId = toCreate.ClientType.Equals(ClientTypeName.Confidential, StringComparison.OrdinalIgnoreCase) ? (int)EClientType.CONFIDENTIAL : (int)EClientType.PUBLIC,
CreationDate = DateTime.Now,
Description = toCreate.Description,
IsValid = true,
Name = toCreate.Name,
PublicId = RandomService.GenerateRandomString(16),
UserCreatorId = user.Id
};
clientRepo.Add(client);
foreach (var ur in toCreate.ReturnUrls)
{
var clientReturnUrl = new ClientReturnUrl()
{
ReturnUrl = ur,
ClientId = client.Id
};
returnUrlRepo.Add(clientReturnUrl);
}
var userClient = new UserClient()
{
ClientId = client.Id,
CreationDate = DateTime.Now,
IsActif = true,
RefreshToken = String.Empty,
UserId = user.Id
};
userClientRepo.Add(userClient);
if (toCreate.ScopesIds != null)
{
foreach (var sId in toCreate.ScopesIds)
{
clientScopeRepo.Add(new ClientScope()
{
ClientId = client.Id,
ScopeId = sId
});
}
}
context.Commit();
return(client.Id);
}
}
