private void AddServiceGatewayForServer(ServiceGateway service, AuthTokenDto authToken)
{
try
{
_serverInfo = service.Server.GetServerInfo(authToken.ServerDto, authToken.Token);
}
catch (Exception exc)
{
// default the configuration to vsphere
_serverInfo = new ServerInfoDto
{
Release = "Vsphere",
ProductName = "idm"
};
}
if (authToken.ServerDto.ServerName == "10.161.26.243")
{
_serverInfo.Release = "Lightwave";
}
var serviceConfigManager = new ServiceConfigManager(_serverInfo.Release);
var serviceGateway = new ServiceGateway(serviceConfigManager);
SnapInContext.Instance.ServiceGatewayManager.Add(authToken.ServerDto.ServerName, serviceGateway);
}
private void LoginUser(AuthTokenDto auth, string tenantName, bool hasSessionExpired = false)
{
if (auth.Token != null && !hasSessionExpired)
{
return;
}
ActionHelper.Execute(delegate
{
var text = hasSessionExpired ? "Re-login - Credentials expired or changed" : "Login";
var tenant = tenantName == null ? _serverDto.Tenant : tenantName;
var login = tenantName == null ? auth.Login : null;
var loginForm = new LoginForm(login, tenant, text);
var context = this.GetApplicationContext();
var dataContext = context.NavigationController.NavigateToView(this, loginForm);
if (dataContext != null)
{
var service = ScopeNodeExtensions.GetServiceGateway();
var loginDto = (LoginDto)dataContext;
try
{
var authToken = service.Authentication.Login(auth.ServerDto, loginDto, Constants.ClientId);
AddServiceGatewayForServer(service, authToken);
Tag = new AuthTokenDto
{
Login = new LoginDto {
User = authToken.Login.User, TenantName = authToken.Login.TenantName, Pass = authToken.Login.Pass, DomainName = authToken.Login.DomainName
},
ServerDto = authToken.ServerDto,
Token = authToken.Token
};
SnapInContext.Instance.AuthTokenManager.SetAuthToken(authToken);
AddTenantNode(authToken, loginDto.TenantName);
}
catch (WebException exp)
{
if (exp.Response is HttpWebResponse)
{
var response = exp.Response as HttpWebResponse;
if (response != null && response.StatusCode == HttpStatusCode.NotFound)
{
MMCDlgHelper.ShowMessage(MMCUIConstants.INCOMPATIBLE_SERVER);
return;
}
else
{
MMCDlgHelper.ShowMessage(exp.Message);
return;
}
}
else
{
MMCDlgHelper.ShowMessage(exp.Message);
return;
}
}
AddLoggedInUserActions();
}
}, auth);
}
public ServerNode(ServerDto dto)
{
_serverDto = dto;
this.DisplayName = dto.ServerName;
Tag = new AuthTokenDto {
ServerDto = dto
};
notificationObject = NSNotificationCenter.DefaultCenter.AddObserver((NSString)"CloseApplication", OnCloseConnectionNotificationReceived);
}
private void AddTenantNode(AuthTokenDto tokenDto, TenantDto tenant)
{
var node = new TenantNode(_serverDto, tenant.Name)
{
DisplayName = tenant.Name, Tag = tenant.Guid
};
AddTenantNode(node);
}
public void RemoveAuthToken(AuthTokenDto token)
{
var key = string.Format("{0}|{1}", token.ServerDto.ServerName, token.Login == null ? string.Empty : token.Login.TenantName);
var authToken = _localData.Get(key);
if (authToken != null)
{
_localData.Remove(key);
}
}
public void SetAuthToken(AuthTokenDto token, string key)
{
var authToken = _localData.Get(key);
if (authToken != null)
{
_localData.Remove(key);
}
_localData.Add(key, token);
}
void IFormViewControl.Initialize(FormView parentSelectionFormView)
{
_formView = (SolutionUsersFormView)parentSelectionFormView;
_formView.SelectionData.ActionsPaneItems.Clear();
_serverDto = GetServerDto();
var ssoSolutionUsersNode = _formView.ScopeNode as SolutionUsersNode;
_auth = SnapInContext.Instance.AuthTokenManager.GetAuthToken(_serverDto, ssoSolutionUsersNode.TenantName);
RefreshUsers(string.Empty);
}
public void LoginAsUser(string tenantName, UserDto userDto)
{
var auth = (AuthTokenDto)Tag;
var userAuth = new AuthTokenDto {
ServerDto = auth.ServerDto, Login = new LoginDto {
User = userDto.Name, DomainName = userDto.Domain, TenantName = tenantName
}
};
LoginUser(userAuth);
}
public ServerNode(ServerDto serverDto)
: base(false)
{
AddLoggedOutUserActions();
_serverDto = serverDto;
DisplayName = serverDto.ServerName;
Tag = new AuthTokenDto {
ServerDto = _serverDto
};
ImageIndex = SelectedImageIndex = serverDto.TokenType == TokenType.SAML ? (int)TreeImageIndex.SamlServer : (int)TreeImageIndex.Server;
}
private void AddTenantNode(AuthTokenDto tokenDto, TenantDto tenant)
{
var node = new TenantNode(tokenDto.ServerDto, tenant.Name)
{
DisplayName = tenant.Name,
Tag = tenant.Guid,
Parent = this
};
node.Refresh(this, EventArgs.Empty);
AddTenantNode(node);
}
private void AddTenantNode(AuthTokenDto tokenDto, string tenantName)
{
var tenantDto = new TenantDto {
Name = tenantName
};
var node = new TenantNode(_serverDto, tenantName)
{
DisplayName = tenantName, Tag = tenantName
};
AddTenantNode(node);
}
private static AuthTokenDto GetAuthTokenDto()
{
var payload = new AuthTokenDto
{
grant_type = GetParamValue(AuthTokenEnum.AUTH_GRANT_TYPE),
client_id = GetParamValue(AuthTokenEnum.AUTH_CLIENT_ID),
client_secret = GetParamValue(AuthTokenEnum.AUTH_CLIENT_SECRET),
username = GetParamValue(AuthTokenEnum.AUTH_USERNAME),
password = GetParamValue(AuthTokenEnum.AUTH_PASSWORD)
};
return(payload);
}
public void VerifyViewModelCanBeCreatedWhenLoggedIn()
{
var book = new DetailedBookDto();
var authenticationService = new Mock <IAuthenticationService>();
var authToken = new AuthTokenDto
{
Person = new PersonDto()
};
AccountModel loggedOnUser = new AccountModel(authToken);
authenticationService.SetupGet(s => s.LoggedOnAccount).Returns(() => loggedOnUser);
var feedbackService = new Mock <IFeedbackService>();
var viewModel = new CreateReviewViewModel(book, authenticationService.Object, feedbackService.Object);
viewModel.ShouldNotBeNull();
}
private void AddServerNodeAndAskForLogin(ServerDto serverDto)
{
var node = new ServerNode(serverDto);
var nodeAlreadyExists = AddServerNode(ref node);
if (!nodeAlreadyExists)
{
// Ask for login into the new server.
var auth = new AuthTokenDto {
ServerDto = serverDto,
};
node.Login(auth);
}
else
{
MMCDlgHelper.ShowWarning(string.Format("Server {0} already exists", node.DisplayName));
}
}
public AuthTokenDto CreateToken(LogInDataDto loginData)
{
var value = $"{loginData.Username}-{loginData.Password}";
var existingToken = this.tokens.FirstOrDefault(x =>
this.tokenEncryptionService.Decrypt(x.Value) == value);
if (existingToken == null)
{
var encryptedValue = this.tokenEncryptionService.Encrypt(value);
var token = new AuthTokenDto(
encryptedValue,
DateTime.Now.AddMinutes(relogTimeMinutes));
this.tokens.Add(token);
return(token);
}
this.ResetExpiration(existingToken);
return(existingToken);
}
private void PopulateToken(AuthTokenDto authToken)
{
if (cbSaml.Checked)
{
var bytes = Convert.FromBase64String(authToken.Token.AccessToken);
var value = System.Text.Encoding.Default.GetString(bytes);
txtSamlToken.Text = value;
}
else
{
try
{
txtIdToken.Text = JwtHelper.Decode(authToken.Token.IdToken);
}
catch
{
txtIdToken.Text = authToken.Token.IdToken;
}
try
{
txtAccessToken.Text = JwtHelper.Decode(authToken.Token.AccessToken);
}
catch
{
txtAccessToken.Text = authToken.Token.AccessToken;
}
try
{
txtRefreshToken.Text = JwtHelper.Decode(authToken.Token.RefreshToken);
}
catch
{
txtRefreshToken.Text = authToken.Token.RefreshToken;
}
}
}
public static void Execute(System.Action fn, AuthTokenDto authTokenDto)
{
Execute(fn, authTokenDto, null);
}
private void ResetExpiration(AuthTokenDto token)
{
token.Expires = DateTime.Now.AddMinutes(relogTimeMinutes);
}
public AuthorizedDto Login([Required] string email, string password)
{
if (!ModelState.IsValid)
{
return(null);
}
;
try
{
Admin admin = (from c in context.Admin.AsNoTracking() where c.Email == email select c).FirstOrDefault();
User user = (from c in context.User.AsNoTracking() where c.Email == email select c).FirstOrDefault();
ChildUser childuser = (from c in context.ChildUser.AsNoTracking() where c.Email == email select c).FirstOrDefault();
if (admin == null && user == null)
{
return(null);
}
string strLocalUrl = "http://localhost:60499";
WebRequest webRequest = WebRequest.Create(strLocalUrl + "/token");
webRequest.Method = "POST";
webRequest.ContentType = "application/x-www-form-urlencoded";
byte[] byteBody = new System.Text.ASCIIEncoding().GetBytes("grant_type=password&username="******"&password="******"admin",
Token = authTokenDto,
});
}
else if (user != null)
{
return(new AuthorizedDto()
{
ID = user.User_ID,
Name = user.Name,
Email = user.Email,
ImageURL = user.ImageUrl,
Role = "user",
Token = authTokenDto,
});
}
else if (childuser != null)
{
return(new AuthorizedDto()
{
ID = childuser.ChildUser_ID,
ParentID = childuser.Parent_ID,
Name = childuser.Name,
Email = childuser.Email,
ImageURL = childuser.ImageUrl,
Role = "childuser",
Token = authTokenDto,
});
}
else
{
return(null);
}
}
catch (Exception e)
{
return(null);
}
}
private void PopulateToken(AuthTokenDto authToken)
{
TxtIDTokenString.StringValue = JwtHelper.Decode(authToken.Token.IdToken);
TxtAccessTokenString.StringValue = JwtHelper.Decode(authToken.Token.AccessToken);
TxtRefreshTokenString.StringValue = JwtHelper.Decode(authToken.Token.RefreshToken);
}
private void btnCreateSignerIdentity_Click(object sender, EventArgs e)
{
if (ValidateInputs())
{
AuthTokenDto auth = null;
if (txtTenantName.Enabled)
{
var auths = SnapInContext.Instance.AuthTokenManager.GetAuthTokens(_serverDto);
auth = auths[0];
}
else
{
auth = SnapInContext.Instance.AuthTokenManager.GetAuthToken(_serverDto, _tenantName);
}
ActionHelper.Execute(delegate
{
// Get private key
var keyText = File.ReadAllText(txtKeyFile.Text);
keyText = PrivateKeyHelper.ExtractBase64EncodedPayload(keyText);
EncrptionAlgorithm algo;
if (cbAlgo.SelectedIndex > -1)
{
Enum.TryParse(cbAlgo.SelectedItem.ToString(), false, out algo);
}
else
{
algo = EncrptionAlgorithm.RSA;
}
var privatekey = new PrivateKeyDto {
Encoded = keyText, Algorithm = algo
};
// Get all certificates
var certs = new List <CertificateDto>();
foreach (var certificate in GetCertificateChain())
{
var cert = new X509Certificate2();
cert.Import(certificate);
var certDto = new CertificateDto {
Encoded = cert.ExportToPem()
};
certs.Add(certDto);
}
var tenantCredentials = new TenantCredentialsDto {
Certificates = certs, PrivateKey = privatekey
};
if (txtTenantName.Enabled)
{
var tenantDto = new TenantDto()
{
Name = txtTenantName.Text, Credentials = tenantCredentials, Username = txtUsername.Text, Password = txtPassword.Text
};
_tenantDto = _service.Tenant.Create(_serverDto, tenantDto, auth.Token);
}
else
{
_service.Certificate.SetTenantCredentials(_serverDto, _tenantName, tenantCredentials, auth.Token);
}
}, auth);
this.DialogResult = DialogResult.OK;
}
}
private void LoginUser(AuthTokenDto auth, bool hasSessionExpired = false)
{
LoginUser(auth, null, hasSessionExpired);
}
/// <summary>
/// Initializes a new instance of the <see cref="AccountModel"/> class.
/// </summary>
/// <param name="token">The token.</param>
public AccountModel(AuthTokenDto token)
{
this.Token = token.Token;
this.Person = token.Person;
this.Roles = token.Roles;
}
public void Login(AuthTokenDto auth)
{
LoginUser(auth);
}
public static void Execute(System.Action fn, AuthTokenDto authTokenDto)
{
try
{
fn();
}
catch (WebException exp)
{
if (exp.Response is HttpWebResponse)
{
var response = exp.Response as HttpWebResponse;
if (response != null && response.StatusCode == HttpStatusCode.Unauthorized)
{
var resp = new StreamReader(exp.Response.GetResponseStream()).ReadToEnd();
var error = JsonConvert.Deserialize <AuthErrorDto>(resp);
if (error != null)
{
if (error.Error == AuthError.InvalidToken)
{
ActionHelper.Execute(delegate()
{
// Refresh token
if (authTokenDto.Refresh())
{
SnapInContext.Instance.AuthTokenManager.SetAuthToken(authTokenDto);
fn();
}
}, authTokenDto);
}
else
{
ErrorMessageDisplayHelper.ShowException(new Exception(error.Description));
}
}
}
else
{
if (response != null && response.StatusCode == HttpStatusCode.BadRequest && response.ContentType == "application/json;charset=UTF-8")
{
var resp = new StreamReader(response.GetResponseStream()).ReadToEnd();
var error = JsonConvert.Deserialize <AuthErrorDto>(resp);
if (resp.Contains(AuthError.InvalidGrant))
{
if (error != null)
{
if (error.Error == AuthError.InvalidGrant && authTokenDto != null && authTokenDto.Login != null)
{
// Session expired
var sessionExpired = true;
var root = SnapInContext.Instance.SnapIn.RootNode as SnapInNode;
ServerNode node = null;
foreach (ServerNode child in root.Children)
{
if (child.DisplayName == authTokenDto.ServerDto.ServerName)
{
node = child;
}
}
var serverNode = root.GetServerNode(node);
if (serverNode != null)
{
serverNode.Login(sessionExpired);
}
}
else
{
ErrorMessageDisplayHelper.ShowException(new Exception(error.Description));
}
}
else
{
ErrorMessageDisplayHelper.ShowException(new Exception(error.Description));
}
}
else
{
ErrorMessageDisplayHelper.ShowException(new Exception(error.Description));
}
}
else
{
ErrorMessageDisplayHelper.ShowException(exp);
}
}
}
else
{
ErrorMessageDisplayHelper.ShowException(exp);
}
}
catch (Exception exp)
{
ErrorMessageDisplayHelper.ShowException(exp);
}
}
public AuthorizedDto Login([Required] string email, [Required] string password)
{
if (!ModelState.IsValid)
{
return(null);
}
try
{
Admin admin = (from c in context.Admin.AsNoTracking() where c.Email == email select c).FirstOrDefault();
Company company = (from c in context.Company.AsNoTracking() where c.Email == email select c).FirstOrDefault();
CompanyStaff staff = (from c in context.CompanyStaff.AsNoTracking() where c.Email == email select c).FirstOrDefault();
if (admin == null && company == null && staff == null)
{
return(null);
}
string strLocalUrl = "http://localhost:50894";
WebRequest webRequest = WebRequest.Create(strLocalUrl + "/token");
webRequest.Method = "POST";
webRequest.ContentType = "application/x-www-form-urlencoded";
byte[] byteBody = new ASCIIEncoding().GetBytes("grant_type=password&username="******"&password="******"admin",
Token = authTokenDto.access_token,
});
}
else if (company != null)
{
return(new AuthorizedDto()
{
ID = company.ID,
Name = company.Name,
Email = company.Email,
ImageUrl = company.ImageUrl,
Role = "company",
Token = authTokenDto.access_token,
});
}
else if (staff != null)
{
return(new AuthorizedDto()
{
ID = staff.ID,
ParentID = staff.CompanyID,
Name = staff.Name,
Email = staff.Email,
ImageUrl = staff.ImageUrl,
Role = "staff",
Token = authTokenDto.access_token,
});
}
else
{
return(null);
}
}
catch (Exception)
{
return(null);
}
}