protected async Task <IActionResult> Delete(string name)
{
try
{
if (!ModelState.TryValidateRequiredParameter(name, nameof(name)))
{
return(BadRequest(ModelState));
}
var partyName = name.GetFirstInDotList();
var secretId = name.GetLastInDotList();
var oauthDownParty = await tenantService.GetAsync <TParty>(await DownParty.IdFormat(RouteBinding, partyName));
var secret = oauthDownParty.Client.Secrets.Where(s => s.Id == secretId).FirstOrDefault();
if (secret == null)
{
return(NotFound("Secret", secretId));
}
oauthDownParty.Client.Secrets.Remove(secret);
await tenantService.UpdateAsync(oauthDownParty);
return(NoContent());
}
catch (CosmosDataException ex)
{
if (ex.StatusCode == HttpStatusCode.NotFound)
{
logger.Warning(ex, $"Delete secret from client '{typeof(TParty).Name}' by name '{name}'.");
return(NotFound(typeof(TParty).Name, name));
}
throw;
}
}
protected async Task <ActionResult <Api.OAuthClientSecretResponse> > Post(Api.OAuthClientSecretRequest party)
{
try
{
if (!await ModelState.TryValidateObjectAsync(party))
{
return(BadRequest(ModelState));
}
var oauthDownParty = await tenantService.GetAsync <TParty>(await DownParty.IdFormat(RouteBinding, party.PartyName));
var secret = new OAuthClientSecret();
await secretHashLogic.AddSecretHashAsync(secret, party.Secret);
if (oauthDownParty.Client.Secrets == null)
{
oauthDownParty.Client.Secrets = new List <OAuthClientSecret>();
}
oauthDownParty.Client.Secrets.Add(secret);
await tenantService.UpdateAsync(oauthDownParty);
return(Created(mapper.Map <Api.OAuthClientSecretResponse>(secret).Set(s => s.Name = new[] { oauthDownParty.Name, s.Name }.ToDotList())));
}
catch (CosmosDataException ex)
{
if (ex.StatusCode == HttpStatusCode.Conflict)
{
logger.Warning(ex, $"Create secret on client '{typeof(TParty).Name}' by name '{party.PartyName}'.");
return(Conflict(typeof(TParty).Name, party.PartyName));
}
throw;
}
}
public async Task <bool> ValidateResourceScopesAsync <TClient, TScope, TClaim>(ModelStateDictionary modelState, OAuthDownParty <TClient, TScope, TClaim> oauthDownParty) where TClient : OAuthDownClient <TScope, TClaim> where TScope : OAuthDownScope <TClaim> where TClaim : OAuthDownClaim
{
var isValid = true;
if (oauthDownParty.Client?.ResourceScopes?.Count() > 0)
{
foreach (var resourceScope in oauthDownParty.Client.ResourceScopes.Where(rs => !rs.Resource.Equals(oauthDownParty.Name, System.StringComparison.OrdinalIgnoreCase)))
{
try
{
_ = await tenantService.GetAsync <DownParty>(await DownParty.IdFormat(RouteBinding, resourceScope.Resource));
}
catch (CosmosDataException ex)
{
if (ex.StatusCode == HttpStatusCode.NotFound)
{
isValid = false;
var errorMessage = $"Resource scope down party resource '{resourceScope.Resource}' not found.";
logger.Warning(ex, errorMessage);
modelState.TryAddModelError($"{nameof(oauthDownParty.Client)}.{nameof(oauthDownParty.Client.ResourceScopes)}".ToCamelCase(), errorMessage);
}
else
{
throw;
}
}
}
}
return(isValid);
}
public async Task <DownParty> GetDownPartyByNameAsync(Party.IdKey idKey, bool requered = true)
{
if (idKey == null)
{
new ArgumentNullException(nameof(idKey));
}
return(await ReadDocumentAsync <DownParty>(await DownParty.IdFormat(idKey), DataDocument.PartitionIdFormat(idKey), requered));
}
private Task <string> GetId(string name)
{
if (EqualsBaseType(0, typeof(MParty), (typeof(UpParty))))
{
return(UpParty.IdFormat(RouteBinding, name));
}
else if (EqualsBaseType(0, typeof(MParty), (typeof(DownParty))))
{
return(DownParty.IdFormat(RouteBinding, name));
}
else
{
throw new NotSupportedException($"{typeof(MParty)} type not supported.");
}
}
private void DownMapping()
{
CreateMap <OAuthDownParty, Api.OAuthDownParty>()
.ForMember(d => d.Name, opt => opt.MapFrom(s => s.Name))
.ForMember(d => d.AllowUpPartyNames, opt => opt.MapFrom(s => s.AllowUpParties.Select(aup => aup.Name)))
.ReverseMap()
.ForMember(d => d.Id, opt => opt.MapFrom(s => DownParty.IdFormat(RouteBinding, s.Name).GetAwaiter().GetResult()))
.ForMember(d => d.AllowUpParties, opt => opt.MapFrom(s => s.AllowUpPartyNames.Select(n => new UpPartyLink {
Name = n
})));
CreateMap <OAuthDownClaim, Api.OAuthDownClaim>()
.ReverseMap();
CreateMap <OAuthDownClient, Api.OAuthDownClient>()
.ReverseMap();
CreateMap <OAuthDownResource, Api.OAuthDownResource>()
.ReverseMap();
CreateMap <OAuthDownResourceScope, Api.OAuthDownResourceScope>()
.ReverseMap();
CreateMap <OAuthDownScope, Api.OAuthDownScope>()
.ReverseMap();
CreateMap <OidcDownParty, Api.OidcDownParty>()
.ForMember(d => d.Name, opt => opt.MapFrom(s => s.Name))
.ForMember(d => d.AllowUpPartyNames, opt => opt.MapFrom(s => s.AllowUpParties.Select(aup => aup.Name)))
.ReverseMap()
.ForMember(d => d.Id, opt => opt.MapFrom(s => DownParty.IdFormat(RouteBinding, s.Name).GetAwaiter().GetResult()))
.ForMember(d => d.AllowUpParties, opt => opt.MapFrom(s => s.AllowUpPartyNames.Select(n => new UpPartyLink {
Name = n
})));
CreateMap <OidcDownClaim, Api.OidcDownClaim>()
.ReverseMap();
CreateMap <OidcDownClient, Api.OidcDownClient>()
.ReverseMap();
CreateMap <OidcDownScope, Api.OidcDownScope>()
.ReverseMap();
CreateMap <SamlDownParty, Api.SamlDownParty>()
.ForMember(d => d.Name, opt => opt.MapFrom(s => s.Name))
.ForMember(d => d.AllowUpPartyNames, opt => opt.MapFrom(s => s.AllowUpParties.Select(aup => aup.Name)))
.ReverseMap()
.ForMember(d => d.Id, opt => opt.MapFrom(s => DownParty.IdFormat(RouteBinding, s.Name).GetAwaiter().GetResult()))
.ForMember(d => d.AllowUpParties, opt => opt.MapFrom(s => s.AllowUpPartyNames.Select(n => new UpPartyLink {
Name = n
})));
}
protected async Task <ActionResult <Api.OAuthClientSecretResponse> > Get(string partyName)
{
try
{
if (!ModelState.TryValidateRequiredParameter(partyName, nameof(partyName)))
{
return(BadRequest(ModelState));
}
var oauthDownParty = await tenantService.GetAsync <TParty>(await DownParty.IdFormat(RouteBinding, partyName));
return(Ok(mapper.Map <List <Api.OAuthClientSecretResponse> >(oauthDownParty.Client.Secrets).Select(c => { c.Name = new[] { partyName, c.Name }.ToDotList(); return c; })));
}
catch (CosmosDataException ex)
{
if (ex.StatusCode == HttpStatusCode.NotFound)
{
logger.Warning(ex, $"Get '{typeof(TParty).Name}' client secrets by name '{partyName}'.");
return(NotFound(typeof(TParty).Name, partyName));
}
throw;
}
}
