public JobController(IAadHelperProvider aadHelperProvider)
{
this.aadHelperProvider = aadHelperProvider;
}
public ResetStatusController(IAadHelperProvider aadHelperProvider)
{
this.aadHelperProvider = aadHelperProvider;
}
public UserInfoController(IAadHelperProvider aadHelperProvider)
{
this.aadHelperProvider = aadHelperProvider;
}
public FieldEngineerDBCleanup(IAadHelperProvider aadHelperProvider)
{
this.aadHelperProvider = aadHelperProvider;
}
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext == null)
{
throw new ArgumentNullException("actionContext");
}
// Check whether we are running in a mode where local host access is allowed through without authentication.
if (!this.isInitialized)
{
HttpConfiguration config = actionContext.ControllerContext.Configuration;
this.isHosted = config.GetIsHosted();
this.aadHelperProvider = config.DependencyResolver.GetService <IAadHelperProvider>();
this.isInitialized = true;
}
ApiController controller = actionContext.ControllerContext.Controller as ApiController;
if (!this.isHosted && actionContext.RequestContext.IsLocal)
{
var localUser = new ServiceUser();
var providerIdentitiesProperty = typeof(ServiceUser).GetProperty("ProviderIdentities", BindingFlags.Instance | BindingFlags.NonPublic | BindingFlags.Public);
var providerIdentities = (Collection <ProviderCredentials>)providerIdentitiesProperty.GetValue(localUser);
providerIdentities.Add(new AzureActiveDirectoryCredentials {
ObjectId = LocalUserObjectId
});
localUser.AddIdentity(new ClaimsIdentity());
if (controller != null)
{
controller.User = localUser;
}
// Test validation of group membership
IEnumerable <string> testGroupValues;
if (actionContext.Request.Headers.TryGetValues(TestUserGroupHeaderName, out testGroupValues))
{
var testGroup = testGroupValues.FirstOrDefault();
if (testGroup != null)
{
if (this.Group.ToString().Equals(testGroup, StringComparison.OrdinalIgnoreCase))
{
// Ok, continue
}
else
{
// Wrong group
actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User is not logged in or not a member of the required group");
}
}
}
return;
}
if (this.aadHelperProvider == null)
{
Trace.TraceError("Could not resolve depdendency for 'IAadHelperProvider' in AuthorizeAadGroupAttribute");
}
bool isAuthorized = false;
if (controller != null && this.aadHelperProvider != null)
{
string groupId = this.aadHelperProvider.GetGroupId(this.Group);
if (!string.IsNullOrEmpty(groupId))
{
ServiceUser serviceUser = controller.User as ServiceUser;
if (serviceUser != null && serviceUser.Level == AuthorizationLevel.User)
{
var idents = serviceUser.GetIdentitiesAsync().Result;
var clientAadCredentials = idents.OfType <AzureActiveDirectoryCredentials>().FirstOrDefault();
if (clientAadCredentials != null)
{
string accessToken = this.aadHelperProvider.GetAccessToken();
CallContext currentCallContext = new CallContext(accessToken, Guid.NewGuid());
GraphConnection graphConnection = new GraphConnection(currentCallContext);
bool isMember = graphConnection.IsMemberOf(groupId, clientAadCredentials.ObjectId);
if (isMember)
{
isAuthorized = true;
}
}
}
}
}
if (!isAuthorized)
{
actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User is not logged in or not a member of the required group");
}
}
public static void SendEmail(ApiServices services, Job job, string aadObjectId, IAadHelperProvider aadHelperProvider)
{
var htmlContent = GetJobDetailsInHTML(job);
string accessToken = aadHelperProvider.GetAccessToken();
string agentName = aadHelperProvider.GetUserDisplayName(aadObjectId, accessToken);
string managerEmail = aadHelperProvider.GetManagerEmail(aadObjectId, accessToken);
if (managerEmail == null)
{
// No e-mail (possibly running locally)
return;
}
try
{
// Read values from service app settings
string fromEmailId = services.Settings["SendGridFromEmailId"];
string fromEmailUserName = services.Settings["SendGridFromEmailUserName"];
string sendGridUserName = services.Settings["SendGridUserName"];
string sendGridPassword = services.Settings["SendGridPassword"];
if (string.IsNullOrEmpty(fromEmailId) || string.IsNullOrEmpty(fromEmailUserName) ||
string.IsNullOrEmpty(sendGridUserName) || string.IsNullOrEmpty(sendGridPassword))
{
services.Log.Warn("SendGrid is not properly configured, skipping sending e-mail.");
return;
}
SendGrid jobCompleteEmailMessage = SendGrid.GetInstance();
jobCompleteEmailMessage.AddTo(managerEmail);
jobCompleteEmailMessage.From = new MailAddress(fromEmailId, fromEmailUserName);
jobCompleteEmailMessage.Subject = "Job Complete Report from:" + agentName;
jobCompleteEmailMessage.Html = htmlContent;
var credentials = new NetworkCredential(sendGridUserName, sendGridPassword);
// Create a REST transport for sending email.
var transportREST = Web.GetInstance(credentials);
transportREST.Deliver(jobCompleteEmailMessage);
services.Log.Info("Job complete email sent for jobId: " + job.Id);
}
catch (Exception ex)
{
services.Log.Error("Error sending email: " + ex.Message);
}
}
