Ejemplo n.º 1
0
    public async Task GivenDirectoryEntry_WhenRoundTrip_Success()
    {
        const string issuer = "*****@*****.**";

        IdentityClient client = TestApplication.GetIdentityClient();

        var documentId = new DocumentId("test/unit-tests-identity/identity1");

        var query = new QueryParameter()
        {
            Filter    = "test/unit-tests-identity",
            Recursive = false,
        };

        await client.Delete(documentId);

        var request = new IdentityEntryRequest
        {
            DirectoryId = (string)documentId,
            Issuer      = issuer
        };

        bool success = await client.Create(request);

        success.Should().BeTrue();

        IdentityEntry?entry = await client.Get(documentId);

        entry.Should().NotBeNull();

        await client.Delete(documentId);
    }
Ejemplo n.º 2
0
    public async Task <bool> Create(IdentityEntryRequest identityEntryRequest, CancellationToken token)
    {
        identityEntryRequest.Verify();
        DocumentId documentId = new DocumentId(identityEntryRequest.DirectoryId);

        IdentityEntry?exist = await Get(documentId, token : token, bypassCache : true);

        if (exist != null)
        {
            return(false);
        }

        RSA rsa = RSA.Create();

        var document = new IdentityEntry
        {
            DirectoryId = identityEntryRequest.DirectoryId,
            Subject     = identityEntryRequest.Issuer,
            PublicKey   = rsa.ExportRSAPublicKey(),
            PrivateKey  = rsa.ExportRSAPrivateKey(),
        };

        await _documentStorage.Set(documentId, document, token : token);

        return(true);
    }
Ejemplo n.º 3
0
 public static void Verify(this IdentityEntryRequest subject)
 {
     subject.VerifyNotNull(nameof(subject));
     subject.DirectoryId.VerifyDocumentId();
     subject.Issuer.VerifyNotEmpty(nameof(subject.Issuer));
     subject.ClassType.VerifyNotEmpty(nameof(subject.ClassType));
     subject.Properties.VerifyNotNull(nameof(subject.Properties));
 }
Ejemplo n.º 4
0
    public async Task <IActionResult> Create([FromBody] IdentityEntryRequest identityEntryRequest, CancellationToken token)
    {
        bool success = await _identityService.Create(identityEntryRequest, token);

        if (!success)
        {
            return(Conflict());
        }
        return(Ok());
    }
Ejemplo n.º 5
0
        public async Task <bool> Create(IdentityEntryRequest identityEntryRequest, CancellationToken token = default)
        {
            _logger.LogTrace($"Create directoryId={identityEntryRequest.DirectoryId}");

            HttpResponseMessage response = await _httpClient.PostAsJsonAsync($"api/identity/create", value : identityEntryRequest, cancellationToken : token);

            if (response.StatusCode == HttpStatusCode.Conflict)
            {
                return(false);
            }

            response.EnsureSuccessStatusCode();
            return(true);
        }
Ejemplo n.º 6
0
    public async Task Create(string directoryId, string issuer, CancellationToken token)
    {
        var request = new IdentityEntryRequest
        {
            DirectoryId = directoryId,
            Issuer      = issuer,
        };

        bool success = await _identityClient.Create(request, token);

        if (!success)
        {
            _logger.LogError($"Failed to create identity entry for directoryId={directoryId}");
            return;
        }

        _logger.LogInformation($"Created identity entry for directoryId={directoryId}");
    }
Ejemplo n.º 7
0
    private async Task CreateIdentity(DirectoryEntry entry, CancellationToken token)
    {
        string?email      = entry.GetEmail();
        string?identityId = entry.GetSigningCredentials();

        if (email == null && identityId == null)
        {
            return;
        }

        if (!(email != null && identityId != null))
        {
            _logger.LogError($"Directory Id {entry.DirectoryId} must specify both {PropertyName.Email} and {PropertyName.SigningCredentials} properties");
            return;
        }

        var identityEntryRequest = new IdentityEntryRequest
        {
            DirectoryId = identityId,
            Issuer      = email,
        };

        await _identityClient.Create(identityEntryRequest, token);
    }
Ejemplo n.º 8
0
    public async Task GivenIdentityEntry_WhenSigned_WillVerify()
    {
        const string issuer = "*****@*****.**";

        IdentityClient client     = TestApplication.GetIdentityClient();
        SigningClient  signClient = TestApplication.GetSigningClient();

        var documentId = new DocumentId("identity:test/unit-tests-identity/identity1");

        var query = new QueryParameter()
        {
            Filter    = "test/unit-tests-identity",
            Recursive = false,
        };

        IReadOnlyList <DatalakePathItem> search = (await client.Search(query).ReadNext()).Records;
        bool isInsearch = search.Any(x => x.Name == documentId.Path);

        bool deleted = await client.Delete(documentId);

        (isInsearch == deleted).Should().BeTrue();

        var request = new IdentityEntryRequest
        {
            DirectoryId = (string)documentId,
            Issuer      = issuer
        };

        bool success = await client.Create(request);

        success.Should().BeTrue();

        var signRequest = new SignRequest
        {
            PrincipleDigests = new[]
            {
                new PrincipleDigest
                {
                    PrincipleId = (string)documentId,
                    Digest      = Guid.NewGuid().ToString()
                }
            }
        };

        SignRequestResponse signedJwt = await signClient.Sign(signRequest);

        signedJwt.Should().NotBeNull();
        (signedJwt.Errors == null || signedJwt.Errors.Count == 0).Should().BeTrue();
        signedJwt.PrincipleDigests.Count.Should().Be(1);

        var validateRequest = new ValidateRequest
        {
            PrincipleDigests = new[]
            {
                new PrincipleDigest
                {
                    PrincipleId  = (string)documentId,
                    Digest       = signRequest.PrincipleDigests[0].Digest,
                    JwtSignature = signedJwt.PrincipleDigests.First().JwtSignature,
                }
            }
        };

        bool jwtValidated = await signClient.Validate(validateRequest);

        jwtValidated.Should().BeTrue();

        await client.Delete(documentId);

        search = (await client.Search(query).ReadNext()).Records;
        search.Any(x => x.Name == (string)documentId).Should().BeFalse();
    }