public async Task DeleteKeyset(TFKeyset keyset)
{
try
{
HttpResponseMessage rm;
rm = await _web.DeleteAsync(string.Format("https://graph.microsoft.com/beta/trustFramework/keySets/{0}", keyset.Id));
if (rm.Content != null)
{
var res = await rm.Content.ReadAsStringAsync();
if (!rm.IsSuccessStatusCode)
{
var err = JsonConvert.DeserializeObject <GraphError>(res);
var msg = "Error deleting keyset: " + err.Error.Message;
Logging.WriteToAppLog(msg, EventLogEntryType.Error);
LastError = msg;
return;
}
}
else
{
LastError = "No content was returned";
return;
}
}
catch (Exception ex)
{
Logging.WriteToAppLog("Error deleting keyset", EventLogEntryType.Error, ex);
LastError = ex.Message;
}
}
public async Task <TFKey> UploadKeysetSecret(TFKeyset keySet, string secret, TFKeyUse use, DateTimeOffset?activationDate = null, DateTimeOffset?expiryDate = null)
{
try
{
var gen = new TFKeyGen
{
Use = use,
K = secret,
Kty = TFKeyKty.oct
};
if (activationDate != null)
{
//1000 ms x 60 seconds * 5 minutes
long fiveMinutes = 1000 * 60 * 5;
gen.Nbf = activationDate.Value.ToUnixTimeSeconds() - fiveMinutes;
}
if (expiryDate != null)
{
//1000 ms x 60 seconds * 60 minutes * 24 hours * 365 days
long twoYears = (long)1000 * 60 * 60 * 24 * 365 * 2;
gen.Exp = expiryDate.Value.ToUnixTimeSeconds() + twoYears;
}
HttpResponseMessage rm;
var formatter = new JsonMediaTypeFormatter();
formatter.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
HttpContent data = new ObjectContent <TFKeyGen>(gen, formatter);
var url = string.Format("https://graph.microsoft.com/beta/trustFramework/keySets/{0}/generateKey", keySet.Id);
rm = await _web.PostAsync(url, data);
if (rm.Content != null)
{
var res = await rm.Content.ReadAsStringAsync();
if (!rm.IsSuccessStatusCode)
{
var err = JsonConvert.DeserializeObject <GraphError>(res);
var msg = "Error uploading secret: " + err.Error.Message;
Logging.WriteToAppLog(msg, EventLogEntryType.Error);
LastError = msg;
return(null);
}
var obj = JsonConvert.DeserializeObject <TFKey>(res);
return(obj);
}
else
{
LastError = "No content was returned";
return(null);
}
}
catch (Exception ex)
{
Logging.WriteToAppLog("Error uploading secret", EventLogEntryType.Error, ex);
LastError = "Error uploading secret: " + ex.Message;
return(null);
}
}
private async void btnCreateEncKey_Click(object sender, EventArgs e)
{
aniRunning.Visible = true;
encryptionKey = await _parent._policy.CreateKeyset("TokenEncryptionKeyContainer");
if (encryptionKey == null)
{
toolStripStatusLabel1.Text = _parent._policy.LastError;
return;
}
var key = await _parent._policy.GenerateKey(encryptionKey, TFKeyKty.rsa, TFKeyUse.enc);
if (key == null)
{
//keygen failed - delete the keyset, show the error, and let the user try again
await _parent._policy.DeleteKeyset(encryptionKey);
encryptionKey = null;
var msg = string.Format("An error occured creating the key. The keyset has been deleted so you can try again after correcting the issue.\n\rError:\n\r{0}", _parent._policy.LastError);
MessageBox.Show(msg, "Error Creating Keyset");
return;
}
txtEncryptionKey.Text = encryptionKey.Id;
aniRunning.Visible = false;
CheckReadiness();
}
public async Task <TFKeyset> CreateKeyset(string id)
{
try
{
var ks = new TFKeyset
{
Id = id
};
HttpResponseMessage rm;
var formatter = new JsonMediaTypeFormatter();
formatter.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
HttpContent data = new ObjectContent <TFKeyset>(ks, formatter);
rm = await _web.PostAsync("https://graph.microsoft.com/beta/trustFramework/keySets", data);
if (rm.Content != null)
{
var res = await rm.Content.ReadAsStringAsync();
if (!rm.IsSuccessStatusCode)
{
var err = JsonConvert.DeserializeObject <GraphError>(res);
var msg = "Error creating keyset: " + err.Error.Message;
Logging.WriteToAppLog(msg, EventLogEntryType.Error);
LastError = msg;
return(null);
}
var obj = JsonConvert.DeserializeObject <TFKeyset>(res);
return(obj);
}
else
{
LastError = "No content was returned";
return(null);
}
}
catch (Exception ex)
{
Logging.WriteToAppLog("Error creating keyset", EventLogEntryType.Error, ex);
LastError = "Error creating keyset: " + ex.Message;
return(null);
}
}
private async void btnCreateFBKey_Click(object sender, EventArgs e)
{
aniRunning.Visible = true;
var fbSecret = Dialog.ShowDialog("Please enter the secret from your Facebook app registration:", "Facebook Secret");
if (fbSecret == "")
{
return;
}
facebookKey = await _parent._policy.CreateKeyset("FacebookSecret");
if (facebookKey == null)
{
toolStripStatusLabel1.Text = _parent._policy.LastError;
return;
}
var key = await _parent._policy.UploadKeysetSecret(facebookKey, fbSecret, TFKeyUse.sig);
if (key == null)
{
//keygen failed - delete the keyset, show the error, and let the user try again
await _parent._policy.DeleteKeyset(facebookKey);
facebookKey = null;
var msg = string.Format("An error occured creating the key. The keyset has been deleted so you can try again after correcting the issue.\n\rError:\n\r{0}", _parent._policy.LastError);
MessageBox.Show(msg, "Error Creating Keyset");
return;
}
txtFacebookKey.Text = facebookKey.Id;
aniRunning.Visible = false;
CheckReadiness();
}
private async Task GetStatus()
{
aniRunning.Visible = true;
try
{
ClearStatus();
//get policies
policies = await _parent._policy.GetListAsync();
if (policies != null && policies.Count > 0)
{
foreach (var item in policies)
{
lstPolicies.Items.Add(item.Id);
}
}
else
{
lstPolicies.Items.Add("N/A");
}
//get applications
appList = await _parent._apps.GetAppListAsync();
if (appList != null)
{
b2c = appList.Where(a => a.SignInAudience == Models.Audiences.AzureADandPersonalMicrosoftAccount).ToList();
if (b2c != null && b2c.Count > 0)
{
lstB2CApps.DisplayMember = "DisplayName";
lstB2CApps.ValueMember = "Id";
lstB2CApps.DataSource = b2c;
}
else
{
lstB2CApps.Items.Add("N/A");
}
//check for test app
testApp = b2c.FirstOrDefault(a => a.Web.RedirectUris.Any(b => b == "https://jwt.ms"));
if (testApp != null)
{
txtTestApplication.Text = GetAppName(testApp);
btnCreateTestApp.Enabled = false;
}
else
{
txtTestApplication.Text = "N/A";
}
aad = appList.Where(a => a.SignInAudience != Models.Audiences.AzureADandPersonalMicrosoftAccount).ToList();
if (aad != null && aad.Count > 0)
{
foreach (var item in aad)
{
lstTenantApps.Items.Add(item.DisplayName);
}
}
else
{
lstTenantApps.Items.Add("N/A");
}
//check for IdentityExperienceFramework app
iefApp = aad.FirstOrDefault(a => a.DisplayName == "IdentityExperienceFramework");
if (iefApp != null)
{
txtIEFApp.Text = string.Format("{0} ({1})", iefApp.DisplayName, iefApp.Id);
btnCreateIEFApp.Enabled = false;
}
else
{
txtIEFApp.Text = "N/A";
}
//check for ProxyIdentityExperienceFramework app
iefProxyApp = aad.FirstOrDefault(a => a.DisplayName == "ProxyIdentityExperienceFramework");
if (iefProxyApp != null)
{
txtIEFProxyApp.Text = string.Format("{0} ({1})", iefProxyApp.DisplayName, iefProxyApp.Id);
btnCreateIEFProxyApp.Enabled = false;
}
else
{
txtIEFProxyApp.Text = "N/A";
}
}
else
{
lstB2CApps.DataSource = null;
lstB2CApps.Items.Add("N/A");
txtTestApplication.Text = "N/A";
lstTenantApps.Items.Add("N/A");
txtIEFApp.Text = "N/A";
txtIEFProxyApp.Text = "N/A";
}
//check for keys
keys = await _parent._policy.GetKeySetsAsync();
if (keys != null)
{
signingKey = keys.SingleOrDefault(k => k.Id.Contains("TokenSigningKeyContainer"));
if (signingKey != null)
{
txtSigningKey.Text = signingKey.Id;
btnCreateSigningKey.Enabled = false;
}
else
{
txtSigningKey.Text = "N/A";
}
encryptionKey = keys.SingleOrDefault(k => k.Id.Contains("TokenEncryptionKeyContainer"));
if (encryptionKey != null)
{
txtEncryptionKey.Text = encryptionKey.Id;
btnCreateEncKey.Enabled = false;
}
else
{
txtEncryptionKey.Text = "N/A";
}
facebookKey = keys.SingleOrDefault(k => k.Id.Contains("FacebookSecret"));
if (facebookKey != null)
{
txtFacebookKey.Text = facebookKey.Id;
btnCreateFBKey.Enabled = false;
}
else
{
txtFacebookKey.Text = "N/A";
}
}
else
{
txtSigningKey.Text = "N/A";
txtEncryptionKey.Text = "N/A";
txtFacebookKey.Text = "N/A";
}
//get repo status
CheckRepoStatus();
aniRunning.Visible = false;
CheckReadiness();
}
catch (Exception ex)
{
aniRunning.Visible = false;
MessageBox.Show(ex.Message, "Error retrieving some tenant IEF properties", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
