public async Task <InstanceDiscoveryMetadataEntry> GetMetadataEntryAsync(string authority, RequestContext requestContext)
{
AuthorityType type = Authority.GetAuthorityType(authority);
Uri authorityUri = new Uri(authority);
string environment = authorityUri.Host;
switch (type)
{
case AuthorityType.Aad:
InstanceDiscoveryMetadataEntry entry = _staticMetadataProvider.GetMetadata(environment);
if (entry != null)
{
return(entry);
}
InstanceDiscoveryResponse instanceDiscoveryResponse =
await _networkMetadataProvider.FetchAllDiscoveryMetadataAsync(authorityUri, requestContext).ConfigureAwait(false);
CacheInstanceDiscoveryMetadata(instanceDiscoveryResponse);
entry = _staticMetadataProvider.GetMetadata(environment);
return(entry ?? CreateEntryForSingleAuthority(authorityUri));
// ADFS and B2C do not support instance discovery
case AuthorityType.Adfs:
case AuthorityType.B2C:
return(CreateEntryForSingleAuthority(authorityUri));
default:
throw new InvalidOperationException("Unexpected authority type " + type);
}
}
public static byte AuthorityChatColor(AuthorityType authority)
{
switch (authority)
{
case AuthorityType.GS:
return(12);
case AuthorityType.TMOD:
case AuthorityType.MOD:
case AuthorityType.SMOD:
return(11);
case AuthorityType.BA:
case AuthorityType.TGM:
case AuthorityType.GM:
case AuthorityType.SGM:
case AuthorityType.GA:
case AuthorityType.TM:
case AuthorityType.CM:
case AuthorityType.DEV:
case AuthorityType.Administrator:
case AuthorityType.Owner:
return(15);
default:
return(0);
}
}
public IWebUI CreateAuthenticationDialog(CoreUIParent coreUIParent, WebViewPreference useEmbeddedWebView, RequestContext requestContext)
{
if (useEmbeddedWebView == WebViewPreference.System)
{
requestContext.Logger.Info("Using system browser.");
return(new DefaultOsBrowserWebUi(
requestContext.ServiceBundle.PlatformProxy,
requestContext.Logger,
coreUIParent.SystemWebViewOptions));
}
AuthorityType authorityType = requestContext.ServiceBundle.Config.Authority.AuthorityInfo.AuthorityType;
bool isAadOrAdfsAuthority =
authorityType == AuthorityType.Aad ||
authorityType == AuthorityType.Adfs;
if (isAadOrAdfsAuthority)
{
requestContext.Logger.Info($"Using WebView1 embedded browser because the authority is {authorityType}. WebView2 does not provide SSO.");
return(new InteractiveWebUI(coreUIParent, requestContext));
}
if (!_isWebView2AvailableFunc())
{
requestContext.Logger.Info("Using WebView1 embedded browser because WebView2 is not available.");
return(new InteractiveWebUI(coreUIParent, requestContext));
}
requestContext.Logger.Info("Using WebView2 embedded browser.");
return(new WebView2WebUi(coreUIParent, requestContext));
}
public async Task <InstanceDiscoveryMetadataEntry> GetMetadataEntryTryAvoidNetworkAsync(
string authority,
IEnumerable <string> existingEnvironmentsInCache,
RequestContext requestContext)
{
AuthorityType type = Authority.GetAuthorityType(authority);
Uri authorityUri = new Uri(authority);
string environment = authorityUri.Host;
switch (type)
{
case AuthorityType.Aad:
return
(_userMetadataProvider?.GetMetadataOrThrow(environment, requestContext.Logger) ?? // if user provided metadata but entry is not found, fail fast
_networkCacheMetadataProvider.GetMetadata(environment, requestContext.Logger) ??
_knownMetadataProvider.GetMetadata(environment, existingEnvironmentsInCache, requestContext.Logger) ??
await GetMetadataEntryAsync(authority, requestContext).ConfigureAwait(false));
case AuthorityType.Adfs:
case AuthorityType.B2C:
requestContext.Logger.Info("[Instance Discovery] Skipping Instance discovery for non-AAD authority");
return(await GetMetadataEntryAsync(authority, requestContext).ConfigureAwait(false));
default:
throw new InvalidOperationException("Unexpected authority type " + type);
}
}
public static short AuthorityColor(AuthorityType authority)
{
switch (authority)
{
case AuthorityType.GS:
return(50);
case AuthorityType.TMOD:
case AuthorityType.MOD:
case AuthorityType.SMOD:
case AuthorityType.BA:
case AuthorityType.TGM:
case AuthorityType.GM:
case AuthorityType.SGM:
case AuthorityType.GA:
case AuthorityType.TM:
case AuthorityType.CM:
case AuthorityType.DEV:
case AuthorityType.Administrator:
return(500);
default:
return(50);
}
}
public AuthorizeRoleAttribute(AuthorityType allowedRole)
{
var allowedRolesAsStrings = string.Empty;
IEnumerable <AuthorityType> enums = Enum.GetValues(typeof(AuthorityType)).Cast <AuthorityType>().ToList().Where(s => s >= allowedRole);
Roles = String.Join(",", enums.ToArray());
}
public bool AuthorizeDesignProject(int projectId, AuthorityType authorityType)
{
if (UserInfo == null || string.IsNullOrEmpty(UserInfo.UserName))
{
return(false);
}
var authorities = CommUtils.GetEnumFlags(authorityType);
Func <AuthorityType, int> parseAuthority = (authority) => authorities.Contains(authority) ? 1 : 0;
var sql = "SELECT * FROM dbo.EditProductAuthority WHERE user_name = @0 AND modify_project_id = @1";
var records = m_db.Query <ABSMgrConn.TableEditProductAuthority>(sql, UserInfo.UserName, projectId);
CommUtils.Assert(records.Count() < 2, "Get authority [userName="******"] [projectId=" + projectId + "] failed");
if (records.Count() == 0)
{
var obj = new ABSMgrConn.TableEditProductAuthority();
obj.user_name = UserInfo.UserName;
obj.modify_model_authority = parseAuthority(AuthorityType.ModifyModel);
obj.modify_task_authority = parseAuthority(AuthorityType.ModifyTask);
obj.create_product_authority = 0;
obj.modify_project_id = projectId;
m_db.Insert("EditProductAuthority", "product_edit_authority_id", true, obj);
}
else
{
var obj = records.Single();
obj.modify_model_authority = parseAuthority(AuthorityType.ModifyModel);
obj.modify_task_authority = parseAuthority(AuthorityType.ModifyTask);
m_db.Update("EditProductAuthority", "product_edit_authority_id", obj);
}
return(true);
}
public static byte AuthorityChatColor(AuthorityType authority)
{
switch (authority)
{
case AuthorityType.GameSupport:
return(12);
case AuthorityType.TrialModerator:
case AuthorityType.Moderator:
case AuthorityType.SuperModerator:
case AuthorityType.BoardAdmin:
case AuthorityType.TrialGameMaster:
case AuthorityType.GameMaster:
case AuthorityType.SuperGameMaster:
case AuthorityType.GameAdmin:
case AuthorityType.TeamManager:
case AuthorityType.CommunityManager:
case AuthorityType.Developper:
case AuthorityType.Administrator:
return(15);
case AuthorityType.CoOwner:
case AuthorityType.Owner:
return(16);
default:
return(0);
}
}
public List <int> GetAuthorizedProjectIds(AuthorityType authorityType)
{
if (!HasUserInfo())
{
return(new List <int>());
}
string sql = string.Empty;
switch (authorityType)
{
case AuthorityType.ModifyModel:
sql = "SELECT * FROM dbo.EditProductAuthority WHERE user_name = @0 AND modify_model_authority = @1";
break;
case AuthorityType.ModifyTask:
sql = "SELECT * FROM dbo.EditProductAuthority WHERE user_name = @0 AND modify_task_authority = @1";
break;
default:
throw new ApplicationException("Get authorized project id failed.");
}
var records = m_db.Query <ABSMgrConn.TableEditProductAuthority>(sql, UserInfo.UserName, 1);
return(records.ToList().Where(x => x.modify_project_id.HasValue)
.ToList().ConvertAll(x => x.modify_project_id.Value));
}
public async Task <IActionResult> PutAuthorityType([FromRoute] int id, [FromBody] AuthorityType authorityType)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != authorityType.TypeAuthority)
{
return(BadRequest());
}
_context.Entry(authorityType).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!AuthorityTypeExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
public List <XObject> GetAuthorizedObjectList(XObject subject, int targetType
, AuthorityType authorityType, AuthorityValue authorityValue)
{
List <XObject> targets = new List <XObject>();
DataSet ds = new DataSet();
Command.DbHelper.AddInput("@operation", 4, SqlDbType.Int);
Command.DbHelper.AddInput("@subjectzType", subject.XObjectType, SqlDbType.Int);
Command.DbHelper.AddInput("@subjectz", subject.Id, SqlDbType.Int);
Command.DbHelper.AddInput("@targetzType", targetType, SqlDbType.Int);
Command.DbHelper.AddInput("@authorityType", (int)authorityType, SqlDbType.Int);
Command.DbHelper.AddInput("@authorityValue", (int)authorityValue, SqlDbType.Int);
Command.DbHelper.StoredProcedure("p_AuthorityManager", ds);
foreach (DataRow r in ds.Tables[0].Rows)
{
Dictionary <string, object> dictionary
= ToDictionary(ds.Tables[0].Rows[0]);
XObject obj = new XObject(targetType, dictionary);
targets.Add(obj);
}
return(targets);
}
public async Task <IActionResult> PostAuthorityType([FromBody] AuthorityType authorityType)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
_context.AuthorityType.Add(authorityType);
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateException)
{
if (AuthorityTypeExists(authorityType.TypeAuthority))
{
return(new StatusCodeResult(StatusCodes.Status409Conflict));
}
else
{
throw;
}
}
return(CreatedAtAction("GetAuthorityType", new { id = authorityType.TypeAuthority }, authorityType));
}
public static Account Create(
string homeAccountId,
string environment,
string realm,
string localAccountId,
AuthorityType authorityType,
string userName,
string givenName,
string familyName,
string middleName,
string name,
string alternativeAccountId,
string clientInfo,
string additionalFieldsJson)
{
return(new Account
{
HomeAccountId = homeAccountId,
Environment = environment,
Realm = realm,
LocalAccountId = localAccountId,
AuthorityType = authorityType,
Username = userName,
GivenName = givenName,
FamilyName = familyName,
MiddleName = middleName,
Name = name,
AlternativeAccountId = alternativeAccountId,
ClientInfo = clientInfo,
AdditionalFieldsJson = additionalFieldsJson
});
}
internal static AuthorityType DetectAuthorityType(string authority)
{
if (string.IsNullOrWhiteSpace(authority))
{
throw new ArgumentNullException("authority");
}
if (!Uri.IsWellFormedUriString(authority, UriKind.Absolute))
{
throw new ArgumentException(AdalErrorMessage.AuthorityInvalidUriFormat, "authority");
}
var authorityUri = new Uri(authority);
if (authorityUri.Scheme != "https")
{
throw new ArgumentException(AdalErrorMessage.AuthorityUriInsecure, "authority");
}
string path = authorityUri.AbsolutePath.Substring(1);
if (string.IsNullOrWhiteSpace(path))
{
throw new ArgumentException(AdalErrorMessage.AuthorityUriInvalidPath, "authority");
}
string firstPath = path.Substring(0, path.IndexOf("/", StringComparison.Ordinal));
AuthorityType authorityType = IsAdfsAuthority(firstPath) ? AuthorityType.ADFS : AuthorityType.AAD;
return(authorityType);
}
public async Task <InstanceDiscoveryMetadataEntry> GetMetadataEntryAsync(
string authority,
RequestContext requestContext)
{
var autoDetectRegion = requestContext.ServiceBundle.Config.AuthorityInfo.AutoDetectRegion;
if (autoDetectRegion)
{
try
{
return(await _regionDiscoveryProvider.TryGetMetadataAsync(new Uri(authority), requestContext).ConfigureAwait(false));
}
catch
{
//If the regional autodetection fails in TryGetMetadataAsync we check for FallbackToGlobal
//If FallbackToGlobal is set, this will now fallback to using the metadata acquitition from global
if (requestContext.ServiceBundle.Config.AuthorityInfo.FallbackToGlobal)
{
requestContext.Logger.Info($"Attempting to fall back to global endpoint");
requestContext.ApiEvent.FallbackToGlobal = true;
}
else
{
throw;
}
}
}
AuthorityType type = Authority.GetAuthorityType(authority);
Uri authorityUri = new Uri(authority);
string environment = authorityUri.Host;
switch (type)
{
case AuthorityType.Aad:
InstanceDiscoveryMetadataEntry entry =
_userMetadataProvider?.GetMetadataOrThrow(environment, requestContext.Logger) ?? // if user provided metadata but entry is not found, fail fast
await FetchNetworkMetadataOrFallbackAsync(requestContext, authorityUri).ConfigureAwait(false);
if (entry == null)
{
string message = "[Instance Discovery] Instance metadata for this authority could neither be fetched nor found. MSAL will continue regardless. SSO might be broken if authority aliases exist. ";
requestContext.Logger.WarningPii(message + "Authority: " + authority, message);
entry = CreateEntryForSingleAuthority(authorityUri);
}
return(entry);
// ADFS and B2C do not support instance discovery
case AuthorityType.Adfs:
case AuthorityType.B2C:
requestContext.Logger.Info("[Instance Discovery] Skipping Instance discovery for non-AAD authority. ");
return(CreateEntryForSingleAuthority(authorityUri));
default:
throw new InvalidOperationException("Unexpected authority type " + type);
}
}
private AuthorityInfo(string host, string canonicalAuthority, AuthorityType authorityType, string userRealmUriPrefix, bool validateAuthority)
{
Host = host;
CanonicalAuthority = canonicalAuthority;
AuthorityType = authorityType;
UserRealmUriPrefix = userRealmUriPrefix;
ValidateAuthority = validateAuthority;
}
public void RemoveAuth(AuthorityType e, User user)
{
var ele = TimeAxisAuthority.FirstOrDefault(x => x.AuthorityType == e && x.User.Id == user.Id);
if (ele != null)
{
TimeAxisAuthority.Remove(ele);
}
}
/// <summary>
/// 实例化一个权限对象
/// </summary>
public Authority()
{
status = AuthorityStatus.启用;
group = new LazyMember <AuthorityGroup>(LoadAuthorityGroup);
authorityType = AuthorityType.管理;
createDate = DateTime.Now;
sort = 0;
repository = this.Instance <IAuthorityRepository>();
}
public HandlerMethodReference(Action <object, object> handlerMethod, IPacketHandler parentHandler, PacketAttribute handlerMethodAttribute)
{
HandlerMethod = handlerMethod;
ParentHandler = parentHandler;
HandlerMethodAttribute = handlerMethodAttribute;
Identification = HandlerMethodAttribute.Header;
PassNonParseablePacket = false;
Authorities = new AuthorityType[] { AuthorityType.User };
}
private AuthorityInfo(string host, string canonicalAuthority, AuthorityType authorityType, string userRealmUriPrefix, bool validateAuthority, bool autoDetectRegion, string regionToUse)
{
Host = host;
CanonicalAuthority = canonicalAuthority;
AuthorityType = authorityType;
UserRealmUriPrefix = userRealmUriPrefix;
ValidateAuthority = validateAuthority;
AutoDetectRegion = autoDetectRegion;
RegionToUse = regionToUse;
}
public override bool IsBrokerInstalledAndInvokable(AuthorityType authorityType)
{
// WAM does not work on pure ADFS environments
if (authorityType == AuthorityType.Adfs)
{
return(false);
}
return(true);
}
public bool IsBrokerInstalledAndInvokable(AuthorityType authorityType)
{
using (_logger.LogMethodDuration())
{
bool canInvoke = CanSwitchToBroker();
_logger.Verbose("[Android broker] Can invoke broker? " + canInvoke);
return(canInvoke);
}
}
public void RemoveAuthority(AuthorityType type, List <string> list)
{
if (AllAuthority.ContainsKey(type))
{
foreach (var item in list)
{
AllAuthority[type].Remove(item);
}
}
}
//添加权限
public void AddAuthority(List <string> list, AuthorityType type)
{
if (AllAuthority.Keys.Contains(type))
{
AllAuthority[type].AddRange(list);
}
else
{
AllAuthority.Add(type, list);
}
}
public static string AuthorityTypeMismatch(
AuthorityType appAuthorityType,
AuthorityType requestAuthorityType)
{
return(string.Format(
CultureInfo.InvariantCulture,
"A authority of type {0} was used at the application and of type {1} at the request level. " +
"Please use the same authority type between the two.",
appAuthorityType,
requestAuthorityType));
}
/// <summary>
/// 实例化一个权限对象
/// </summary>
/// <param name="code">权限码</param>
/// <param name="name">权限名称</param>
public Authority(string code = "", string name = "")
{
_code = code;
_name = name;
_status = AuthorityStatus.启用;
_authGroup = new LazyMember <AuthorityGroup>(LoadAuthorityGroup);
_authType = AuthorityType.管理;
_createDate = DateTime.Now;
_sort = 0;
authorityRepository = this.Instance <IAuthorityRepository>();
}
string GetAuthority(AuthorityType type)
{
if (type == AuthorityType.Default)
{
return("");
}
else
{
return(authorityTypes[(int)type] + " ");
}
}
public void AddAuthority(XObject subject, XObject target
, AuthorityType authorityType, AuthorityValue authorityValue)
{
Command.DbHelper.AddInput("@operation", 1, SqlDbType.Int);
Command.DbHelper.AddInput("@subjectzType", subject?.XObjectType, SqlDbType.Int);
Command.DbHelper.AddInput("@subjectz", subject?.Id, SqlDbType.Int);
Command.DbHelper.AddInput("@targetzType", target?.XObjectType, SqlDbType.Int);
Command.DbHelper.AddInput("@targetz", target?.Id, SqlDbType.Int);
Command.DbHelper.AddInput("@authorityType", (int)authorityType, SqlDbType.Int);
Command.DbHelper.AddInput("@authorityValue", (int)authorityValue, SqlDbType.Int);
Command.DbHelper.StoredProcedure("p_AuthorityManager");
}
public TimeAxis AssignNo(User user, TimeAxis line, AuthorityType auth)
{
if (user == null || line == null)
{
throw new ArgumentNullException();
}
line.RemoveAuth(auth, user);
user.RemoveAuth(auth);
return(line);
}
public static short AuthorityColor(AuthorityType authority)
{
switch (authority)
{
case AuthorityType.GameMaster:
case AuthorityType.Administrator:
return(500);
//AuthorityColour for Users, let's test
default:
return(100);
}
}
public LoginEventArgs(int user_info_ID, AuthorityType authority)
{
this.UserInfoID = user_info_ID;
this.Authority = authority;
}
// 给定用户权限获取用户信息,返回DataTable类型
public static bool GetUserInfo(AuthorityType authority, out DataTable table)
{
string string_of_check_user = "******" +
"`Sex`,`Birthday`,`Education`,`Phone`,`Email`,`StudentID` from `" + UserInfoTableName + "` where `Authority`='" +
Convert.ToInt32(authority).ToString() + "';";
table = new DataTable();
if (_DatabaseInUse == DatabaseType.MySql)
{
DataSet dataset = MySql.MySqlHelper.ExecuteQuery(string_of_check_user);
if (dataset.Tables[0].Rows.Count == 0)
return false;
table = dataset.Tables[0];
return true;
}
else
{
return false;
}
}
