public ValuesController(
ILogger <ValuesController> log,
IOptionsMonitor <AzureAdConfig> config,
ITokenAcquisition tokenAcquisition,
IHttpClientFactory clientFactory)
{
this.log = log;
this.tokenAcquisition = tokenAcquisition;
this.clientFactory = clientFactory;
this.config = config.CurrentValue;
}
/// <summary>
/// Initializes a new instance of the <see cref="GraphService"/> class.
/// </summary>
/// <param name="httpContextAccessor">Http Context</param>
/// <param name="keyVaultService">Key Vault Service</param>
/// <param name="config">Config</param>
/// <param name="cache">Cache</param>
/// <param name="dataProtectionProvider">Data Protection Provider</param>
public GraphService(IHttpContextAccessor httpContextAccessor, IKeyVaultService keyVaultService, IOptions <AzureAdConfig> config, IDistributedCache cache, IDataProtectionProvider dataProtectionProvider)
{
Contract.Requires(httpContextAccessor != null, nameof(httpContextAccessor));
Contract.Requires(config != null, nameof(config));
Contract.Requires(keyVaultService != null, nameof(keyVaultService));
Contract.Requires(cache != null, nameof(cache));
Contract.Requires(dataProtectionProvider != null, nameof(dataProtectionProvider));
this.httpContextAccessor = httpContextAccessor;
this.config = config.Value;
this.keyVaultService = keyVaultService;
this.cache = cache;
this.dataProtectionProvider = dataProtectionProvider;
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="config"></param>
/// <param name="configSyncGroups"></param>
/// <param name="showLogsHere"></param>
/// <param name="statusLogs"></param>
/// <param name="csvDataGenerator"></param>
public AzureDownload(
AzureAdConfig config,
ProvisionConfigExternalDirectorySync configSyncGroups,
IShowLogs showLogsHere,
TaskStatusLogs statusLogs,
CsvDataGenerator csvDataGenerator)
{
_showLogsHere = showLogsHere;
_configAzure = config;
_configSyncGroups = configSyncGroups;
if (statusLogs == null)
{
statusLogs = new TaskStatusLogs();
}
_statusLogs = statusLogs;
//Either use one passed in, or create one
if (csvDataGenerator == null)
{
csvDataGenerator = new CsvDataGenerator();
}
_csvProvisionResults = csvDataGenerator;
}
/// <summary>
/// Add Azure service to the Service Collection and configure it
/// </summary>
/// <param name="services"></param>
/// <param name="azureAdConfig"></param>
/// <returns></returns>
public static AuthenticationBuilder AddAzureAd(this IServiceCollection services, AzureAdConfig azureAdConfig) =>
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Authority = string.Format(System.Globalization.CultureInfo.InvariantCulture, azureAdConfig.AadInstance, azureAdConfig.Tenant);
options.Audience = azureAdConfig.Audience;
});
public async Task <IActionResult> AcquireToken(AzureAdConfig config)
{
var result = await _tokenProvider.GetToken(config);
return(Ok(result.AccessToken));
}
/// <summary>
/// Run the provisioning pulling from AzureAD
/// </summary>
/// <param name="pathSecrets"></param>
/// <param name="pathProvisionPlan"></param>
private void ProvisionFromAzureAd(
TaskStatusLogs statusLogs,
string pathSecrets,
string pathProvisionPlan,
bool deployToTableauTarget,
string pathOutputs)
{
//===========================================================================================
//Create a place for out output files
//===========================================================================================
FileIOHelper.CreatePathIfNeeded(pathOutputs);
AzureAdConfig configSignInAzure;
ProvisionConfigExternalDirectorySync configGroupsMapping;
//===========================================================================================
//Get the sign in information
//===========================================================================================
try
{
//Load the config from the files
configSignInAzure = new AzureAdConfig(pathSecrets);
}
catch (Exception exSignInConfig)
{
statusLogs.AddError("Error loading sign in config file. Error: " + exSignInConfig.Message);
throw new Exception("813-1212: Error parsing sign in config, " + exSignInConfig.Message);
}
//===========================================================================================
//Get the Groups/Roles mapping information
//===========================================================================================
try
{
configGroupsMapping = new ProvisionConfigExternalDirectorySync(pathProvisionPlan);
}
catch (Exception exGroupsMapping)
{
statusLogs.AddError("Error loading sync groups provisioning file. Error: " + exGroupsMapping.Message);
throw new Exception("813-1214: Error parsing sync groups, " + exGroupsMapping.Message);
}
//===========================================================================================
//Download all the data we need from Azure
//===========================================================================================
statusLogs.AddStatusHeader("Retrieving information from Azure AD");
UpdateStatusText(statusLogs);
var azureDownload = new AzureDownload(configSignInAzure, configGroupsMapping, this, statusLogs, null);
try
{
azureDownload.Execute();
//Sanity test
IwsDiagnostics.Assert(azureDownload.IsExecuteComplete.Value, "813-834: Internal error. Async work still running");
}
catch (Exception exAzureDownload)
{
statusLogs.AddError("Error retrieving data from Azure AD. Error: " + exAzureDownload.Message);
throw new Exception("813-0148: Error in Azure Download, " + exAzureDownload.Message);
}
//===========================================================================================
//Write the provisioning manifest out to an intermediary file
//===========================================================================================
statusLogs.AddStatusHeader("Writing out manifest file for Tableau provisioning");
UpdateStatusText(statusLogs);
var outputProvisioningRoles = azureDownload.ProvisioningManifestResults;
string provisioningManifest = Path.Combine(pathOutputs, "ProvisioningManifest.xml");
try
{
outputProvisioningRoles.GenerateProvisioningManifestFile(provisioningManifest, configGroupsMapping);
}
catch (Exception exWriteProvisioningManifest)
{
statusLogs.AddError("Error creating provisioning manifest. Error: " + exWriteProvisioningManifest.Message);
throw new Exception("813-739: Error writing provisioning manifest, " + exWriteProvisioningManifest.Message);
}
//=================================================================================================
//See if this is a test run, or whether we want to actually deploy the provisioning
//=================================================================================================
if (deployToTableauTarget)
{
//===========================================================================================
//Provision the Tableau site using the manifest file we just created
//===========================================================================================
statusLogs.AddStatusHeader("Provision Tableau site using generated manifest file");
UpdateStatusText(statusLogs);
try
{
ProvisionFromFileManifest(statusLogs, pathSecrets, provisioningManifest, pathOutputs);
}
catch (Exception exProvisionSite)
{
statusLogs.AddError("Error provisioning Tableau Online site. Error: " + exProvisionSite.Message);
throw new Exception("814-353: Error provisioning Tableau Online site, " + exProvisionSite.Message);
}
}
else
{
statusLogs.AddStatusHeader("Skipping Tableau site provisioning step (generate manifest only)");
}
}
public AzureAuthenticationType(AzureAdConfig adConfig)
{
ClientId = adConfig.ClientId;
}
