public IHttpActionResult UpdateById([FromBody] UserUpdateDetails updateDetails) { Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims(); var user = _context.Users.UpdateById(authenticatedUserId, updateDetails); return(Ok(ConvertToServiceLayerUser(user))); }
public void Refer(string refName, string refEmail) { var firstName = ClaimsHelper.GetClaimValue(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current), Constants.ClaimFirstName); var lastName = ClaimsHelper.GetClaimValue(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current), Constants.ClaimLastName); MessagingService.Referral(refEmail, refName, firstName + " " + lastName); }
public IActionResult DeleteItemFromCart(int itemId) { var email = ClaimsHelper.GetClaim(User, "name"); _shoppingCartService.RemoveCartItem(email, itemId); return(NoContent()); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } IPrincipal user = httpContext.User; if (!user.Identity.IsAuthenticated) { return(false); } //Compare the list of roles required against those in the users token. Is no intersection then return false (unauthorized) if (base.Roles != string.Empty) { var _rolesSplit = base.Roles.Split(',').ToList(); var userRoles = ClaimsHelper.GetUserRoles(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current)); if (_rolesSplit.Count > 0 && _rolesSplit.Intersect(userRoles).Count() == 0) { return(false); } } return(true); }
/// <inheritdoc /> public ApplicationUserMapperConfiguration() { CreateMap <RegisterViewModel, ApplicationUser>() .ForMember(x => x.UserName, o => o.MapFrom(p => p.Email)) .ForMember(x => x.Email, o => o.MapFrom(p => p.Email)) .ForMember(x => x.EmailConfirmed, o => o.MapFrom(src => true)) .ForMember(x => x.FirstName, o => o.MapFrom(p => p.FirstName)) .ForMember(x => x.LastName, o => o.MapFrom(p => p.LastName)) .ForMember(x => x.PhoneNumberConfirmed, o => o.MapFrom(src => true)) .ForAllOtherMembers(x => x.Ignore()); CreateMap <ClaimsIdentity, ApplicationUserProfileViewModel>() .ForMember(x => x.Id, o => o.MapFrom(claims => ClaimsHelper.GetValue <Guid>(claims, JwtClaimTypes.Subject))) .ForMember(x => x.PositionName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, ClaimTypes.Actor))) .ForMember(x => x.FirstName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.GivenName))) .ForMember(x => x.LastName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, ClaimTypes.Surname))) .ForMember(x => x.Roles, o => o.MapFrom(claims => ClaimsHelper.GetValues <string>(claims, JwtClaimTypes.Role))) .ForMember(x => x.Email, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.Name))) .ForMember(x => x.EmailVerified, o => o.MapFrom(claims => ClaimsHelper.GetValue <bool>(claims, JwtClaimTypes.EmailVerified))) .ForMember(x => x.PreferredUserName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.PreferredUserName))) .ForMember(x => x.PhoneNumber, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.PhoneNumber))) .ForMember(x => x.PhoneNumberVerified, o => o.MapFrom(claims => ClaimsHelper.GetValue <bool>(claims, JwtClaimTypes.PhoneNumberVerified))) .ForMember(x => x.AdditionalEmails, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, "AdditionalEmails"))) .ForAllOtherMembers(x => x.Ignore()); }
public async Task <IViewComponentResult> InvokeAsync(string selectedOwnerId, string selectedRepoId, string area) { if (User?.Identity == null || !User.Identity.IsAuthenticated || !ClaimsHelper.OwnerExistsInUserClaims(User.Identity as ClaimsIdentity, selectedOwnerId)) { // dash view model var publicDash = new DashboardMenuViewModel { SelectedOwnerId = selectedOwnerId, SelectedRepoId = selectedRepoId, ActiveArea = area }; //note: when public, the avatar URL cannot be retrieved from the user claims, so needs to be retrieved from data storage / cache return(View("Public", publicDash)); } // user view model var uvm = new UserViewModel(); uvm.Populate(User.Identity as ClaimsIdentity); // dash view model this.DashboardMenuViewModel = new DashboardMenuViewModel { SelectedOwnerId = selectedOwnerId, SelectedRepoId = selectedRepoId, UserViewModel = uvm, ActiveArea = area }; this.DashboardMenuViewModel.Owners.Add(uvm.UserOwner); this.DashboardMenuViewModel.Owners.AddRange(uvm.Organisations); this.DashboardMenuViewModel.SelectedOwnerAvatarUrl = this.DashboardMenuViewModel.Owners.FirstOrDefault(o => o.OwnerId.Equals(selectedOwnerId, StringComparison.InvariantCultureIgnoreCase))?.AvatarUrl; await PopulateRepositoryList(); return(View(this.DashboardMenuViewModel)); }
public async Task <IActionResult> GetVoucher([FromQuery] String voucherCode, [FromQuery] String applicationVersion, CancellationToken cancellationToken) { if (ClaimsHelper.IsPasswordToken(this.User) == false) { return(this.Forbid()); } // Do the software version check try { VersionCheckRequest versionCheckRequest = VersionCheckRequest.Create(applicationVersion); await this.Mediator.Send(versionCheckRequest, cancellationToken); } catch (VersionIncompatibleException vex) { Logger.LogError(vex); return(this.StatusCode(505)); } Guid estateId = Guid.Parse(ClaimsHelper.GetUserClaim(this.User, "estateId").Value); Guid contractId = Guid.Parse(ClaimsHelper.GetUserClaim(this.User, "contractId").Value); // Now do the GET GetVoucherRequest request = GetVoucherRequest.Create(estateId, contractId, voucherCode); GetVoucherResponse response = await this.Mediator.Send(request, cancellationToken); return(this.Ok(this.ModelFactory.ConvertFrom(response))); }
public async Task <ActionResult> GetActivitiesByUser() { var eventProps = GetDefaultCustomProperties(); try { var userObjectId = ClaimsHelper.GetUserObjectIdClaim((ClaimsIdentity)HttpContext.User.Identity); var results = await Database.GetActivitiesByUserAsync(userObjectId).ConfigureAwait(false); Logger.TrackEvent(EventNames.ActivitiesQueriedByUser, eventProps); return(Ok(results)); } catch (ClaimsValidationException ex) { eventProps.Add("User.Claims", ex.GetClaims()); Logger.TrackEvent(EventNames.ClaimsValidationError, eventProps); return(Unauthorized()); } catch (ModelValidationException ex) { return(BadRequest(ex.Message)); } catch (Exception ex) { Logger.TrackException(ex); return(StatusCode(StatusCodes.Status500InternalServerError)); } }
/// <summary> /// Obtem a Matrícula e o Nome Completo do Usuário Logado /// </summary> /// <returns></returns> public static string ObterMatriculaComNomeCompleto() { string matricula = ClaimsHelper.ObterClaim(Claims.Matricula)?.Value; string nomeCompleto = ClaimsHelper.ObterClaim(Claims.NomeCompleto)?.Value; return($"{matricula} - {nomeCompleto}"); }
public IActionResult GetPayments() { var email = ClaimsHelper.GetClaim(User, "name"); var paymentCards = _paymentService.GetStoredPaymentCards(email); return(Ok(paymentCards)); }
public async Task <ActionResult> RemoveLiftingActivity([FromRoute] long activityId) { var eventProps = GetDefaultCustomProperties(); try { var userId = ClaimsHelper.GetUserObjectIdClaim((ClaimsIdentity)HttpContext.User.Identity); await Database.RemoveLiftingActivityAsync(activityId, userId).ConfigureAwait(false); eventProps.Add("ActivityType", nameof(DistanceActivity)); eventProps.Add("ActivityID", activityId.ToString()); Logger.TrackEvent(EventNames.LiftingActivityRemoved, eventProps); } catch (ClaimsValidationException ex) { eventProps.Add("User.Claims", ex.GetClaims()); Logger.TrackEvent(EventNames.ClaimsValidationError, eventProps); return(Unauthorized()); } catch (ModelValidationException ex) { return(BadRequest(ex.Message)); } catch (Exception ex) { Logger.TrackException(ex); return(StatusCode(StatusCodes.Status500InternalServerError)); } return(Ok()); }
public IHttpActionResult DeleteById(Guid id) { Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims(); _context.Projects.DeleteById(id, authenticatedUserId); return(Ok()); }
public IHttpActionResult DeleteById() { Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims(); _context.Users.DeleteById(authenticatedUserId); return(Ok()); }
public IHttpActionResult UpdatePasswordById([FromBody] Service.PasswordUpdate passwordUpdate) { Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims(); var user = _context.Users.UpdatePasswordById(authenticatedUserId, passwordUpdate.Password); return(Ok(ConvertToServiceLayerUser(user))); }
public async Task <IActionResult> CreateGolfClub([FromBody] CreateGolfClubRequest request, CancellationToken cancellationToken) { if (ClaimsHelper.IsPasswordToken(this.User) == false) { return(this.Forbid()); } // Get the user id (subject) for the user Claim subjectIdClaim = ClaimsHelper.GetUserClaim(this.User, JwtClaimTypes.Subject); // Get the Golf Club Id claim from the user Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId); Guid golfClubId = Guid.Parse(golfClubIdClaim.Value); Guid securityUserId = Guid.Parse(subjectIdClaim.Value); // Create the command CreateGolfClubCommand command = CreateGolfClubCommand.Create(golfClubId, securityUserId, request); // Route the command await this.CommandRouter.Route(command, cancellationToken); // return the result return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}", new CreateGolfClubResponsev2 { GolfClubId = golfClubId })); }
public async Task <IActionResult> GetPlayer([FromRoute] Guid playerId, [FromQuery] Boolean includeMemberships, [FromQuery] Boolean includeTournamentSignups, CancellationToken cancellationToken) { // Get the Player Id claim from the user Claim playerIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.PlayerId, playerId.ToString()); Boolean validationResult = ClaimsHelper.ValidateRouteParameter(playerId, playerIdClaim); if (validationResult == false) { return(this.Forbid()); } GetPlayerDetailsResponse playerDetails = await this.Manager.GetPlayerDetails(Guid.Parse(playerIdClaim.Value), cancellationToken); List <ClubMembershipResponse> membershipList = null; if (includeMemberships) { membershipList = await this.Manager.GetPlayersClubMemberships(Guid.Parse(playerIdClaim.Value), cancellationToken); } PlayerSignedUpTournamentsResponse signedUpTournaments = null; if (includeTournamentSignups) { signedUpTournaments = await this.Manager.GetPlayerSignedUpTournaments(Guid.Parse(playerIdClaim.Value), cancellationToken); } GetPlayerResponse playerResponse = this.ConvertGetPlayerDetailsResponse(playerId, playerDetails, membershipList, signedUpTournaments); return(this.Ok(playerResponse)); }
public IActionResult DeleteAddressById(int addressId) { var email = ClaimsHelper.GetClaim(User, "name"); _addressService.DeleteAddress(email, addressId); return(NoContent()); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { if (!HttpContext.Current.User.Identity.IsAuthenticated) { return(false); } if (!ValidaAmbiente(httpContext)) { return(false); } var isAuthorized = base.AuthorizeCore(httpContext); if (!isAuthorized) { string usuario = ClaimsHelper.ObterClaim(Claims.Matricula).Value; Exception exception = new HttpException(401, $"Usuário {HttpContext.Current.User.Identity.Name} - {usuario} não autorizado para acessar a página: {HttpContext.Current.Request.Url.AbsoluteUri}"); ErrorSignal.FromCurrentContext().Raise(exception, HttpContext.Current); } return(isAuthorized); }
public AuthenticationRequestParameters( IServiceBundle serviceBundle, ITokenCacheInternal tokenCache, AcquireTokenCommonParameters commonParameters, RequestContext requestContext) { _serviceBundle = serviceBundle; _commonParameters = commonParameters; Authority = Authority.CreateAuthorityForRequest(serviceBundle.Config.AuthorityInfo, commonParameters.AuthorityOverride); ClientId = serviceBundle.Config.ClientId; CacheSessionManager = new CacheSessionManager(tokenCache, this); Scope = ScopeHelper.CreateSortedSetFromEnumerable(commonParameters.Scopes); RedirectUri = new Uri(serviceBundle.Config.RedirectUri); RequestContext = requestContext; IsBrokerConfigured = serviceBundle.Config.IsBrokerEnabled; // Set application wide query parameters. ExtraQueryParameters = serviceBundle.Config.ExtraQueryParameters ?? new Dictionary <string, string>(); // Copy in call-specific query parameters. if (commonParameters.ExtraQueryParameters != null) { foreach (KeyValuePair <string, string> kvp in commonParameters.ExtraQueryParameters) { ExtraQueryParameters[kvp.Key] = kvp.Value; } } ClaimsAndClientCapabilities = ClaimsHelper.GetMergedClaimsAndClientCapabilities( _commonParameters.Claims, _serviceBundle.Config.ClientCapabilities); }
public async Task <IActionResult> GetGolfClubList([FromQuery] Boolean includeMembers, [FromQuery] Boolean includeMeasuredCourses, [FromQuery] Boolean includeUsers, [FromQuery] Boolean includeTournaments, CancellationToken cancellationToken) { // Get the Golf Club Id claim from the user Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId); if (String.IsNullOrEmpty(golfClubIdClaim.Value) == false) { // A golf club user cannot be calling this method return(this.Forbid()); } List <GetGolfClubResponsev1> golfClubList = await this.Manager.GetGolfClubList(cancellationToken); List <GetGolfClubResponsev2> response = new List <GetGolfClubResponsev2>(); foreach (GetGolfClubResponsev1 getGolfClubResponse in golfClubList) { GetGolfClubResponsev2 getGolfClubResponsev2 = this.ConvertGetGolfClubResponse(getGolfClubResponse); response.Add(getGolfClubResponsev2); } return(this.Ok(response)); }
public async Task <IActionResult> SendEmail([FromBody] SendEmailRequestDTO sendEmailRequest, CancellationToken cancellationToken) { // Reject password tokens if (ClaimsHelper.IsPasswordToken(this.User)) { return(this.Forbid()); } Guid messageId = sendEmailRequest.MessageId.HasValue ? sendEmailRequest.MessageId.Value : Guid.NewGuid(); // Create the command SendEmailRequest request = SendEmailRequest.Create(sendEmailRequest.ConnectionIdentifier, messageId, sendEmailRequest.FromAddress, sendEmailRequest.ToAddresses, sendEmailRequest.Subject, sendEmailRequest.Body, sendEmailRequest.IsHtml); // Route the command await this.Mediator.Send(request, cancellationToken); // return the result return(this.Created($"{EmailController.ControllerRoute}/{messageId}", new SendEmailResponseDTO { MessageId = messageId })); }
public async Task <IActionResult> AddMeasuredCourseToGolfClub([FromRoute] Guid golfClubId, [FromBody] AddMeasuredCourseToClubRequest request, CancellationToken cancellationToken) { // Get the Golf Club Id claim from the user Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString()); Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim); if (validationResult == false) { return(this.Forbid()); } Guid golfClubIdValue = Guid.Parse(golfClubIdClaim.Value); Guid measuredCourseId = Guid.NewGuid(); // Create the command AddMeasuredCourseToClubCommand command = AddMeasuredCourseToClubCommand.Create(golfClubIdValue, measuredCourseId, request); // Route the command await this.CommandRouter.Route(command, cancellationToken); // return the result return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/measuredcourses/{measuredCourseId}", new AddMeasuredCourseToClubResponse { GolfClubId = golfClubIdValue, MeasuredCourseId = measuredCourseId })); }
protected override string Handle(GetRolesRequest request) { var user = _httpContextAccessor.HttpContext.User; var roles = ClaimsHelper.GetValues <string>((ClaimsIdentity)user.Identity, "role"); return($"Current user ({user.Identity.Name}) have following roles: {string.Join("|", roles)}"); }
public async Task <IActionResult> CreateMatchSecretary([FromRoute] Guid golfClubId, [FromBody] CreateMatchSecretaryRequest request, CancellationToken cancellationToken) { // Get the Golf Club Id claim from the user Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString()); Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim); if (validationResult == false) { return(this.Forbid()); } CreateMatchSecretaryCommand command = CreateMatchSecretaryCommand.Create(Guid.Parse(golfClubIdClaim.Value), request); await this.CommandRouter.Route(command, cancellationToken); // return the result return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/users/{request.EmailAddress}", new CreateMatchSecretaryResponse { GolfClubId = golfClubId, UserName = request.EmailAddress })); }
public async Task <IActionResult> IssueVoucher(IssueVoucherRequest issueVoucherRequest, CancellationToken cancellationToken) { // Reject password tokens if (ClaimsHelper.IsPasswordToken(this.User)) { return(this.Forbid()); } Guid voucherId = Guid.NewGuid(); DateTime issuedDateTime = issueVoucherRequest.IssuedDateTime.HasValue ? issueVoucherRequest.IssuedDateTime.Value : DateTime.Now; BusinessLogic.Requests.IssueVoucherRequest request = BusinessLogic.Requests.IssueVoucherRequest.Create(voucherId, issueVoucherRequest.OperatorIdentifier, issueVoucherRequest.EstateId, issueVoucherRequest.TransactionId, issuedDateTime, issueVoucherRequest.Value, issueVoucherRequest.RecipientEmail, issueVoucherRequest.RecipientMobile); IssueVoucherResponse response = await this.Mediator.Send(request, cancellationToken); // TODO: Populate the GET route return(this.Created("", this.ModelFactory.ConvertFrom(response))); }
public async Task <IActionResult> AddTournamentDivision([FromRoute] Guid golfClubId, [FromBody] AddTournamentDivisionToGolfClubRequest request, CancellationToken cancellationToken) { // Get the Golf Club Id claim from the user Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString()); Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim); if (validationResult == false) { return(this.Forbid()); } // Create the command AddTournamentDivisionToGolfClubCommand command = AddTournamentDivisionToGolfClubCommand.Create(Guid.Parse(golfClubIdClaim.Value), request); // Route the command await this.CommandRouter.Route(command, cancellationToken); // return the result return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/tournamentdivisions/{request.Division}", new AddTournamentDivisionToGolfClubResponse { GolfClubId = golfClubId, TournamentDivision = request.Division })); }
public IActionResult ClearCart() { var email = ClaimsHelper.GetClaim(User, "name"); _shoppingCartService.ClearCart(email); return(NoContent()); }
public async Task <IActionResult> RequestClubMembership([FromRoute] Guid golfClubId, [FromRoute] Guid playerId, CancellationToken cancellationToken) { // Get the Player Id claim from the user Claim playerIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.PlayerId, playerId.ToString()); Boolean validationResult = ClaimsHelper.ValidateRouteParameter(playerId, playerIdClaim); if (validationResult == false) { return(this.Forbid()); } // Create the command RequestClubMembershipCommand command = RequestClubMembershipCommand.Create(Guid.Parse(playerIdClaim.Value), golfClubId); // Route the command await this.CommandRouter.Route(command, cancellationToken); // return the result return(this.Created($"api/players/{playerId}", new RequestClubMembershipResponse { GolfClubId = golfClubId, PlayerId = playerId, MembershipId = Guid.Empty })); }
public IActionResult Get() { //Get Roles for current user var roles = ClaimsHelper.GetValues <string>((ClaimsIdentity)User.Identity, "role"); return(Ok($"Current user ({User.Identity.Name}) have following roles: {string.Join("|", roles)}")); }
public Service.User GetCurrentUser() { Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims(); var user = _context.Users.GetById(authenticatedUserId); return(ConvertToServiceLayerUser(user)); }