private void ShowCreateDownParty(PartyTypes type, OAuthSubPartyTypes?oauthSubPartyType = null)
{
if (type == PartyTypes.Oidc)
{
var oidcDownParty = new GeneralOidcDownPartyViewModel();
oidcDownParty.CreateMode = true;
oidcDownParty.Edit = true;
downParties.Add(oidcDownParty);
}
else if (type == PartyTypes.OAuth2)
{
var oauthDownParty = new GeneralOAuthDownPartyViewModel();
if (!oauthSubPartyType.HasValue)
{
throw new ArgumentNullException(nameof(oauthSubPartyType), "Required for OAuth 2.0 down parties.");
}
oauthDownParty.SubPartyType = oauthSubPartyType.Value;
oauthDownParty.CreateMode = true;
oauthDownParty.Edit = true;
downParties.Add(oauthDownParty);
}
else if (type == PartyTypes.Saml2)
{
var samlDownParty = new GeneralSamlDownPartyViewModel();
samlDownParty.CreateMode = true;
samlDownParty.Edit = true;
downParties.Add(samlDownParty);
}
}
private SamlDownPartyViewModel ToViewModel(GeneralSamlDownPartyViewModel generalSamlDownParty, SamlDownParty samlDownParty)
{
return(samlDownParty.Map <SamlDownPartyViewModel>(afterMap =>
{
generalSamlDownParty.KeyInfoList.Clear();
if (afterMap.Keys?.Count() > 0)
{
foreach (var key in afterMap.Keys)
{
generalSamlDownParty.KeyInfoList.Add(new KeyInfoViewModel
{
Subject = key.CertificateInfo.Subject,
ValidFrom = key.CertificateInfo.ValidFrom,
ValidTo = key.CertificateInfo.ValidTo,
Thumbprint = key.CertificateInfo.Thumbprint,
Key = key
});
}
}
if (afterMap.ClaimTransforms?.Count > 0)
{
afterMap.ClaimTransforms = afterMap.ClaimTransforms.MapClaimTransforms();
}
}));
}
private void RemoveSamlDownPartyCertificate(GeneralSamlDownPartyViewModel generalSamlDownParty, KeyInfoViewModel keyInfo)
{
generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
if (generalSamlDownParty.Form.Model.Keys.Remove(keyInfo.Key))
{
generalSamlDownParty.KeyInfoList.Remove(keyInfo);
}
}
private async Task OnEditSamlDownPartyValidSubmitAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, EditContext editContext)
{
try
{
if (generalSamlDownParty.Form.Model.ClaimTransforms?.Count() > 0)
{
foreach (var claimTransform in generalSamlDownParty.Form.Model.ClaimTransforms)
{
if (claimTransform is SamlClaimTransformClaimInViewModel claimTransformClaimIn && !claimTransformClaimIn.ClaimIn.IsNullOrWhiteSpace())
{
claimTransform.ClaimsIn = new List <string> {
claimTransformClaimIn.ClaimIn
};
}
}
}
var samlDownParty = generalSamlDownParty.Form.Model.Map <SamlDownParty>(afterMap =>
{
if (afterMap.ClaimTransforms?.Count() > 0)
{
int order = 1;
foreach (var claimTransform in afterMap.ClaimTransforms)
{
claimTransform.Order = order++;
}
}
});
if (generalSamlDownParty.CreateMode)
{
var samlDownPartyResult = await DownPartyService.CreateSamlDownPartyAsync(samlDownParty);
generalSamlDownParty.Form.UpdateModel(ToViewModel(generalSamlDownParty, samlDownPartyResult));
generalSamlDownParty.CreateMode = false;
toastService.ShowSuccess("SAML 2.0 Down-party created.", "SUCCESS");
}
else
{
var samlDownPartyResult = await DownPartyService.UpdateSamlDownPartyAsync(samlDownParty);
generalSamlDownParty.Form.UpdateModel(ToViewModel(generalSamlDownParty, samlDownPartyResult));
toastService.ShowSuccess("SAML 2.0 Down-party updated.", "SUCCESS");
}
generalSamlDownParty.Name = generalSamlDownParty.Form.Model.Name;
}
catch (FoxIDsApiException ex)
{
if (ex.StatusCode == System.Net.HttpStatusCode.Conflict)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Name), ex.Message);
}
else
{
throw;
}
}
}
private void SamlDownPartyViewModelAfterInit(GeneralSamlDownPartyViewModel samlDownParty, SamlDownPartyViewModel model)
{
if (samlDownParty.CreateMode)
{
model.Claims = new List <string> {
ClaimTypes.Email, ClaimTypes.Name, ClaimTypes.GivenName, ClaimTypes.Surname
};
}
}
private async Task OnSamlDownPartyCertificateFileSelectedAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, IFileListEntry[] files)
{
if (generalSamlDownParty.Form.Model.Keys == null)
{
generalSamlDownParty.Form.Model.Keys = new List <JwtWithCertificateInfo>();
}
generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
foreach (var file in files)
{
if (file.Size > GeneralSamlDownPartyViewModel.CertificateMaxFileSize)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), $"That's too big. Max size: {GeneralSamlDownPartyViewModel.CertificateMaxFileSize} bytes.");
return;
}
generalSamlDownParty.CertificateFileStatus = "Loading...";
using (var memoryStream = new MemoryStream())
{
await file.Data.CopyToAsync(memoryStream);
try
{
var base64UrlEncodeCertificate = WebEncoders.Base64UrlEncode(memoryStream.ToArray());
var jwtWithCertificateInfo = await HelpersService.ReadCertificateAsync(new CertificateAndPassword { EncodeCertificate = base64UrlEncodeCertificate });
if (generalSamlDownParty.Form.Model.Keys.Any(k => k.X5t.Equals(jwtWithCertificateInfo.X5t, StringComparison.OrdinalIgnoreCase)))
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), "Signature validation keys (certificates) has duplicates.");
return;
}
generalSamlDownParty.KeyInfoList.Add(new KeyInfoViewModel
{
Subject = jwtWithCertificateInfo.CertificateInfo.Subject,
ValidFrom = jwtWithCertificateInfo.CertificateInfo.ValidFrom,
ValidTo = jwtWithCertificateInfo.CertificateInfo.ValidTo,
Thumbprint = jwtWithCertificateInfo.CertificateInfo.Thumbprint,
Key = jwtWithCertificateInfo
});
generalSamlDownParty.Form.Model.Keys.Add(jwtWithCertificateInfo);
}
catch (Exception ex)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), ex.Message);
}
}
generalSamlDownParty.CertificateFileStatus = GeneralSamlDownPartyViewModel.DefaultCertificateFileStatus;
}
}
private async Task OnSamlDownPartyCertificateFileSelectedAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, IFileListEntry[] files)
{
if (generalSamlDownParty.Form.Model.Keys == null)
{
generalSamlDownParty.Form.Model.Keys = new List <JsonWebKey>();
}
generalSamlDownParty.Form.ClearFieldError(nameof(generalSamlDownParty.Form.Model.Keys));
foreach (var file in files)
{
if (file.Size > GeneralSamlDownPartyViewModel.CertificateMaxFileSize)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), $"That's too big. Max size: {GeneralSamlDownPartyViewModel.CertificateMaxFileSize} bytes.");
return;
}
generalSamlDownParty.CertificateFileStatus = "Loading...";
using (var memoryStream = new MemoryStream())
{
await file.Data.CopyToAsync(memoryStream);
try
{
var certificate = new X509Certificate2(memoryStream.ToArray());
var jwk = await certificate.ToFTJsonWebKeyAsync();
if (generalSamlDownParty.Form.Model.Keys.Any(k => k.X5t.Equals(jwk.X5t, StringComparison.OrdinalIgnoreCase)))
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), "Signature validation keys (certificates) has duplicates.");
return;
}
generalSamlDownParty.CertificateInfoList.Add(new CertificateInfoViewModel
{
Subject = certificate.Subject,
ValidFrom = certificate.NotBefore,
ValidTo = certificate.NotAfter,
Thumbprint = certificate.Thumbprint,
Key = jwk
});
generalSamlDownParty.Form.Model.Keys.Add(jwk);
}
catch (Exception ex)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Keys), ex.Message);
}
}
generalSamlDownParty.CertificateFileStatus = GeneralSamlDownPartyViewModel.DefaultCertificateFileStatus;
}
}
private async Task DeleteSamlDownPartyAsync(GeneralSamlDownPartyViewModel generalSamlDownParty)
{
try
{
await DownPartyService.DeleteSamlDownPartyAsync(generalSamlDownParty.Name);
DownParties.Remove(generalSamlDownParty);
await OnStateHasChanged.InvokeAsync(DownParty);
}
catch (TokenUnavailableException)
{
await(OpenidConnectPkce as TenantOpenidConnectPkce).TenantLoginAsync();
}
catch (Exception ex)
{
generalSamlDownParty.Form.SetError(ex.Message);
}
}
public void ShowSamlTab(GeneralSamlDownPartyViewModel downParty, SamlTabTypes samlTabTypes)
{
switch (samlTabTypes)
{
case SamlTabTypes.Saml:
downParty.ShowSamlTab = true;
downParty.ShowClaimTransformTab = false;
break;
case SamlTabTypes.ClaimsTransform:
downParty.ShowSamlTab = false;
downParty.ShowClaimTransformTab = true;
break;
default:
throw new NotSupportedException();
}
}
private void ShowCreateDownParty(PartyTypes type)
{
if (type == PartyTypes.Oidc)
{
var oidcDownParty = new GeneralOidcDownPartyViewModel();
oidcDownParty.CreateMode = true;
oidcDownParty.Edit = true;
downParties.Add(oidcDownParty);
}
else if (type == PartyTypes.OAuth2)
{
var oauthDownParty = new GeneralOAuthDownPartyViewModel();
oauthDownParty.CreateMode = true;
oauthDownParty.Edit = true;
downParties.Add(oauthDownParty);
}
else if (type == PartyTypes.Saml2)
{
var samlDownParty = new GeneralSamlDownPartyViewModel();
samlDownParty.CreateMode = true;
samlDownParty.Edit = true;
downParties.Add(samlDownParty);
}
}
private async Task OnEditSamlDownPartyValidSubmitAsync(GeneralSamlDownPartyViewModel generalSamlDownParty, EditContext editContext)
{
try
{
if (generalSamlDownParty.Form.Model.ClaimTransforms?.Count() > 0)
{
foreach (var claimTransform in generalSamlDownParty.Form.Model.ClaimTransforms)
{
if (claimTransform is SamlClaimTransformClaimInViewModel claimTransformClaimIn && !claimTransformClaimIn.ClaimIn.IsNullOrWhiteSpace())
{
claimTransform.ClaimsIn = new List <string> {
claimTransformClaimIn.ClaimIn
};
}
}
}
var samlDownParty = generalSamlDownParty.Form.Model.Map <SamlDownParty>(afterMap =>
{
afterMap.AuthnBinding = new SamlBinding {
RequestBinding = generalSamlDownParty.Form.Model.AuthnRequestBinding, ResponseBinding = generalSamlDownParty.Form.Model.AuthnResponseBinding
};
if (!afterMap.LoggedOutUrl.IsNullOrEmpty())
{
afterMap.LogoutBinding = new SamlBinding {
RequestBinding = generalSamlDownParty.Form.Model.LogoutRequestBinding, ResponseBinding = generalSamlDownParty.Form.Model.LogoutResponseBinding
};
}
if (afterMap.ClaimTransforms?.Count() > 0)
{
int order = 1;
foreach (var claimTransform in afterMap.ClaimTransforms)
{
claimTransform.Order = order++;
}
}
});
if (generalSamlDownParty.CreateMode)
{
await DownPartyService.CreateSamlDownPartyAsync(samlDownParty);
}
else
{
await DownPartyService.UpdateSamlDownPartyAsync(samlDownParty);
}
generalSamlDownParty.Name = generalSamlDownParty.Form.Model.Name;
generalSamlDownParty.Edit = false;
await OnStateHasChanged.InvokeAsync(DownParty);
}
catch (FoxIDsApiException ex)
{
if (ex.StatusCode == System.Net.HttpStatusCode.Conflict)
{
generalSamlDownParty.Form.SetFieldError(nameof(generalSamlDownParty.Form.Model.Name), ex.Message);
}
else
{
throw;
}
}
}
