private async Task ProcessResponseAgent(HttpResponseMessage response, IdentityUserDTO dto, StringBuilder msg)
{
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsAsync <ResponseDTO <UserResponse> >();
if (content != null && content.Data != null && content.Data.Id != 0 && content.IsValid)
{
dto.Id = content.Data.Id;
}
else if (content != null && content.Data != null && content.Data.Id != 0 && !content.IsValid)
{
dto.Id = content.Data.Id;
msg.AppendLine(content.Messages.Any() ? content.Messages.First().Message : string.Empty);
}
else if (content != null)
{
msg.AppendLine(content.Messages.Any() ? content.Messages.First().Message : string.Empty);
}
}
else
{
msg.AppendLine("Amigo.Tenant.Application.Services.Security - AmigoTenantTUserApplicationService - SearchUsersByCriteriaAsync - call to IdentityServerHttpClient api/Users/GetUsersDetails was not successful");
}
}
public async Task <KeyValuePair <int, string> > PostApplicationUser(IdentityUserDTO dto)
{
dto.UserName = dto.Email;
var isUserExixts = await UserExist(dto);
if (isUserExixts)
{
return(new KeyValuePair <int, string>(-3, "User already exists for " + dto.UserName + " email."));
}
var user = new ApplicationUser()
{
UserName = dto.Email,
Email = dto.Email,
FirstName = dto.FirstName,
LastName = dto.LastName
};
var result = await _userManager.CreateAsync(user, dto.Password);
if (!result.Succeeded)
{
return(new KeyValuePair <int, string>(-2, result.Errors.FirstOrDefault()?.Description.ToLower()));
}
var roleRes = await _userManager.AddToRoleAsync(user, Role.WebUser.ToString());
if (!roleRes.Succeeded)
{
var resDeleteUser = await _userManager.DeleteAsync(user);
if (!resDeleteUser.Succeeded)
{
return(new KeyValuePair <int, string>(-7, "User successfully created but failed to set role, tried to remove user but error occured."));
}
return(new KeyValuePair <int, string>(-8, "User successfully created but failed to set role, removed user."));
}
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var fullname = dto.LastName + " " + dto.FirstName;
var mailContent = await EmailBodyCreator.CreateConfirmEmailBody(Utilities.GetCurrHost(_httpContext), fullname, dto.UserName, code);
try
{
await _emailService.SendMailAsync(new List <MailAddress>() { new MailAddress(user.Email) }, null, null, AppCommon.AppName + " - Verify Email", mailContent, null);
return(new KeyValuePair <int, string>(1, "User successfully created, email sent."));
}
catch (Exception ex)
{
var resDeleteUser = await _userManager.DeleteAsync(user);
if (!resDeleteUser.Succeeded)
{
return(new KeyValuePair <int, string>(-6, "User successfully created but failed to sent email, tried to remove user but error occured."));
}
return(new KeyValuePair <int, string>(-4, "User successfully created but failed to sent email, deleted user."));
}
}
public async Task <bool> UserExist(IdentityUserDTO dto)
{
var user = await _userManager.FindByEmailAsync(dto.Email);
if (user == null)
{
return(false);
}
return(true);
}
public async Task <bool> UserExist(IdentityUserDTO dto)
{
try
{
return(await _aApplicationUserRepository.UserExist(dto));
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <IActionResult> PostApplicationUser(IdentityUserDTO dto)
{
try
{
var result = await _aApplicationUserRepository.PostApplicationUser(dto);
return(OKResult(result.Key, result.Value));
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <KeyValuePair <string, LoginSuccessViewModel> > LoginAsync(IdentityUserDTO dto)
{
var result = await _signInManager.PasswordSignInAsync(dto.UserName,
dto.Password, false, false);
if (!result.Succeeded)
{
return(new KeyValuePair <string, LoginSuccessViewModel>("username or password is incorrect please try again", null));
}
var user = await _userManager.FindByNameAsync(dto.UserName);
if (!user.EmailConfirmed)
{
return(new KeyValuePair <string, LoginSuccessViewModel>("Invalid login attempt. You must have a confirmed email account.", null));
}
var roles = await _userManager.GetRolesAsync(user);
var role = (Role)Enum.Parse(typeof(Role), roles[0]);
if (role == Role.System)
{
return(new KeyValuePair <string, LoginSuccessViewModel>("Role not found.", null));
}
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.Role, role.ToString())
}),
Expires = DateTime.UtcNow.AddHours(8),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(AppCommon.SymmetricSecurityKey), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var loginSuccessViewModel = new LoginSuccessViewModel
{
Id = user.Id,
UserName = user.UserName,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
Token = tokenHandler.WriteToken(token)
};
return(new KeyValuePair <string, LoginSuccessViewModel>("", loginSuccessViewModel));
}
public async Task <IActionResult> LoginAsync(IdentityUserDTO dto)
{
try
{
var result = await _aApplicationUserRepository.LoginAsync(dto);
if (!string.IsNullOrEmpty(result.Key))
{
return(OKResult(0, result.Key));
}
return(OKResult(1, result.Key, result.Value));
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <ResponseDTO> Delete(AmigoTenantTUserStatusDTO dto)
{
var command = _mapper.Map <AmigoTenantTUserStatusDTO, DeleteAmigoTenantTUserCommand>(dto);
var userDto = new IdentityUserDTO()
{
Id = dto.AmigoTenantTUserId,
RowStatus = false,
UserName = dto.UserName
};
var msg = new StringBuilder();
_identityAgent.IdentityServerClientSettings = this.IdentityServerClientSettings;
var responseAgent = await _identityAgent.ChangeStatus_AmigoTenantTUserDTO_IdentityServer(userDto);
await ProcessResponseAgent(responseAgent, userDto, msg);
var resp = await _bus.SendAsync(command);
return(ResponseBuilder.Correct(resp));
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (IAuthenticationRepository _repo = NinjectWebCommon.Load <IAuthenticationRepository>())
{
IdentityUserDTO user = await _repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("The username or password is incorrect.", null);
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
context.Validated(identity);
}
}
public async Task <ResponseDTO> Update(AmigoTenantTUserDTO dto)
{
StringBuilder msg = new StringBuilder();
var roleRequest = new AmigoTenantTRoleSearchRequest()
{
AmigoTenantTRoleId = dto.AmigoTenantTRoleId.HasValue ? dto.AmigoTenantTRoleId.Value : 0
};
var roleToAdd = await _AmigoTenantTRoleApplicationService.GetAmigoTenantTRoleBasicByIdAsync(roleRequest);
var amigoTenantTUser = await GetUsersByIdAsync(dto.AmigoTenantTUserId);
roleRequest = new AmigoTenantTRoleSearchRequest()
{
AmigoTenantTRoleId = amigoTenantTUser.AmigoTenantTRoleId.HasValue ? amigoTenantTUser.AmigoTenantTRoleId.Value : 0
};
var roleToRemove = await _AmigoTenantTRoleApplicationService.GetAmigoTenantTRoleBasicByIdAsync(roleRequest);
var isUserModifiedAdmin = await IsAdmin(dto.UpdatedBy.Value);
if (roleToAdd.Data.IsAdmin && !isUserModifiedAdmin)
{
msg.AppendLine("User does not have permission to update root users");
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = msg.ToString()
}));
}
/*******************************************
* 1. UPDATING IN IDENTITY SERVER
*******************************************/
// var agent = new ISHttpClientAgent();
var identityUserDto = new IdentityUserDTO()
{
Id = dto.AmigoTenantTUserId,
UserName = dto.Username,
FirstName = dto.FirstName,
LastName = dto.LastName,
Email = dto.Email,
PhoneNumber = dto.PhoneNumber,
RowStatus = dto.RowStatus
};
_identityAgent.IdentityServerClientSettings = this.IdentityServerClientSettings;
var responseAgent = await _identityAgent.Put_AmigoTenantTUserDTO_IdentityServer(identityUserDto);
await ProcessResponseAgent(responseAgent, dto, msg);
if (responseAgent.IsSuccessStatusCode)
{
//--- AddClaim
var claimRequest = new IdentitySeverAgent.RemoveClaimRequest()
{
UserId = amigoTenantTUser.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToRemove.Data.Name
};
var claimAgent = await _identityAgent.Remove_ClaimRequest_IdentityServer(claimRequest);
if (!claimAgent.IsSuccessStatusCode)
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
}
//--- RemoveClaim
var claimAddRequest = new IdentitySeverAgent.AddClaimRequest()
{
UserId = dto.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToAdd.Data.Code
};
var claimAddAgent = await _identityAgent.Save_ClaimRequest_IdentityServer(claimAddRequest);
if (!claimAddAgent.IsSuccessStatusCode)
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
}
}
//-------------------------------------------------------------------------------------------------------
//using (var httpClient = ISHttpClient.GetClient(IdentityServerClientSettings))
//{
// dto.Id = dto.AmigoTenantTUserId;
// var response = await httpClient.PutAsJsonAsync("api/Users", dto);
// await ProcessResponse(response, httpClient, dto, msg);
// var claimRequestRemove = new RemoveClaimRequest() { UserId = amigoTenantTUser.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToRemove.Data.Name };
// var claimResponseRemove = await httpClient.PostAsJsonAsync("api/Users/removeClaim", claimRequestRemove);
// if (!claimResponseRemove.IsSuccessStatusCode)
// msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoRemoved);
// var claimRequestAdd = new AddClaimRequest() { UserId = dto.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToAdd.Data.Name };
// var claimResponseAdd = await httpClient.PostAsJsonAsync("api/Users/addClaim", claimRequestAdd);
// if (!claimResponseAdd.IsSuccessStatusCode)
// msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
//-------------------------------------
// Change Password ( "reset")
//-------------------------------------
if (!string.IsNullOrEmpty(dto.Password))
{
var resetUserPasswordRequest = new IdentitySeverAgent.ResetUserPasswordRequest()
{
Id = dto.AmigoTenantTUserId, Password = dto.Password
};
//var resetUserPasswordResponse = await httpClient.PostAsJsonAsync("api/Users/resetPassword", resetUserPasswordRequest);
var resetUserPasswordResponse = await _identityAgent.Reset_AmigoTenantTUser_Password_IdentityServer(resetUserPasswordRequest);
if (resetUserPasswordResponse.IsSuccessStatusCode)
{
var content = await resetUserPasswordResponse.Content.ReadAsAsync <ResponseDTO>();
if (!content.IsValid)
{
return(ResponseBuilder.InCorrect().WithMessages(content.Messages.ToArray()));
}
}
else
{
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = Constants.Entity.AmigoTenantTUser.ErrorMessage.PasswordNotUpdated
}));
}
}
// }
/****************************************************
* 2. UPDATING IN SERVICE
*****************************************************/
var command = _mapper.Map <AmigoTenantTUserDTO, UpdateAmigoTenantTUserCommand>(dto);
var userSearchRequest = new UserSearchRequest()
{
AmigoTenantTUserId = dto.AmigoTenantTUserId, UserName = dto.Username
};
var exists = await ExistsToUpdate(userSearchRequest);
if (!exists)
{
msg.AppendLine(string.Format("{0} on {1}", Constants.Entity.AmigoTenantTUser.ErrorMessage.UserNoExist, Constants.Services.AmigoTenantService));
}
else
{
var resp = await _bus.SendAsync(command);
return(ResponseBuilder.Correct(resp));
}
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = msg.ToString()
}));
}
public async Task <ResponseDTO> Register(AmigoTenantTUserDTO dto)
{
if (dto == null)
{
return(ResponseBuilder.InCorrect());
}
var msg = new StringBuilder();
var roleRequest = new AmigoTenantTRoleSearchRequest()
{
AmigoTenantTRoleId = dto.AmigoTenantTRoleId ?? 0
};
var roleDto = await _AmigoTenantTRoleApplicationService.GetAmigoTenantTRoleBasicByIdAsync(roleRequest);
var isUserModifiedAdmin = await IsAdmin(dto.CreatedBy.Value);
if (roleDto.Data.IsAdmin && !isUserModifiedAdmin)
{
msg.AppendLine("User does not have permission to create root users");
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = msg.ToString()
}));
}
var userSearchRequest = new UserSearchRequest()
{
AmigoTenantTUserId = dto.AmigoTenantTUserId, UserName = dto.Username
};
var existsInactive = await ExistsInactiveUser(userSearchRequest);
// var agent = new ISHttpClientAgent();
_identityAgent.IdentityServerClientSettings = this.IdentityServerClientSettings;
if (!existsInactive)
{
/*******************************************
* 1. INSERTING IN IDENTITY SERVER
* {
* "AmigoTenantTUserId": 0,
* "Username": "******",
* "PayBy": "1",
* "UserType": "1",
* "DedicatedLocationId": 810,
* "BypassDeviceValidation": "1",
* "UnitNumber": "1",
* "TractorNumber": "1",
* "FirstName": "12",
* "LastName": "132",
* "Email": "*****@*****.**",
* "Password": "******",
* "Id": 0,
* "PhoneNumber": "122131",
* "AmigoTenantTRoleId": 1,
* "RowStatus": true,
* "EntityStatus": 0
* }AnyAsync
*******************************************/
/*
* using (var httpClient = ISHttpClient.GetClient(IdentityServerClientSettings))
* {
* var response = await httpClient.PostAsJsonAsync("api/Users", dto);
* await ProcessResponse(response, httpClient, dto, msg);
*
* var claimRequest = new AddClaimRequest() { UserId = dto.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleDto.Data.Code };
* var claimResponseAdd = await httpClient.PostAsJsonAsync("api/Users/addClaim", claimRequest);
* if (!claimResponseAdd.IsSuccessStatusCode)
* msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
*
* }
*/
var responseAgent = await _identityAgent.Save_AmigoTenantTUserDTO_IdentityServer(dto);
await ProcessResponseAgent(responseAgent, dto, msg);
if (responseAgent.IsSuccessStatusCode)
{
var claimRequest = new IdentitySeverAgent.AddClaimRequest()
{
UserId = dto.AmigoTenantTUserId,
ClaimType = "role",
ClaimValue = roleDto.Data.Code
};
var claimAgent = await _identityAgent.Save_ClaimRequest_IdentityServer(claimRequest);
if (!claimAgent.IsSuccessStatusCode)
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
}
}
}
else
{
/*******************************************
* 1. UPDATING IN IDENTITY SERVER
*******************************************/
var amigoTenantTUser = await GetUsersByUserNameAsync(dto.Username);
if (amigoTenantTUser != null)
{
var roleRequestToAdd = new AmigoTenantTRoleSearchRequest()
{
AmigoTenantTRoleId = dto.AmigoTenantTRoleId.HasValue ? dto.AmigoTenantTRoleId.Value : 0
};
var roleToAdd = await _AmigoTenantTRoleApplicationService.GetAmigoTenantTRoleBasicByIdAsync(roleRequestToAdd);
roleRequest = new AmigoTenantTRoleSearchRequest()
{
AmigoTenantTRoleId = amigoTenantTUser.AmigoTenantTRoleId.HasValue ? amigoTenantTUser.AmigoTenantTRoleId.Value : 0
};
var roleToRemove = await _AmigoTenantTRoleApplicationService.GetAmigoTenantTRoleBasicByIdAsync(roleRequest);
var identityUserDto = new IdentityUserDTO()
{
Id = amigoTenantTUser.AmigoTenantTUserId,
UserName = dto.Username,
FirstName = dto.FirstName,
LastName = dto.LastName,
Email = dto.Email,
PhoneNumber = dto.PhoneNumber,
RowStatus = dto.RowStatus
};
_identityAgent.IdentityServerClientSettings = this.IdentityServerClientSettings;
var responseAgent = await _identityAgent.Put_AmigoTenantTUserDTO_IdentityServer(identityUserDto);
await ProcessResponseAgent(responseAgent, dto, msg);
if (responseAgent.IsSuccessStatusCode)
{
//--- AddClaim
var claimRequest = new IdentitySeverAgent.RemoveClaimRequest()
{
UserId = amigoTenantTUser.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToRemove.Data.Name
};
var claimAgent = await _identityAgent.Remove_ClaimRequest_IdentityServer(claimRequest);
if (!claimAgent.IsSuccessStatusCode)
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
}
//--- RemoveClaim
var claimAddRequest = new IdentitySeverAgent.AddClaimRequest()
{
UserId = amigoTenantTUser.AmigoTenantTUserId, ClaimType = "role", ClaimValue = roleToAdd.Data.Code
};
var claimAddAgent = await _identityAgent.Save_ClaimRequest_IdentityServer(claimAddRequest);
if (!claimAddAgent.IsSuccessStatusCode)
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.ClaimNoCreated);
}
}
//-------------------------------------
// Change Password ( "reset")
//-------------------------------------
if (!string.IsNullOrEmpty(dto.Password))
{
var resetUserPasswordRequest = new IdentitySeverAgent.ResetUserPasswordRequest()
{
Id = amigoTenantTUser.AmigoTenantTUserId, Password = dto.Password
};
//var resetUserPasswordResponse = await httpClient.PostAsJsonAsync("api/Users/resetPassword", resetUserPasswordRequest);
var resetUserPasswordResponse = await _identityAgent.Reset_AmigoTenantTUser_Password_IdentityServer(resetUserPasswordRequest);
if (resetUserPasswordResponse.IsSuccessStatusCode)
{
var content = await resetUserPasswordResponse.Content.ReadAsAsync <ResponseDTO>();
if (!content.IsValid)
{
return(ResponseBuilder.InCorrect().WithMessages(content.Messages.ToArray()));
}
}
else
{
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = Constants.Entity.AmigoTenantTUser.ErrorMessage.PasswordNotUpdated
}));
}
}
// }
}
}
/*****************************************
* 2. INSERTING IN SERVICE
******************************************/
var existsToSave = await ExistsActiveToSave(userSearchRequest);
if (existsToSave)
{
msg.AppendLine(string.Format("{0} on {1}", Constants.Entity.AmigoTenantTUser.ErrorMessage.UserExist, Constants.Services.AmigoTenantService));
}
else
{
if (!existsInactive)
{
if (dto.AmigoTenantTUserId > 0)
{
var command = _mapper.Map <AmigoTenantTUserDTO, RegisterAmigoTenantTUserCommand>(dto);
var resp = await _bus.SendAsync(command);
return(ResponseBuilder.Correct(resp).WithMessages(new ApplicationMessage()
{
Message = msg.ToString()
}));
}
else
{
msg.AppendLine(Constants.Entity.AmigoTenantTUser.ErrorMessage.UserNoCreatedInIdentity);
}
}
else
{
var amigoTenantTUser = await GetUsersByUserNameAsync(dto.Username);
if (amigoTenantTUser != null)
{
dto.AmigoTenantTUserId = amigoTenantTUser.AmigoTenantTUserId;
var command = _mapper.Map <AmigoTenantTUserDTO, UpdateAmigoTenantTUserCommand>(dto);
var userSearchRequestToUpdate = new UserSearchRequest()
{
AmigoTenantTUserId = dto.AmigoTenantTUserId, UserName = dto.Username
};
var existsToUpdate = await ExistsToUpdate(userSearchRequestToUpdate);
if (!existsToUpdate)
{
msg.AppendLine(string.Format("{0} on {1}", Constants.Entity.AmigoTenantTUser.ErrorMessage.UserNoExist, Constants.Services.AmigoTenantService));
}
else
{
var resp = await _bus.SendAsync(command);
return(ResponseBuilder.Correct(resp));
}
}
}
}
return(ResponseBuilder.InCorrect().WithMessages(new ApplicationMessage()
{
Message = msg.ToString()
}));
}
