C# (CSharp) password_history.Controllers InputClaimsModel Examples

Example #1

        public async Task <ActionResult> GetAsync()
        {
            var            client = new SecretClient(new Uri(kvUri), new DefaultAzureCredential());
            KeyVaultSecret secret = null;

            string returnValue = string.Empty;

            string input = null;

            // If not data came in, then return
            if (this.Request.Body == null)
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
            }

            // Read the input claims from the request body
            using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
            {
                input = await reader.ReadToEndAsync();
            }

            // Check input content value
            if (string.IsNullOrEmpty(input))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
            }

            // Convert the input string into InputClaimsModel object
            InputClaimsModel inputClaims = InputClaimsModel.Parse(input);

            if (string.IsNullOrEmpty(inputClaims.userId))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("The 'userId' parameter is null or empty", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.password))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("The 'password' parameter is null or empty", HttpStatusCode.Conflict)));
            }

            try
            {
                // Try to get the secret
                List <Passwords> passwords = new List <Passwords>();

                await foreach (SecretProperties secretVersion in client.GetPropertiesOfSecretVersionsAsync(inputClaims.userId))
                {
                    passwords.Add(new Passwords()
                    {
                        Version = secretVersion.Version, CreatedOn = secretVersion.CreatedOn
                    });
                }

                // Sort the history by date decsending
                passwords = passwords.OrderByDescending(x => x.CreatedOn).ToList();

                int i = 0;
                foreach (var item in passwords)
                {
                    i++;

                    if (i <= 4)
                    {
                        secret = await client.GetSecretAsync(inputClaims.userId, item.Version);

                        // Check if the password already in used
                        if (secret.Value == inputClaims.password)
                        {
                            _logger.LogInformation("Secret {userId} found, returning error message ot the user.");
                            return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Please make sure the password you enter have never been used before.", HttpStatusCode.Conflict)));
                        }
                    }
                    else
                    {
                        break;
                    }
                }
            }
            catch (RequestFailedException)
            {
                _logger.LogInformation($"Secret {inputClaims.userId} not found.");
            }
            catch (Exception ex)
            {
                _logger.LogInformation(ex.Message);
            }


            try
            {
                // Try to update the secret
                KeyVaultSecret persistedSecret = await client.SetSecretAsync(inputClaims.userId, inputClaims.password);
            }
            catch (Exception ex)
            {
                _logger.LogError(ex.ToString());
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Error (649): " + ex.Message, HttpStatusCode.Conflict)));
            }

            return(Ok());
        }