/// <summary>
        /// Registers an application.
        /// </summary>
        /// <param name="clientId">The client id.</param>
        /// <param name="clientSecret">The client secret.</param>
        /// <param name="redirectUri">The redirect URI.</param>
        /// <param name="name">The name.</param>
        public void RegisterApplication(string clientId, string clientSecret, string redirectUri, string name)
        {
            var client = CreateManagementServiceClient();

            var serviceIdentity = client.ServiceIdentities.Where(si => si.Name == clientId).ToList().FirstOrDefault();
            if (serviceIdentity != null)
            {
                throw new InvalidOperationException(string.Format(
                    "An application with client_id '{0}' already exists.", clientId));
            }

            // Create a service identity
            serviceIdentity = new ServiceIdentity
                                  {
                                      Name = clientId,
                                      Description = name,
                                      RedirectAddress = redirectUri
                                  };
            var serviceIdentityKey = new ServiceIdentityKey
                                         {
                                             DisplayName = string.Format("Credentials for {0}", clientId),
                                             Value = Encoding.UTF8.GetBytes(clientSecret),
                                             Type = IdentityKeyTypes.Password.ToString(),
                                             Usage = IdentityKeyUsages.Password.ToString(),
                                             StartDate = DateTime.UtcNow,
                                             EndDate = DateTime.UtcNow.AddYears(100) // Validity 100 years. After that?
                                         };

            // Process modifications to the namespace
            client.AddToServiceIdentities(serviceIdentity);
            client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
            client.SaveChanges(SaveChangesOptions.Batch);
        }
Example #2
0
        public void LinkSensor(int id, string sensorId)
        {
            // Has a sensor already been linked?
            var brewWithSensor = BrewRepository.GetAll().FirstOrDefault(b => b.SensorId == sensorId);
            if (brewWithSensor != null && brewWithSensor.Id != id)
            {
                throw new ArgumentException(
                    string.Format("The sensor with id {0} can not be linked to the brew because the sensor has already been linked to another brew.", sensorId), "sensorId");
            }

            // Get the brew
            var brew = GetBrew(id);

            // First unlink the current sensor
            if (!string.IsNullOrEmpty(brew.SensorId))
            {
                UnlinkSensor(id, brew.SensorId);
            }

            // Link sensor in our datastore
            brew.SensorId = sensorId;
            brew.LastModified = DateTime.UtcNow;
            BrewRepository.CommitChanges();

            // We want a custom identity for the sensor which only allows sending to the service bus.
            var serviceManagementWrapper = new ServiceManagementWrapper(AcsNamespace, ManagementIssuer, ManagementKey);
            var client = serviceManagementWrapper.CreateManagementServiceClient();
            client.IgnoreResourceNotFoundException = true;

            // Clean up if we already exist as a sensor
            var existingRule = client.Rules.AddQueryOption("$filter", "Description eq '" + string.Format("Add Send claim value for sensor id {0}", sensorId) + "'").FirstOrDefault();
            if (existingRule != null)
            {
                client.DeleteObject(existingRule);
                client.SaveChanges(SaveChangesOptions.Batch);
            }
            serviceManagementWrapper.RemoveServiceIdentity(sensorId);

            // Create a new identity
            var serviceIdentity = new ServiceIdentity
            {
                Name = sensorId,
                Description = string.Format("Sensor id: {0}", sensorId)
            };
            var serviceIdentityKey = new ServiceIdentityKey
            {
                DisplayName = string.Format("Credentials for {0}", sensorId),
                Value = Encoding.UTF8.GetBytes(sensorId),
                Type = IdentityKeyTypes.Symmetric.ToString(),
                Usage = IdentityKeyUsages.Password.ToString(),
                StartDate = DateTime.UtcNow,
                EndDate = DateTime.UtcNow.AddMonths(2) // sensors can be linked for up to 2 months
            };

            // Process modifications to the namespace
            client.AddToServiceIdentities(serviceIdentity);
            client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
            client.SaveChanges(SaveChangesOptions.Batch);

            // Add a Send claim
            var issuer = client.Issuers.AddQueryOption("$filter", "Name eq 'LOCAL AUTHORITY'").FirstOrDefault();
            var ruleGroup = client.RuleGroups.AddQueryOption("$filter", "Name eq 'Default Rule Group for ServiceBus'").FirstOrDefault();
            var rule = new Rule
            {
                Description = string.Format("Add Send claim value for sensor id {0}", sensorId),
                InputClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
                InputClaimValue = sensorId,
                OutputClaimType = "net.windows.servicebus.action",
                OutputClaimValue = "Send",
                IssuerId = issuer.Id,
                RuleGroupId = ruleGroup.Id,
                RuleGroup = ruleGroup,
                Issuer = issuer
            };
            client.AddToRules(rule);
            client.SaveChanges(SaveChangesOptions.Batch);
        }
        public void AddServiceIdentityWithCertificate(string name, IEnumerable<X509Certificate2> certificates)
        {
            try
            {
                var client = CreateManagementServiceClient();
                var serviceIdentity = new ServiceIdentity
                {
                    Name = name
                };

                client.AddToServiceIdentities(serviceIdentity);

                foreach (var certificate in certificates)
                {
                    var serviceIdentityKey = new ServiceIdentityKey
                                                 {
                                                     DisplayName = "Credentials for " + name,
                                                     Type = IdentityKeyTypes.X509Certificate.ToString(),
                                                     Usage = IdentityKeyUsages.Signing.ToString(),
                                                     Value = certificate.GetRawCertData(),
                                                     StartDate = certificate.NotBefore,
                                                     EndDate = certificate.NotAfter
                                                 };

                    client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
                }
                client.SaveChanges(SaveChangesOptions.Batch);
            }
            catch (Exception ex)
            {
                throw TryGetExceptionDetails(ex);
            }
        }
        /// <summary>
        /// Updates an application client secret.
        /// </summary>
        /// <param name="clientId">The client id.</param>
        /// <param name="clientSecret">The client secret.</param>
        public void UpdateApplicationClientSecret(string clientId, string clientSecret)
        {
            var client = CreateManagementServiceClient();

            var serviceIdentity = client.ServiceIdentities.Where(si => si.Name == clientId).ToList().FirstOrDefault();
            if (serviceIdentity == null)
            {
                throw new InvalidOperationException(string.Format(
                    "An application with client_id '{0}' could not be found.", clientId));
            }

            var serviceIdentityKeys = client.ServiceIdentityKeys.Where(k => k.ServiceIdentityId == serviceIdentity.Id);
            var serviceIdentityKey = serviceIdentityKeys.FirstOrDefault(k => k.Type == IdentityKeyTypes.Password.ToString());
            if (serviceIdentityKey == null)
            {
                serviceIdentityKey = new ServiceIdentityKey
                {
                    DisplayName = string.Format("Credentials for {0}", clientId),
                    Value = Encoding.UTF8.GetBytes(clientSecret),
                    Type = IdentityKeyTypes.Password.ToString(),
                    Usage = IdentityKeyUsages.Password.ToString(),
                    StartDate = DateTime.UtcNow,
                    EndDate = DateTime.UtcNow.AddYears(100) // Validity 100 years. After that?
                };

                client.AddToServiceIdentities(serviceIdentity);
                client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
            }
            else
            {
                serviceIdentityKey.Value = Encoding.UTF8.GetBytes(clientSecret);
                serviceIdentityKey.EndDate = DateTime.UtcNow.AddYears(100); // Validity 100 years. After that?
            }

            // Process modifications to the namespace
            client.SaveChanges(SaveChangesOptions.Batch);
        }
        public void AddServiceIdentity(string name, string secret)
        {
            try
            {
                var client = this.CreateManagementServiceClient();
                var defaultStartDate = DateTime.UtcNow;
                var defaultEndDate = defaultStartDate.AddYears(1);

                var serviceIdentity = new ServiceIdentity
                                          {
                                              Name = name
                                          };

                client.AddToServiceIdentities(serviceIdentity);

                var serviceIdentityKey = new ServiceIdentityKey
                                             {
                                                 DisplayName = "Credentials for " + name,
                                                 Value = Encoding.UTF8.GetBytes(secret),
                                                 Type = IdentityKeyTypes.Password.ToString(),
                                                 Usage = IdentityKeyUsages.Password.ToString(),
                                                 StartDate = defaultStartDate,
                                                 EndDate = defaultEndDate
                                             };

                client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
                client.SaveChanges(SaveChangesOptions.Batch);
            }
            catch (Exception ex)
            {
                throw TryGetExceptionDetails(ex);
            }
        }