public async Task <string> UpdateDeviceTwin(string deviceId, Twin twin, AccessPolicyModel accessPolicyModel, string access_token)
{
//IoTHubDevice ioTHubDevice = new IoTHubDevice(accessPolicyModel);
//return ioTHubDevice.UpdateDeviceTwin(deviceId, twin);
RequestDeviceModel requestDeviceModel = new RequestDeviceModel()
{
hostName = accessPolicyModel.HostName,
authorizationPolicyKey = accessPolicyModel.SharedAccessKey,
authorizationPolicyName = accessPolicyModel.SharedAccessKeyName,
apiVersion = "2018-08-30-preview",
requestPath = string.Format("/twins/{0}", deviceId),
requestBody = JsonConvert.SerializeObject(twin),
};
string url = "https://main.iothub.ext.azure.cn/api/dataPlane/patch";
var request = new HttpRequestMessage(HttpMethod.Post, url);
var client = this._clientFactory.CreateClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_token);
string requestbody = JsonConvert.SerializeObject(requestDeviceModel);
request.Content = new StringContent(requestbody, UnicodeEncoding.UTF8, "application/json");
var response = await client.SendAsync(request);
string result = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
return(result);
}
else
{
return(response.ReasonPhrase);
}
}
public async Task UpdateAccessPolicy_AccessPolicyExists_AccessPolicyDataAccurate(int id, string expectedUpdatedName, int expectedResourceId,
int expectedPriority)
{
// Arrange
IAccessPolicyRepository accessPolicyRepository = new AccessPolicyRepository(new SQLServerGateway(), new ConnectionStringData());
AccessPolicyModel accessPolicyModel = new AccessPolicyModel();
accessPolicyModel.Id = id;
accessPolicyModel.Name = expectedUpdatedName;
accessPolicyModel.ResourceId = expectedResourceId;
accessPolicyModel.Priority = expectedPriority;
// Act
await accessPolicyRepository.UpdateAccessPolicy(accessPolicyModel);
var actual = await accessPolicyRepository.GetAccessPolicyById(id);
var actualName = actual.Name;
var actualResourceId = actual.ResourceId;
var actualPriority = actual.Priority;
// Assert
Assert.IsTrue(actualName == expectedUpdatedName &&
actualResourceId == expectedResourceId &&
actualPriority == expectedPriority);
}
public async Task <object> GetDeviceModules(string deviceId, AccessPolicyModel accessPolicyModel, string access_token)
{
RequestDeviceModel requestDeviceModel = new RequestDeviceModel
{
apiVersion = "2018-08-30-preview",
authorizationPolicyKey = accessPolicyModel.SharedAccessKey,
authorizationPolicyName = accessPolicyModel.SharedAccessKeyName,
hostName = accessPolicyModel.HostName,
requestPath = string.Format("/devices/{0}/modules", deviceId)
};
string url = "https://main.iothub.ext.azure.cn/api/dataPlane/get";
var request = new HttpRequestMessage(HttpMethod.Post, url);
var client = this._clientFactory.CreateClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_token);
string requestbody = JsonConvert.SerializeObject(requestDeviceModel);
request.Content = new StringContent(requestbody, UnicodeEncoding.UTF8, "application/json");
var response = await client.SendAsync(request);
string result = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
JObject job = (JObject)JsonConvert.DeserializeObject(result);
return(job);
}
else
{
return(response.ReasonPhrase);
}
}
public async Task Init()
{
await TestCleaner.CleanDatabase();
var numTestRows = 20;
IDataGateway dataGateway = new SQLServerGateway();
IConnectionStringData connectionString = new ConnectionStringData();
IResourceRepository resourceRepository = new ResourceRepository(dataGateway, connectionString);
IAccessPolicyRepository accessPolicyRepository = new AccessPolicyRepository(dataGateway, connectionString);
for (int i = 1; i <= numTestRows; ++i)
{
ResourceModel resourceModel = new ResourceModel();
resourceModel.Id = i;
resourceModel.Name = "TestResource" + i;
AccessPolicyModel accessPolicyModel = new AccessPolicyModel();
accessPolicyModel.Id = i;
accessPolicyModel.Name = "TestAccessPolicy" + i;
accessPolicyModel.ResourceId = i;
accessPolicyModel.Priority = i % 4;
await resourceRepository.CreateResource(resourceModel);
await accessPolicyRepository.CreateAccessPolicy(accessPolicyModel);
}
}
public IoTHubDevice(AccessPolicyModel accessPolicyDeviceModel)
{
this.connectionstring = string.Format("HostName={0};SharedAccessKeyName={1};SharedAccessKey={2}",
accessPolicyDeviceModel.HostName,
accessPolicyDeviceModel.SharedAccessKeyName,
accessPolicyDeviceModel.SharedAccessKey);
this.registryManager = RegistryManager.CreateFromConnectionString(connectionstring);
this._accessPolicyModel = accessPolicyDeviceModel;
}
public AccessPolicyModel ConfigureCustomPolicy(List <string> scopes, List <UserClaimModel> claims)
{
var accessPolicy = new AccessPolicyModel()
{
Scopes = scopes,
Claims = claims
};
return(accessPolicy);
}
public async Task Init()
{
await TestCleaner.CleanDatabase();
var numTestRows = 20;
IDataGateway dataGateway = new SQLServerGateway();
IConnectionStringData connectionString = new ConnectionStringData();
IScopeRepository scopeRepository = new ScopeRepository(dataGateway, connectionString);
IResourceRepository resourceRepository = new ResourceRepository(dataGateway, connectionString);
IClaimRepository claimRepository = new ClaimRepository(dataGateway, connectionString);
IAccessPolicyRepository accessPolicyRepository = new AccessPolicyRepository(dataGateway, connectionString);
IAccessPolicyPairingRepository accessPolicyPairingRepository = new AccessPolicyPairingRepository(dataGateway, connectionString);
for (int i = 1; i <= numTestRows; ++i)
{
ResourceModel resourceModel = new ResourceModel();
resourceModel.Id = i;
resourceModel.Name = "TestResource" + i;
ScopeModel scopeModel = new ScopeModel();
scopeModel.Id = i;
scopeModel.Type = "TestScope" + i;
scopeModel.Description = "TestDescription" + i;
ClaimModel claimModel = new ClaimModel();
claimModel.Id = i;
claimModel.Type = "TestClaim" + i;
claimModel.Value = "TestDescription" + i;
claimModel.IsDefault = true;
var resourceId = await resourceRepository.CreateResource(resourceModel);
var claimId = await claimRepository.CreateClaim(claimModel);
var scopeId = await scopeRepository.CreateScope(scopeModel);
AccessPolicyModel accessPolicyModel = new AccessPolicyModel();
accessPolicyModel.Id = i;
accessPolicyModel.Name = "TestAccessPolicy" + i;
accessPolicyModel.ResourceId = resourceId;
accessPolicyModel.Priority = i % 4;
var accessPolicyId = await accessPolicyRepository.CreateAccessPolicy(accessPolicyModel);
AccessPolicyPairingModel accessPolicyPairingModel = new AccessPolicyPairingModel();
accessPolicyPairingModel.Id = i;
accessPolicyPairingModel.ScopeId = scopeId;
accessPolicyPairingModel.ClaimId = claimId;
accessPolicyPairingModel.AccessPolicyId = accessPolicyId;
await accessPolicyPairingRepository.CreateAccessPolicyPairing(accessPolicyPairingModel);
}
}
public async Task <int> UpdateAccessPolicy(AccessPolicyModel model)
{
var storedProcedure = "dbo.AccessPolicy_Update";
return(await _dataGateway.Execute(storedProcedure,
new
{
Id = model.Id,
name = model.Name,
resourceId = model.ResourceId,
priority = model.Priority
},
_connectionString.SqlConnectionString));
}
public async Task <object> GetDeviceModules(string email, string subid, string resourceGroupName, string resourceName, string deviceId)
{
string access_token = _tokenDto.GetTokenString(email, _tokenResource.Value.manage);
IoTHubKeys ioTHubKeys = await this._ioTHubResourceDto.GetIoTHubKeys(subid, resourceGroupName, resourceName, access_token);
IoTHubInfoModel ioTHubInfoModel = await this._ioTHubResourceDto.GetIoTHubInfo(subid, resourceGroupName, resourceName, access_token);
AccessPolicyModel accessPolicyModel = new AccessPolicyModel()
{
HostName = ioTHubInfoModel.properties.hostName,
SharedAccessKeyName = ioTHubKeys.value[0].keyName,
SharedAccessKey = ioTHubKeys.value[0].primaryKey
};
return(await this._ioTHubResourceDto.GetDeviceModules(deviceId, accessPolicyModel, access_token));
}
public async Task <int> CreateAccessPolicy(AccessPolicyModel model)
{
var storedProcedure = "dbo.AccessPolicy_Create";
DynamicParameters p = new DynamicParameters();
p.Add("name", model.Name);
p.Add("resourceId", model.ResourceId);
p.Add("priority", model.Priority);
p.Add("Id", DbType.Int32, direction: ParameterDirection.Output);
await _dataGateway.Execute(storedProcedure, p, _connectionString.SqlConnectionString);
return(p.Get <int>("Id"));
}
public bool Authorize(string token, AccessPolicyModel accessPolicy)
{
var claims = _tokenService.ExtractClaims(token);
var scopes = claims.Where(a => a.Type == "scopes").FirstOrDefault().Value.Split(',').ToList();
var userScopes = new List <UserScopeModel>();
foreach (var scope in scopes)
{
userScopes.Add(new UserScopeModel()
{
Type = scope,
UserAccountId = -1
});
}
var claimsPrincipal = new ClaimsPrincipal()
{
Claims = claims,
Scopes = userScopes
};
return(_authorizationService.ValidateAccessPolicy(claimsPrincipal, accessPolicy));
}
public async Task <object> GetIotDevices(AccessPolicyModel accessPolicyModel, string access_token)
{
RequestDeviceModel requestDeviceModel = new RequestDeviceModel()
{
hostName = accessPolicyModel.HostName,
authorizationPolicyKey = accessPolicyModel.SharedAccessKey,
authorizationPolicyName = accessPolicyModel.SharedAccessKeyName,
apiVersion = "2018-08-30-preview",
requestPath = "/devices/query",
requestBody = "{\"query\":\"SELECT deviceId as deviceId, status as status, " +
"lastActivityTime as lastActivityTime, statusUpdatedTime as statusUpdateTime, " +
"authenticationType as authenticationType, cloudToDeviceMessageCount as cloudToDeviceMessageCount, " +
"deviceScope as deviceScope FROM devices WHERE (NOT IS_DEFINED(capabilities.iotEdge) " +
"OR capabilities.iotEdge=false)\"}",
};
string url = "https://main.iothub.ext.azure.cn/api/dataPlane/post";
var request = new HttpRequestMessage(HttpMethod.Post, url);
var client = this._clientFactory.CreateClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_token);
string requestbody = JsonConvert.SerializeObject(requestDeviceModel);
request.Content = new StringContent(requestbody, UnicodeEncoding.UTF8, "application/json");
var response = await client.SendAsync(request);
string result = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
return(result);
}
else
{
return(response.ReasonPhrase);
}
}
public IQuery ListDevices(int maxCount, AccessPolicyModel accessPolicyModel)
{
IoTHubDevice ioTHubDevice = new IoTHubDevice(accessPolicyModel);
return(ioTHubDevice.ListDevices(maxCount));
}
public async Task <DeviceInfoModel> UpdateDeviceInfo(UpdateDeviceViewModel updateDeviceViewModel, AccessPolicyModel accessPolicyModel, string deviceId, string access_token)
{
DeviceInfoModel deviceInfoModel = await GetDeviceInfo(accessPolicyModel, deviceId, access_token);
deviceInfoModel.status = updateDeviceViewModel.status;
deviceInfoModel.authentication.symmetricKey.primaryKey = updateDeviceViewModel.primaryKey;
deviceInfoModel.authentication.symmetricKey.secondaryKey = updateDeviceViewModel.secondaryKey;
RequestDeviceModel requestDeviceModel = new RequestDeviceModel
{
apiVersion = "2018-08-30-preview",
authorizationPolicyKey = accessPolicyModel.SharedAccessKey,
etag = deviceInfoModel.etag,
authorizationPolicyName = accessPolicyModel.SharedAccessKeyName,
hostName = accessPolicyModel.HostName,
requestBody = JsonConvert.SerializeObject(deviceInfoModel),
requestPath = string.Format("/devices/{0}", deviceId)
};
string url = "https://main.iothub.ext.azure.cn/api/dataPlane/put";
var request = new HttpRequestMessage(HttpMethod.Post, url);
var client = this._clientFactory.CreateClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_token);
string requestbody = JsonConvert.SerializeObject(requestDeviceModel);
request.Content = new StringContent(requestbody, UnicodeEncoding.UTF8, "application/json");
var response = await client.SendAsync(request);
string result = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
TModel <DeviceInfoModel> job = JsonConvert.DeserializeObject <TModel <DeviceInfoModel> >(result);
return(job.body);
}
else
{
return(null);
}
}
public async Task <string> CreateDevice(AccessPolicyModel accessPolicyModel, string deviceId, bool isIotEdge)
{
IoTHubDevice ioTHubDevice = new IoTHubDevice(accessPolicyModel);
return(await ioTHubDevice.CreateDevice(deviceId, isIotEdge));
}
public async Task <ConcurrentBag <Device> > GetDevicesAsync(AccessPolicyModel accessPolicyModel)
{
return(await this._ioTHubResourceDto.GetDevicesAsync(accessPolicyModel));
}
public string GetDeviceKey(string deviceId, AccessPolicyModel accessPolicyModel)
{
IoTHubDevice ioTHubDevice = new IoTHubDevice(accessPolicyModel);
return(ioTHubDevice.GetDeviceKey(deviceId));
}
public async Task <object> GetIotDevices(AccessPolicyModel accessPolicyModel, string email)
{
string access_token = _tokenDto.GetTokenString(email, _tokenResource.Value.manage);
return(await this._ioTHubResourceDto.GetIotDevices(accessPolicyModel, access_token));
}
public async Task <string> DeleteDevice(string deviceId, [FromBody] AccessPolicyModel accessPolicyModel)
{
return(await this._ioTHubResourceBus.DeleteDevice(deviceId, accessPolicyModel));
}
public bool ValidateAccessPolicy(ClaimsPrincipal claimsPrincipal, AccessPolicyModel accessPolicy)
{
var claims = claimsPrincipal.Claims;
var scopes = claimsPrincipal.Scopes;
foreach (var scope in accessPolicy.Scopes)
{
string [] tempSubScope = scope.Split(':');
string policyOperation = tempSubScope[1];
string[] tempSubScopes = tempSubScope[0].Split('.');
List <string> policySubScopes = tempSubScopes.ToList();
var userScopes = scopes.Where(a => a.Type.Contains(policySubScopes[0]));
if (userScopes.Count() == 0)
{
return(false);
}
var validScope = false;
foreach (var userScope in userScopes)
{
string[] tempUserSubScope = userScope.Type.Split(':');
string userOperation = tempUserSubScope[1];
string[] tempUserSubScopes = tempUserSubScope[0].Split('.');
List <string> userSubScopes = tempSubScopes.ToList();
if (policyOperation.ToUpper() == "READ")
{
if (userOperation.ToUpper() != "READ" && userOperation != "WRITE")
{
Console.WriteLine("User Operation: " + userOperation);
continue;
}
}
else if (policyOperation.ToUpper() == "WRITE")
{
if (userOperation.ToUpper() != "WRITE")
{
continue;
}
}
else if (policyOperation.ToUpper() == "DELETE")
{
if (userOperation.ToUpper() != "DELETE")
{
continue;
}
}
Console.WriteLine(userSubScopes.Count);
Console.WriteLine(policySubScopes.Count);
if (userSubScopes.Count > policySubScopes.Count)
{
continue;
}
if (userSubScopes.Count <= policySubScopes.Count)
{
var success = true;
foreach (var userSubScope in userSubScopes)
{
if (!policySubScopes.Contains(userSubScope))
{
success = false;
break;
}
}
if (!success)
{
continue;
}
else
{
validScope = true;
break;
}
}
}
if (!validScope)
{
return(false);
}
return(true);
}
foreach (var claim in accessPolicy.Claims)
{
var key = claims.Where(a => a.Type.ToUpper() == claim.Type.ToUpper()).FirstOrDefault();
if (key == null)
{
return(false);
}
if (key.Value.ToUpper().Contains(claim.Value.ToUpper()))
{
Console.WriteLine("comparing" + key.Value + " with " + claim.Value + " on the type of " + key.Type);
return(false);
}
}
return(true);
}
public Task <Twin> GetDeivceTwin(string email, string deviceId, AccessPolicyModel accessPolicyModel)
{
string access_token = _tokenDto.GetTokenString(email, _tokenResource.Value.manage);
return(this._ioTHubResourceDto.GetDeviceTwin(deviceId, accessPolicyModel, access_token));
}
public string GetDeviceKey(string deviceId, AccessPolicyModel accessPolicyModel)
{
return(this._ioTHubResourceDto.GetDeviceKey(deviceId, accessPolicyModel));
}
public async Task <ConcurrentBag <Device> > GetDevicesAsync(AccessPolicyModel accessPolicyModel)
{
IoTHubDevice ioTHubDevice = new IoTHubDevice(accessPolicyModel);
return(await ioTHubDevice.GetDevices());
}
public async Task <string> CreateDevice(AccessPolicyModel accessPolicyModel, string deviceId, bool isIotEdge)
{
return(await this._ioTHubResourceDto.CreateDevice(accessPolicyModel, deviceId, isIotEdge));
}
public async Task <string> DeleteDevice(string deviceId, AccessPolicyModel accessPolicyModel)
{
IoTHubDevice iothubdevice = new IoTHubDevice(accessPolicyModel);
return(await iothubdevice.DeleteDevice(deviceId));
}
public async Task <object> GetIotEdgeDevices(string email, [FromBody] AccessPolicyModel accessPolicyModel)
{
return(await this._ioTHubResourceBus.GetIotEdgeDevices(accessPolicyModel, email));
}
public Task <Twin> GetDeviceTwin(string email, string deviceId, [FromBody] AccessPolicyModel accessPolicyModel)
{
return(this._ioTHubResourceBus.GetDeivceTwin(email, deviceId, accessPolicyModel));
}
public IQuery ListDevices(int maxCount, AccessPolicyModel accessPolicyModel)
{
return(this._ioTHubResourceDto.ListDevices(maxCount, accessPolicyModel));
}
public string GetDeviceKey(string deviceId, [FromBody] AccessPolicyModel accessPolicyModel)
{
return(this._ioTHubResourceBus.GetDeviceKey(deviceId, accessPolicyModel));
}
public async Task <string> CreateIotEdgeDevice([FromBody] AccessPolicyModel accessPolicyModel, string deviceId)
{
return(await this._ioTHubResourceBus.CreateDevice(accessPolicyModel, deviceId, true));
}
