/// <summary>
/// If available, retrieve a single validated domain for this tenant
/// </summary>
/// <param name="domain"></param>
/// <returns></returns>
public async Task <AdalResponse <Domain> > GetDomain(string domain)
{
var url = string.Format("https://graph.microsoft.com/v1.0/domains/{0}", domain);
var res = await AdalLib.GetResourceAsync(url, _accessToken, HttpMethod.Get);
return(new AdalResponse <Domain>(res));
}
public async Task <MicrosoftTeamcodes> GetCodes(string oid)
{
var url = string.Format("https://graph.microsoft.com/v1.0/users/{0}?$select=displayName,id,description,microsoft_teamcodes", oid);
var res = await AdalLib.GetResourceAsync(url, _accessToken, HttpMethod.Get);
return(JsonConvert.DeserializeObject <AttributeUpdate>(res.ResponseContent).microsoft_teamcodes);
}
/// <summary>
/// Get the list of custom domains validated for this tenant
/// </summary>
/// <returns></returns>
public async Task <AdalResponse <IEnumerable <Domain> > > GetDomains()
{
var url = "https://graph.microsoft.com/v1.0/domains";
var res = await AdalLib.GetResourceAsync(url, _tenantId, _hctx, HttpMethod.Get);
return(new AdalResponse <IEnumerable <Domain> >(res));
}
public async Task <AdalResponse> DeleteObject(string id)
{
var url = string.Format("https://graph.microsoft.com/v1.0/directoryObjects/{0}", id);
var res = await AdalLib.GetResourceAsync(url, _accessToken, HttpMethod.Delete);
return(res);
}
public async Task <AdalResponse <Domain> > CheckDomainValidation()
{
var labCode = User.Identity.GetClaim(CustomClaimTypes.LabCode);
var teamCode = User.Identity.GetClaim(CustomClaimTypes.TeamCode);
var team = await LabRepo.GetDomAssignment(labCode, teamCode);
var tenantId = AdalLib.GetUserTenantId(User.Identity);
var hctx = new HttpContextWrapper(HttpContext.Current);
var control = await AADLinkControl.CreateAsync(tenantId, hctx);
return(await control.GetDomain(team.TeamAssignment.DomainName));
}
/// <summary>
/// Add Team code and Lab code as custom attributes of the logged-in user
/// </summary>
/// <returns></returns>
public async Task <AdalResponse> LinkUserToTeam(string oid, string teamCode, string labCode)
{
var url = string.Format("https://graph.microsoft.com/v1.0/users/{0}", oid);
var data = new AttributeUpdate
{
microsoft_teamcodes = new MicrosoftTeamcodes
{
labCode = labCode,
teamCode = teamCode
}
};
string body = JsonConvert.SerializeObject(data);
return(await AdalLib.GetResourceAsync(url, _accessToken, new HttpMethod("PATCH"), body));
}
internal static async Task AuthInit(HttpContextWrapper hctx, ClaimsIdentity identity)
{
var aud = identity.GetClaim("aud");
if (aud == Settings.LabUserClientId)
{
identity.AddClaim(new Claim(CustomClaimTypes.AuthType, CustomAuthType.LabUser));
identity.AddClaim(new Claim(ClaimTypes.Role, CustomRoles.LabUser));
//call Graph to get additional custom claims
var tenantId = AdalLib.GetUserTenantId(identity);
var tenantName = AdalLib.GetUserUPNSuffix(identity);
var oid = identity.GetClaim(TokenCacheClaimTypes.ObjectId);
var team = (await DocDBRepo.DB <DomAssignment> .GetItemsAsync(d => d.AssignedTenantName == tenantName)).FirstOrDefault();
//var control = await AADLinkControl.CreateAsync(tenantId, hctx);
//var codes = await control.GetCodes(oid);
if (team != null)
{
identity.AddClaim(new Claim(CustomClaimTypes.LabCode, team.LabCode));
identity.AddClaim(new Claim(CustomClaimTypes.TeamCode, team.TeamAuth));
identity.AddClaim(new Claim(CustomClaimTypes.TenantName, tenantName));
if (team.TeamAuth != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, CustomRoles.LabUserAssigned));
}
//add these to session too
//SiteUtils.UpsertCookie(hctx, "labCode", codes.labCode);
//SiteUtils.UpsertCookie(hctx, "teamCode", codes.teamCode);
//SiteUtils.UpsertCookie(hctx, "tenantName", tenantName);
hctx.Session["labCode"] = team.LabCode;
hctx.Session["teamCode"] = team.TeamAuth;
hctx.Session["tenantName"] = tenantName;
}
}
else if (aud == Settings.LabAdminClientId)
{
identity.AddClaim(new Claim(CustomClaimTypes.AuthType, CustomAuthType.LabAdmin));
identity.AddClaim(new Claim(ClaimTypes.Role, CustomRoles.LabAdmin));
}
}
/// <summary>
/// Remove a validated domain from this tenant
/// </summary>
/// <param name="domain"></param>
/// <returns></returns>
public async Task <AdalResponse> DeleteDomain(string domain)
{
var url = string.Format("https://graph.microsoft.com/v1.0/domains/{0}", domain);
var res = await AdalLib.GetResourceAsync(url, _accessToken, HttpMethod.Delete);
if (!res.Successful)
{
var err = new AdalResponse <DomainError>(res);
//test to see if the error is around dependency objects
if (err.Object.Error.Details.Count() > 0)
{
if (err.Object.Error.Details.Any(d => d.Code == "ObjectInUse"))
{
res.Message = "ObjectInUse";
}
}
}
return(res);
}
public async Task <ActionResult> Index(TeamAuthentication auth)
{
var data = await LabRepo.GetDomAssignment(auth.LabCode, auth.TeamAuth);
var test = ContinueEditingAssignment(data);
if (test != null)
{
ViewBag.ErrorHeader = test.ErrorHeader;
ViewBag.Error = test.Error;
ViewBag.IsLive = true;
return(View("Index"));
}
var tenantId = AdalLib.GetUserTenantId(User.Identity);
var tenantName = AdalLib.GetUserUPNSuffix(User.Identity);
var tenantAdmin = User.Identity.GetClaim(ClaimTypes.Upn);
var oid = User.Identity.GetClaim(TokenCacheClaimTypes.ObjectId);
await LabRepo.UpdateTenantId(new TeamDTO { Lab = data.Lab, TeamAssignment = data.TeamAssignment }, tenantId, tenantName, tenantAdmin);
return(RedirectToAction("refresh", "account"));
}
private async Task <AADLinkControl> InitializeAsync()
{
_accessToken = await AdalLib.GetAccessToken(_hctx, _tenantId);
return(this);
}
