public virtual async Task <int> AddApiSecretAsync(int apiResourceId, ApiResourceSecret apiSecret)
{
apiSecret.ApiResource = await DbContext.ApiResources.Where(x => x.Id == apiResourceId).SingleOrDefaultAsync();
await DbContext.ApiSecrets.AddAsync(apiSecret);
return(await AutoSaveChangesAsync());
}
public virtual async Task <int> DeleteApiSecretAsync(ApiResourceSecret apiSecret)
{
var apiSecretToDelete = await DbContext.ApiSecrets.Where(x => x.Id == apiSecret.Id).SingleOrDefaultAsync();
DbContext.ApiSecrets.Remove(apiSecretToDelete);
return(await AutoSaveChangesAsync());
}
public async Task <IActionResult> OnGetAsync(int apiResourceId, int id)
{
TenantId = _sessionTenantAccessor.TenantId;
ApiResourceId = apiResourceId;
SecretId = id;
Secret = await _adminServices.GetApiResourceSecretByIdAsync(TenantId, ApiResourceId, SecretId);
if (Secret == null)
{
return(RedirectToPage("./Index", new { id = ApiResourceId }));
}
return(Page());
}
public static SecretModel FromEntity(ApiResourceSecret secret)
{
return(new SecretModel
{
Id = secret.Id,
Description = secret.Description,
Value = secret.Value,
Expiration = secret.Expiration,
Type = secret.Type,
Created = secret.Created,
ApiResourceId = secret.ApiResource.Id,
ApiResourceName = secret.ApiResource.Name,
});
}
public async Task <IActionResult> UpdateApiResource(MApiResourceDto dto)
{
var resourceInDB = await ApiResourcesService.GetApiResourceAsync(dto.Id);
var secrets = resourceInDB.Secrets.ToDictionary(sec => sec.Id, sec => sec);
var newSecrets = new List <ApiResourceSecret>();
foreach (var dtoSecret in dto.Secrets)
{
ApiResourceSecret sec = null;
if (dtoSecret.Id != Guid.Empty)
{
sec = secrets[dtoSecret.Id];
if (sec.Description != dtoSecret.Description)
{
sec.Description = dtoSecret.Description;
}
if (sec.Expiration != dtoSecret.Expiration)
{
sec.Expiration = dtoSecret.Expiration;
}
}
else
{
dtoSecret.Value = dtoSecret.Value.ToSha512();
sec = _mapper.Map <ApiResourceSecret>(dtoSecret);
}
if (sec != null)
{
newSecrets.Add(sec);
}
}
var updated = _mapper.Map(dto, resourceInDB);
updated.Secrets = newSecrets;
await ApiResourcesService.UpdateApiResourceAsync(updated);
return(Ok());
}
public IActionResult Secrets(SecretsModel model)
{
var api = _configurationDbContext.ApiResources
.Include(x => x.Secrets)
.FirstOrDefault(x => x.Id == model.ApiResourceId);
var secret = new ApiResourceSecret
{
Created = DateTime.UtcNow,
};
model.HashSecret();
model.UpdateEntity(secret);
api.Secrets.Add(secret);
_configurationDbContext.SaveChanges();
return(RedirectToAction(nameof(Secrets), new { id = api.Id }));
}
public async Task <IActionResult> OnPostAsync()
{
try
{
DateTime expiration = DateTime.UtcNow;
switch (Input.SecretExpiration)
{
case SecretModel.ExpirationTypes.Never:
expiration = expiration.AddYears(100);
break;
case SecretModel.ExpirationTypes.ExpireIt:
expiration = expiration.AddYears(-100);
break;
case SecretModel.ExpirationTypes.OneYear:
expiration = expiration.AddYears(1);
break;
}
var secret = new ApiResourceSecret()
{
Type = IdentityServerConstants.SecretTypes.SharedSecret,
Expiration = expiration,
Description = Input.Value.Mask(4, '*'),
Value = Input.Value.Sha256()
};
await _adminServices.UpsertApiResourceSecretAsync(TenantId, ApiResourceId, secret);
}
catch (Exception ex)
{
ModelState.AddModelError(string.Empty, ex.Message);
return(Page());
}
return(RedirectToPage("./Index", new { id = ApiResourceId }));
}
public override async Task <ActionResult <InsertApiResourceSecretResponse> > HandleAsync(
InsertApiResourceSecretRequest request,
CancellationToken cancellationToken = default)
{
var toaster = new ToasterEvent(nameof(ApiResourceSecret), ToasterType.Success, ToasterVerbs.Created);
var validation =
await _validator
.ValidateAsync <InsertApiResourceSecretRequest, InsertApiResourceSecretResponse,
InsertApiResourceSecretRequestValidator>
(request, toaster, cancellationToken);
if (validation.Failed)
{
return(validation.Response);
}
if (_repository.Query().Any(e => e.Value == request.Value && e.Type != AppConstants.SecretTypes.VisibleOneTime))
{
return(AspExtensions.GetBadRequestWithError <InsertApiResourceSecretResponse>("This secret already exists."));
}
var entity = new ApiResourceSecret
{
Created = DateTime.UtcNow,
Description = request.Description,
Type = request.Type,
Expiration = request.Expiration,
Value = request.Value.Stamp(),
ApiResourceId = request.OwnerId
};
await _repository.InsertAsync(entity);
await _repository.SaveAsync(toaster);
return(validation.Response);
}
public static ApiResourceSecretModel ToModel(this ApiResourceSecret secret)
{
return(Mapper.Map <ApiResourceSecretModel>(secret));
}
public static ApiSecretsDto ToModel(this ApiResourceSecret resource)
{
return(resource == null ? null : Mapper.Map <ApiSecretsDto>(resource));
}
public async Task <bool> DeleteApiResourceSecret(ApiResourceSecret apiResourceSecret)
{
return(await _repository.DeleteAsync(apiResourceSecret));
}
public async Task <int> InsertApiResourceSecret(ApiResourceSecret apiResourceSecret)
{
return(await _repository.InsertAsync(apiResourceSecret));
}
