public static async Task <IHttpResponse> GetAsync(
[QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef,
EastFive.Api.SessionTokenMaybe security,
IAuthApplication application,
ContentTypeResponse <Session> onFound,
NotFoundResponse onNotFound,
UnauthorizedResponse onUnauthorized,
ConfigurationFailureResponse onConfigurationFailure)
{
if (!IsAnonSessionAllowed())
{
if (security.sessionId != sessionRef.id)
{
return(onUnauthorized());
}
}
return(await await sessionRef.StorageGetAsync(
(session) =>
{
return Web.Configuration.Settings.GetUri(
EastFive.Security.AppSettings.TokenScope,
scope =>
{
return Web.Configuration.Settings.GetDouble(Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes,
(tokenExpirationInMinutes) =>
{
return GetClaimsAsync(application, session.authorization,
(claims, accountIdMaybe, authorized) =>
{
session.account = accountIdMaybe;
session.authorized = authorized;
return Api.Auth.JwtTools.CreateToken(session.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
(tokenNew) =>
{
session.token = tokenNew;
return onFound(session);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig),
(configName, issue) => onConfigurationFailure(configName, issue));
},
(why) => onNotFound());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
() => onNotFound().AsTask()));
bool IsAnonSessionAllowed()
{
var appType = application.GetType();
if (!appType.TryGetAttributeInterface <IConfigureAuthorization>(out IConfigureAuthorization authConfig))
{
return(false);
}
return(authConfig.IsAnonymousSessionAllowed);
}
}
public static IHttpResponse Get(
TextResponse onResponse,
ConfigurationFailureResponse onConfigurationFailure)
{
return(EastFive.Azure.AppSettings.Apple.DeveloperSiteAssociation.ConfigurationString(
(content) =>
{
return onResponse(content);
},
(why) => onConfigurationFailure(why, why)));
}
public override Task <IHttpResponse> InstigateInternal(IApplication httpApp,
IHttpRequest request, ParameterInfo parameterInfo,
Func <object, Task <IHttpResponse> > onSuccess)
{
ConfigurationFailureResponse responseDelegate =
(configurationValue, message) =>
{
var response = request
.CreateResponse(System.Net.HttpStatusCode.ServiceUnavailable)
.AddReason($"`{configurationValue}` not specified in config:{message}");
return(UpdateResponse(parameterInfo, httpApp, request, response));
};
return(onSuccess(responseDelegate));
}
public static async Task <HttpResponseMessage> GetAsync(
[QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef,
EastFive.Api.SessionToken security,
Api.Azure.AzureApplication application, UrlHelper urlHelper,
ContentTypeResponse <Session> onFound,
NotFoundResponse onNotFound,
UnauthorizedResponse onUnauthorized,
ConfigurationFailureResponse onConfigurationFailure)
{
if (security.sessionId != sessionRef.id)
{
return(onUnauthorized());
}
return(await await sessionRef.StorageGetAsync(
(session) =>
{
return Web.Configuration.Settings.GetUri(
EastFive.Security.AppSettings.TokenScope,
scope =>
{
return Web.Configuration.Settings.GetDouble(Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes,
(tokenExpirationInMinutes) =>
{
return GetClaimsAsync(application, session.authorization,
(claims, accountIdMaybe, authorized) =>
{
session.account = accountIdMaybe;
session.authorized = authorized;
return BlackBarLabs.Security.Tokens.JwtTools.CreateToken(session.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
(tokenNew) =>
{
session.token = tokenNew;
return onFound(session);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig),
(configName, issue) => onConfigurationFailure(configName, issue));
},
(why) => onNotFound());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
() => onNotFound().AsTask()));
}
[HttpPost] //(MatchAllBodyParameters = false)]
public async static Task <HttpResponseMessage> CreateAsync(
[Property(Name = SessionIdPropertyName)] IRef <Session> sessionId,
[PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe,
[Resource] Session session,
Api.Azure.AzureApplication application,
CreatedBodyResponse <Session> onCreated,
AlreadyExistsResponse onAlreadyExists,
ForbiddenResponse forbidden,
ConfigurationFailureResponse onConfigurationFailure,
GeneralConflictResponse onFailure)
{
session.refreshToken = Security.SecureGuid.Generate().ToString("N");
return(await Security.AppSettings.TokenScope.ConfigurationUri(
scope =>
{
return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble(
async(tokenExpirationInMinutes) =>
{
return await await GetClaimsAsync(application, authorizationRefMaybe,
(claims, accountIdMaybe, authorized) =>
{
session.account = accountIdMaybe;
session.authorized = authorized;
return session.StorageCreateAsync(
(sessionIdCreated) =>
{
return BlackBarLabs.Security.Tokens.JwtTools.CreateToken(sessionId.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
(tokenNew) =>
{
session.token = tokenNew;
return onCreated(session);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig),
(configName, issue) => onConfigurationFailure(configName, issue));
},
() => onAlreadyExists());
},
(why) => onFailure(why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask()));
}
public static Task <HttpResponseMessage> UpdateBodyAsync(
[UpdateId(Name = SessionIdPropertyName)] IRef <Session> sessionRef,
[PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe,
Api.Azure.AzureApplication application,
ContentTypeResponse <Session> onUpdated,
NotFoundResponse onNotFound,
ForbiddenResponse forbidden,
ConfigurationFailureResponse onConfigurationFailure,
GeneralConflictResponse onFailure)
{
return(sessionRef.StorageUpdateAsync(
(sessionStorage, saveSessionAsync) =>
{
return Security.AppSettings.TokenScope.ConfigurationUri(
scope =>
{
return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble(
async(tokenExpirationInMinutes) =>
{
return await await GetClaimsAsync(application, authorizationRefMaybe,
async(claims, accountIdMaybe, authorized) =>
{
sessionStorage.authorization = authorizationRefMaybe;
sessionStorage.authorized = authorized;
sessionStorage.account = accountIdMaybe;
return await BlackBarLabs.Security.Tokens.JwtTools.CreateToken(sessionRef.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
async(tokenNew) =>
{
sessionStorage.token = tokenNew;
await saveSessionAsync(sessionStorage);
return onUpdated(sessionStorage);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig).AsTask(),
(configName, issue) => onConfigurationFailure(configName, issue).AsTask());
},
why => onFailure(why).AsTask());
},
why => onConfigurationFailure("Missing", why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
onNotFound: () => onNotFound()));
}
public static Task <HttpResponseMessage> GetByRequestIdAsync(
[QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef,
[QueryParameter(Name = "request_id")] IRef <Authorization> authorization,
EastFive.Api.SessionToken security,
Api.Azure.AzureApplication application, UrlHelper urlHelper,
ContentTypeResponse <Session> onUpdated,
NotFoundResponse onNotFound,
ForbiddenResponse forbidden,
ConfigurationFailureResponse onConfigurationFailure,
GeneralConflictResponse onFailure)
{
return(UpdateBodyAsync(sessionRef, authorization.Optional(),
application,
onUpdated,
onNotFound,
forbidden,
onConfigurationFailure,
onFailure));
}
public static IHttpResponse QueryByResourceIdAndTypeAsync(
[QueryParameter(Name = ResourceTypePropertyName)] Type resourceType,
[QueryParameter(Name = ResourcePropertyName)] Guid resourceId,
IApiApplication application,
RedirectResponse onRedirect,
UnauthorizedResponse onUnauthorized,
NotFoundResponse onRedirectNotFound,
ConfigurationFailureResponse onConfigurationFailure)
{
return(AppSettings.SPA.SiteLocation.ConfigurationUri(
siteUrl =>
{
var resourceName = application.GetResourceMime(resourceType);
var redirectUrl = siteUrl
.AppendToPath("redirect")
.AddQueryParameter("type", resourceName)
.AddQueryParameter("id", resourceId.ToString());
return onRedirect(redirectUrl);
},
(why) => onConfigurationFailure(why, "")));
}
public async static Task <HttpResponseMessage> GetAllSecureAsync(
[QueryParameter(Name = "ApiKeySecurity")] string apiSecurityKey,
[QueryParameter(Name = "method")] IRef <Method> methodRef,
[OptionalQueryParameter(Name = "successOnly")] bool successOnly,
ApiSecurity apiSecurity,
AzureApplication application,
HttpRequestMessage request,
ContentTypeResponse <RedirectionManager[]> onContent,
UnauthorizedResponse onUnauthorized,
ConfigurationFailureResponse onConfigFailure)
{
Expression <Func <Authorization, bool> > allQuery =
(authorization) => true;
var redirections = await allQuery
.StorageQuery()
.Where(authorization => !authorization.Method.IsDefaultOrNull())
.Where(authorization => authorization.Method.id == methodRef.id)
.Select <Authorization, Task <RedirectionManager?> >(
async authorization =>
{
RedirectionManager?Failure(string why)
{
if (successOnly)
{
return(default(RedirectionManager?));
}
return(new RedirectionManager
{
authorization = authorization.authorizationRef.Optional(),
message = why,
when = authorization.lastModified
});
}
return(await await Method.ById <Task <RedirectionManager?> >(authorization.Method, application,
async method =>
{
return await method.ParseTokenAsync(authorization.parameters, application,
(externalId, loginProvider) =>
{
return new RedirectionManager
{
when = authorization.lastModified,
message = $"Ready:{externalId}",
authorization = authorization.authorizationRef.Optional(),
redirection = new Uri(
request.RequestUri,
$"/api/RedirectionManager?ApiKeySecurity={apiSecurityKey}&authorization={authorization.id}"),
};
},
(why) => Failure(why));
},
() => Failure("Method no longer supported").AsTask()));
})
//Parallel()
.Throttle()
.SelectWhereHasValue()
.OrderByDescendingAsync(item => item.when);
return(onContent(redirections.ToArray()));
}
public static Task <HttpResponseMessage> GetRedirection(
[QueryParameter(Name = "ApiKeySecurity")] string apiSecurityKey,
[QueryParameter(Name = "authorization")] IRef <Authorization> authRef,
ApiSecurity apiSecurity,
AzureApplication application,
HttpRequestMessage request,
RedirectResponse onRedirection,
GeneralFailureResponse onFailure,
UnauthorizedResponse onUnauthorized,
ConfigurationFailureResponse onConfigFailure)
{
return(authRef.StorageUpdateAsync(
async(authorization, saveAsync) =>
{
var url = await await Method.ById(authorization.Method, application,
async method =>
{
return await await method.ParseTokenAsync(authorization.parameters, application,
async(externalId, loginProvider) =>
{
var tag = "OpioidTool";
return await EastFive.Web.Configuration.Settings.GetString($"AffirmHealth.PDMS.PingRedirect.{tag}.PingAuthName",
async pingAuthName =>
{
return await EastFive.Web.Configuration.Settings.GetGuid($"AffirmHealth.PDMS.PingRedirect.{tag}.PingReportSetId",
reportSetId =>
{
var requestParams = authorization.parameters
.AppendIf("PingAuthName".PairWithValue(pingAuthName), !authorization.parameters.ContainsKey("PingAuthName"))
.AppendIf("ReportSetId".PairWithValue(reportSetId.ToString()), !authorization.parameters.ContainsKey("ReportSetId"))
.ToDictionary();
return Auth.Redirection.ProcessAsync(authorization,
updatedAuth => 1.AsTask(),
method, externalId, requestParams,
Guid.NewGuid(), request.RequestUri, application, loginProvider,
(uri) =>
{
return uri;
},
(why) => default(Uri),
application.Telemetry);
},
why =>
{
return default(Uri).AsTask();
});
},
why =>
{
return default(Uri).AsTask();
});
},
(why) => default(Uri).AsTask());
},
() => default(Uri).AsTask());
if (url.IsDefaultOrNull())
{
return onFailure("Failed to determine correct redirect URL");
}
authorization.expired = false;
await saveAsync(authorization);
return onRedirection(url);
}));
}
public async static Task <IHttpResponse> GetAllSecureAsync(
[Api.Meta.Flows.WorkflowParameter(Value = "{{AuthenticationMethod}}")]
[QueryParameter(Name = "method")]
IRef <Method> methodRef,
[OptionalQueryParameter(Name = "successOnly")] bool successOnly,
[Api.Meta.Flows.WorkflowParameter(Description = "ACP,Dash,TCM,HUDDLE", Value = "")]
[OptionalQueryParameter(Name = "search")]
string search,
[OptionalQueryParameter(Name = "months")] int?monthsMaybe,
AzureApplication application,
EastFive.Api.Security security,
IHttpRequest request,
[Api.Meta.Flows.WorkflowVariable(AuthorizationPropertyName, "authorization{0}")]
ContentTypeResponse <RedirectionManager[]> onContent,
UnauthorizedResponse onUnauthorized,
ConfigurationFailureResponse onConfigFailure,
BadRequestResponse onBadRequest)
{
// this query is faster than the version commented out below
var methodMaybe = await Method.ById(methodRef, application, (m) => m, () => default(Method?));
if (methodMaybe.IsDefault())
{
return(onBadRequest().AddReason("Method no longer supported"));
}
var method = methodMaybe.Value;
var months = monthsMaybe.HasValue ? Math.Abs(monthsMaybe.Value) : 1;
var since = DateTime.UtcNow.Date.AddMonths(-months);
var query = new TableQuery <GenericTableEntity>().Where(
TableQuery.CombineFilters(
TableQuery.GenerateFilterConditionForGuid("method", QueryComparisons.Equal, method.id),
TableOperators.And,
TableQuery.CombineFilters(
TableQuery.GenerateFilterConditionForDate("Timestamp", QueryComparisons.GreaterThanOrEqual, since),
TableOperators.And,
TableQuery.GenerateFilterConditionForBool("authorized", QueryComparisons.Equal, true)
)
)
);
var table = EastFive.Azure.Persistence.AppSettings.Storage.ConfigurationString(
(conn) =>
{
var account = CloudStorageAccount.Parse(conn);
var client = account.CreateCloudTableClient();
return(client.GetTableReference("authorization"));
},
(why) => throw new Exception(why));
var segment = default(TableQuerySegment <GenericTableEntity>);
var token = default(TableContinuationToken);
var redirections = new RedirectionManager[] { };
do
{
segment = await table.ExecuteQuerySegmentedAsync(query, token);
token = segment.ContinuationToken;
var result = await segment.Results
.Select(
async (entity) =>
{
var id = Guid.Parse(entity.RowKey);
var when = entity.Timestamp.DateTime;
var props = entity.WriteEntity(default);
public async static Task <IHttpResponse> CreateAsync(
[Api.Meta.Flows.WorkflowNewId]
[Property(Name = SessionIdPropertyName)]
IRef <Session> sessionId,
[Api.Meta.Flows.WorkflowParameter(Value = "{{XAuthorization}}")]
[PropertyOptional(Name = AuthorizationPropertyName)]
IRefOptional <Authorization> authorizationRefMaybe,
[Resource] Session session,
IAuthApplication application,
[Api.Meta.Flows.WorkflowVariable2(Workflows.AuthorizationFlow.Variables.AuthHeaderName, HeaderNamePropertyName)]
[Api.Meta.Flows.WorkflowVariable(Workflows.AuthorizationFlow.Variables.TokenName, TokenPropertyName)]
CreatedBodyResponse <Session> onCreated,
AlreadyExistsResponse onAlreadyExists,
ForbiddenResponse forbidden,
ConfigurationFailureResponse onConfigurationFailure,
GeneralConflictResponse onFailure)
{
session.refreshToken = Security.SecureGuid.Generate().ToString("N");
return(await Security.AppSettings.TokenScope.ConfigurationUri(
scope =>
{
return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble(
async(tokenExpirationInMinutes) =>
{
return await await GetClaimsAsync(application, authorizationRefMaybe,
(claims, accountIdMaybe, authorized) =>
{
session.account = accountIdMaybe;
session.authorized = authorized;
return session.StorageCreateAsync(
(sessionIdCreated) =>
{
return Api.Auth.JwtTools.CreateToken(sessionId.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
(tokenNew) =>
{
session.token = tokenNew;
return onCreated(session);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig),
(configName, issue) => onConfigurationFailure(configName, issue));
},
() =>
{
return Api.Auth.JwtTools.CreateToken(sessionId.id,
scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims,
(tokenNew) =>
{
session.token = tokenNew;
return onCreated(session);
},
(missingConfig) => onConfigurationFailure("Missing", missingConfig),
(configName, issue) => onConfigurationFailure(configName, issue));
// onAlreadyExists()
});
},
(why) => onFailure(why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask());
},
(why) => onConfigurationFailure("Missing", why).AsTask()));
}
