public IActionResult Post(CreateRessourceServerDto infos) { infos.UserName = User.Identity.Name; var createdId = _service.CreateRessourceServer(infos); var currentUrl = UriHelper.GetDisplayUrl(Request); return(Created($"{currentUrl}/{createdId}", null)); }
public void Init() { _service = new RessourceServerService() { Configuration = FakeConfigurationHelper.GetFakeConf(), RepositoriesFactory = new FakeRepositoriesFactory(), StringLocalizerFactory = new FakeStringLocalizerFactory(), Logger = new FakeLogger(), EncryptonService = new FakeEncryptionService() }; _adminUser = new User() { CreationDate = DateTime.Now, EMail = "*****@*****.**", FullName = "Samadmin", Id = 123, IsValid = true, Password = new byte[] { 0 }, UserName = "******" }; _normalUser = new User() { CreationDate = DateTime.Now, EMail = "*****@*****.**", FullName = "SamPasadmin", Id = 124, IsValid = true, Password = new byte[] { 0 }, UserName = "******" }; _invalidUser = new User() { CreationDate = DateTime.Now, EMail = "*****@*****.**", FullName = "SamPasValid", Id = 125, IsValid = false, Password = new byte[] { 0 }, UserName = "******" }; FakeDataBase.Instance.Users.Add(_adminUser); FakeDataBase.Instance.Users.Add(_normalUser); FakeDataBase.Instance.Users.Add(_invalidUser); _adminRole = new Role() { Id = (int)ERole.ADMIN, Wording = RoleName.Administrator }; _normalRole = new Role() { Id = (int)ERole.USER, Wording = RoleName.User }; FakeDataBase.Instance.Roles.Clear(); FakeDataBase.Instance.Roles.Add(_adminRole); FakeDataBase.Instance.Roles.Add(_normalRole); FakeDataBase.Instance.UsersRoles.Add(new UserRole() { Id = 345, RoleId = _adminRole.Id, UserId = _adminUser.Id }); FakeDataBase.Instance.UsersRoles.Add(new UserRole() { Id = 346, RoleId = _normalRole.Id, UserId = _normalUser.Id }); _existingRessourceServer = new RessourceServer() { CreationDate = DateTime.Now, Description = "I Exist", Id = 999, IsValid = true, Login = "******", Name = "existing", ServerSecret = new byte[] { 0 } }; _validRessourceServer = new RessourceServer() { CreationDate = DateTime.Now, Description = "I am valid, yeah", Id = 1999, IsValid = true, Login = "******", Name = "valid_rs_name", ServerSecret = new byte[] { 0 } }; _invalidRessourceServer = new RessourceServer() { CreationDate = DateTime.Now, Description = "I am not valid, sad", Id = 2000, IsValid = false, Login = "******", Name = "invalid_rs_name", ServerSecret = new byte[] { 0 } }; FakeDataBase.Instance.RessourceServers.Add(_existingRessourceServer); FakeDataBase.Instance.RessourceServers.Add(_validRessourceServer); FakeDataBase.Instance.RessourceServers.Add(_invalidRessourceServer); _existingScope = new Scope() { Id = 789, RessourceServerId = _existingRessourceServer.Id, NiceWording = "I Exist", Wording = "RW_I_Exist" }; FakeDataBase.Instance.Scopes.Add(_existingScope); _createDto = new CreateRessourceServerDto() { Description = "Test ressource server", Login = "******", Name = "R-Serv", Password = "******", RepeatPassword = "******", Scopes = new List <CreateRessourceServerScopesDto>() { new CreateRessourceServerScopesDto() { IsReadWrite = true, NiceWording = "scope1 nice wording" }, new CreateRessourceServerScopesDto() { IsReadWrite = false, NiceWording = "scope2 another nice wording" }, new CreateRessourceServerScopesDto() { IsReadWrite = true, NiceWording = "scope3 juste another nice wording" } }, UserName = _adminUser.UserName }; }
public async Task Post_Should_Create_Ressource_Server() { var scopeIsReadWrite = true; var toCreateRessourceServer = new CreateRessourceServerDto() { Description = "new ressource server", Login = "******", Name = "newRs", Password = "******", RepeatPassword = "******", Scopes = new List <CreateRessourceServerScopesDto>() { new CreateRessourceServerScopesDto() { IsReadWrite = scopeIsReadWrite, NiceWording = "a new scope" } } }; var httpResponseMessage = await _client.PostAsJsonAsync("ressourcesServers", toCreateRessourceServer); Assert.AreEqual(HttpStatusCode.Created, httpResponseMessage.StatusCode); Assert.IsTrue(httpResponseMessage.Headers.Contains("location")); var location = httpResponseMessage.Headers.GetValues("location").Single(); Assert.IsTrue(location.Length > 0); var ressourceServerId = Int32.Parse(location.Split('/', StringSplitOptions.RemoveEmptyEntries).Last()); RessourceServer myNewRessourceServer = null; Scope myNewScopes = null; using (var context = new DaOAuthContext(_dbContextOptions)) { myNewRessourceServer = context.RessourceServers.Where(c => c.Id.Equals(ressourceServerId)).SingleOrDefault(); myNewScopes = context.Scopes.Where(s => s.RessourceServerId.Equals(ressourceServerId)).SingleOrDefault(); } Assert.IsNotNull(myNewRessourceServer); Assert.AreEqual(toCreateRessourceServer.Description, myNewRessourceServer.Description); Assert.AreEqual(toCreateRessourceServer.Login, myNewRessourceServer.Login); Assert.AreEqual(toCreateRessourceServer.Name, myNewRessourceServer.Name); var encryptionServce = new EncryptionService(); Assert.IsTrue(encryptionServce.AreEqualsSha256( String.Concat(GuiApiTestStartup.Configuration.PasswordSalt, toCreateRessourceServer.Password), myNewRessourceServer.ServerSecret)); Assert.IsTrue(myNewRessourceServer.IsValid); Assert.AreEqual(DateTime.Now.Date, myNewRessourceServer.CreationDate.Date); Assert.IsNotNull(myNewScopes); Assert.AreEqual(toCreateRessourceServer.Scopes.Single().NiceWording, myNewScopes.NiceWording); Assert.AreEqual(ressourceServerId, myNewScopes.RessourceServerId); Assert.IsTrue(myNewScopes.Wording.Length > 0); if (scopeIsReadWrite) { Assert.IsTrue(myNewScopes.Wording.StartsWith("RW_")); } else { Assert.IsTrue(myNewScopes.Wording.StartsWith("R_")); } }
public int CreateRessourceServer(CreateRessourceServerDto toCreate) { var rsId = 0; IList <ValidationResult> ExtendValidation(CreateRessourceServerDto toValidate) { var resource = this.GetErrorStringLocalizer(); IList <ValidationResult> result = new List <ValidationResult>(); if (!String.IsNullOrEmpty(toCreate.Password) && !toCreate.Password.Equals(toCreate.RepeatPassword, StringComparison.Ordinal)) { result.Add(new ValidationResult(resource["CreateRessourceServerPasswordDontMatch"])); } if (!toValidate.Password.IsMatchPasswordPolicy()) { result.Add(new ValidationResult(resource["CreateRessourceServerPasswordPolicyFailed"])); } // check empties or multiple scopes names if (toValidate.Scopes != null) { if (toValidate.Scopes.Where(s => String.IsNullOrWhiteSpace(s.NiceWording)).Any()) { result.Add(new ValidationResult(resource["CreateRessourceServerEmptyScopeWording"])); } if (toValidate.Scopes.Where(s => !String.IsNullOrWhiteSpace(s.NiceWording)).GroupBy(s => s.NiceWording.ToUpper()).Where(x => x.Count() > 1).Any()) { result.Add(new ValidationResult(resource["CreateRessourceServerMultipleScopeWording"])); } } return(result); } Logger.LogInformation(String.Format("Try to create ressource server for user {0}", toCreate != null ? toCreate.UserName : String.Empty)); Validate(toCreate, ExtendValidation); using (var context = RepositoriesFactory.CreateContext()) { var userRepo = RepositoriesFactory.GetUserRepository(context); var rsRepo = RepositoriesFactory.GetRessourceServerRepository(context); var scopeRepo = RepositoriesFactory.GetScopeRepository(context); var myUser = userRepo.GetByUserName(toCreate.UserName); if (myUser == null || !myUser.IsValid) { throw new DaOAuthServiceException("CreateRessourceServerInvalidUserName"); } if (myUser.UsersRoles.FirstOrDefault(r => r.RoleId.Equals((int)ERole.ADMIN)) == null) { throw new DaOAuthServiceException("CreateRessourceServerNonAdminUserName"); } var existingRs = rsRepo.GetByLogin(toCreate.Login); if (existingRs != null) { throw new DaOAuthServiceException("CreateRessourceServerExistingLogin"); } // create ressource server var myRs = new RessourceServer() { CreationDate = DateTime.Now, Description = toCreate.Description, IsValid = true, Login = toCreate.Login, Name = toCreate.Name, ServerSecret = EncryptonService.Sha256Hash(string.Concat(Configuration.PasswordSalt, toCreate.Password)) }; rsId = rsRepo.Add(myRs); // check for existing scope, if ok, create if (toCreate.Scopes != null) { foreach (var s in toCreate.Scopes) { var s1 = s.NiceWording.ToScopeWording(true); var s2 = s.NiceWording.ToScopeWording(false); var scope = scopeRepo.GetByWording(s1); if (scope != null) { throw new DaOAuthServiceException("CreateRessourceServerExistingScope"); } scope = scopeRepo.GetByWording(s2); if (scope != null) { throw new DaOAuthServiceException("CreateRessourceServerExistingScope"); } scope = new Scope() { NiceWording = s.NiceWording, Wording = s.NiceWording.ToScopeWording(s.IsReadWrite), RessourceServerId = rsId }; scopeRepo.Add(scope); } } context.Commit(); rsId = myRs.Id; } return(rsId); }