public ListSecurityGroupsAction(
IDirectoryServicesExternalSecurityGroupLocator externalSecurityGroupLocator,
IApiActionResponseCreator responseCreator)
{
this.externalSecurityGroupLocator = externalSecurityGroupLocator;
this.responseCreator = responseCreator;
}
public GoogleAppsUserAuthenticationAction(
ILog log,
IGoogleAppsConfigurationStore configurationStore,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IGoogleAppsAuthorizationEndpointUrlBuilder urlBuilder,
IApiActionResponseCreator responseCreator) : base(log, configurationStore, identityProviderConfigDiscoverer, urlBuilder, responseCreator)
{
}
public AzureADUserAuthenticationAction(
ILog log,
IAzureADConfigurationStore configurationStore,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IAzureADAuthorizationEndpointUrlBuilder urlBuilder,
IApiActionResponseCreator responseCreator,
IApiActionModelBinder modelBinder,
IWebPortalConfigurationStore webPortalConfigurationStore) : base(log, configurationStore, identityProviderConfigDiscoverer, urlBuilder, responseCreator, modelBinder, webPortalConfigurationStore)
{
}
protected UserAuthenticationAction(
ILog log,
TStore configurationStore,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IAuthorizationEndpointUrlBuilder urlBuilder,
IApiActionResponseCreator responseCreator)
{
this.log = log;
ResponseCreator = responseCreator;
ConfigurationStore = configurationStore;
this.identityProviderConfigDiscoverer = identityProviderConfigDiscoverer;
this.urlBuilder = urlBuilder;
}
public OctopusVariablesModule(IApiActionResponseCreator apiResponseCreator, IVariableManifestFactory variableManifestFactory)
{
_apiResponseCreator = apiResponseCreator;
_variableManifestFactory = variableManifestFactory;
Get["/api/variables/deployment/{id}"] = parameters => _apiResponseCreator.AsOctopusJson(Response, GetByDeploymentId(parameters), HttpStatusCode.OK);
;
Get["/api/variables/test/{releaseId}/{environmentId}"] = parameters => apiResponseCreator.AsOctopusJson(Response, GetFromTestDeployment(parameters), HttpStatusCode.OK);
Get["/api/variables/test/{releaseId}/{environmentId}/{tenantId}"] = parameters => apiResponseCreator.AsOctopusJson(Response, GetFromTestDeployment(parameters), HttpStatusCode.OK);
Get["/api/variables/deployment/{id}/eval/{variable}"] = parameters => ReturnResolvedVariable(GetByDeploymentId(parameters), parameters);
Get["/api/variables/test/{releaseId}/{environmentId}/eval/{variable}"] = parameters => ReturnResolvedVariable(GetFromTestDeployment(parameters), parameters);
Get["/api/variables/test/{releaseId}/{environmentId}/{tenantId}/eval/{variable}"] = parameters => ReturnResolvedVariable(GetFromTestDeployment(parameters), parameters);
Post["/api/variables/deployment/{id}/eval"] = parameters => ReturnEvaluatedRequest(GetByDeploymentId(parameters));
Post["/api/variables/test/{releaseId}/{environmentId}/eval"] = parameters => ReturnEvaluatedRequest(GetFromTestDeployment(parameters));
Post["/api/variables/test/{releaseId}/{environmentId}/{tenantId}/eval"] = parameters => ReturnEvaluatedRequest(GetFromTestDeployment(parameters));
}
public UserLoginAction(
IDirectoryServicesConfigurationStore configurationStore,
IDirectoryServicesCredentialValidator credentialValidator,
IAuthCookieCreator issuer,
IInvalidLoginTracker loginTracker,
ISleep sleep,
IApiActionModelBinder modelBinder,
IApiActionResponseCreator responseCreator,
IUserMapper userMapper)
{
this.configurationStore = configurationStore;
this.credentialValidator = credentialValidator;
this.issuer = issuer;
this.loginTracker = loginTracker;
this.sleep = sleep;
this.modelBinder = modelBinder;
this.responseCreator = responseCreator;
this.userMapper = userMapper;
}
protected UserAuthenticatedAction(
ILog log,
TAuthTokenHandler authTokenHandler,
IPrincipalToUserResourceMapper principalToUserResourceMapper,
IUserStore userStore,
TStore configurationStore,
IApiActionResponseCreator responseCreator,
IAuthCookieCreator authCookieCreator,
IInvalidLoginTracker loginTracker,
ISleep sleep)
{
this.log = log;
this.authTokenHandler = authTokenHandler;
this.principalToUserResourceMapper = principalToUserResourceMapper;
this.userStore = userStore;
ConfigurationStore = configurationStore;
ResponseCreator = responseCreator;
this.authCookieCreator = authCookieCreator;
this.loginTracker = loginTracker;
this.sleep = sleep;
}
public AzureADUserAuthenticatedAction(
ILog log,
IAzureADAuthTokenHandler authTokenHandler,
IAzureADPrincipalToUserResourceMapper principalToUserResourceMapper,
IUserStore userStore,
IAzureADConfigurationStore configurationStore,
IApiActionResponseCreator responseCreator,
IAuthCookieCreator authCookieCreator,
IInvalidLoginTracker loginTracker,
ISleep sleep) :
base(
log,
authTokenHandler,
principalToUserResourceMapper,
userStore,
configurationStore,
responseCreator,
authCookieCreator,
loginTracker,
sleep)
{
}
public IntegratedAuthenticationModule(ILog log, IAuthCookieCreator tokenIssuer, IApiActionResponseCreator responseCreator, IWebPortalConfigurationStore webPortalConfigurationStore)
{
Get[DirectoryServicesConstants.ChallengePath] = c =>
{
if (Context.CurrentUser == null)
{
return(responseCreator.Unauthorized(Request));
}
var principal = (IOctopusPrincipal)Context.CurrentUser;
var authCookies = tokenIssuer.CreateAuthCookies(Context.Request, principal.IdentificationToken, SessionExpiry.TwentyMinutes);
var whitelist = webPortalConfigurationStore.GetTrustedRedirectUrls();
Response response;
if (Request.Query["redirectTo"].HasValue && Requests.IsLocalUrl(Request.Query["redirectTo"].Value, whitelist))
{
var redirectLocation = Request.Query["redirectTo"].Value;
response = new RedirectResponse(redirectLocation).WithCookies(authCookies);
}
else
{
if (Request.Query["redirectTo"].HasValue)
{
log.WarnFormat("Prevented potential Open Redirection attack on an NTLM challenge, to the non-local url {0}", Request.Query["redirectTo"].Value);
}
response = new RedirectResponse(Request.Url.BasePath ?? "/").WithCookies(authCookies);
}
return(response);
};
}
public IntegratedAuthenticationModule(ILog log, IAuthCookieCreator tokenIssuer, IApiActionResponseCreator responseCreator, IWebPortalConfigurationStore webPortalConfigurationStore)
{
Get[DirectoryServicesConstants.ChallengePath] = c =>
{
if (Context.CurrentUser == null)
{
return(responseCreator.Unauthorized(Request));
}
var principal = (IOctopusPrincipal)Context.CurrentUser;
var tokenCookie = tokenIssuer.CreateAuthCookie(Context, principal.IdentificationToken, false);
var directoryPathResult = Request.AbsoluteVirtualDirectoryPath();
if (!directoryPathResult.IsValid)
{
return(responseCreator.BadRequest(directoryPathResult.InvalidReason));
}
var whitelist = webPortalConfigurationStore.GetTrustedRedirectUrls();
Response response;
if (Request.Query["redirectTo"].HasValue && Requests.IsLocalUrl(directoryPathResult.Path, Request.Query["redirectTo"].Value, whitelist))
{
var redirectLocation = Request.Query["redirectTo"].Value;
response = new RedirectResponse(redirectLocation).WithCookie(tokenCookie);
}
else
{
log.WarnFormat("Prevented potential Open Redirection attack on an NTLM challenge from the local instance {0} to the non-local url {1}", directoryPathResult.Path, Request.Query["redirectTo"].Value);
response = new RedirectResponse(directoryPathResult.Path ?? "/").WithCookie(tokenCookie);
}
return(response);
};
}
