public void ForCreate(Solutions input)
{
var email = _context.Email();
input.CreatedById = input.ModifiedById = _contacts.ByEmail(email).Id;
input.CreatedOn = input.ModifiedOn = DateTime.UtcNow;
}
public void ForCreate(T input)
{
var email = _context.Email();
input.CreatedById = _contacts.ByEmail(email).Id;
input.CreatedOn = input.OriginalDate = DateTime.UtcNow;
}
public Task Authenticate(ValidatePrincipalContext context)
{
if (!_env.IsDevelopment())
{
context.AuthenticationFailMessage = "Basic authentication only available in Development environment";
return(Task.CompletedTask);
}
// use basic authentication to support Swagger
if (context.UserName != context.Password)
{
context.AuthenticationFailMessage = "Authentication failed.";
return(Task.CompletedTask);
}
var primaryRoleId = string.Empty;
var email = string.Empty;
switch (context.UserName)
{
case Roles.Admin:
case Roles.Buyer:
primaryRoleId = PrimaryRole.GovernmentDepartment;
email = "*****@*****.**";
break;
case Roles.Supplier:
primaryRoleId = PrimaryRole.ApplicationServiceProvider;
email = "*****@*****.**";
break;
default:
break;
}
var contact = _contactDatastore.ByEmail(email);
var org = _organisationDatastore.ByContact(contact?.Id ?? string.Empty);
var claims = new List <Claim>
{
new Claim(ClaimTypes.Email, email, context.Options.ClaimsIssuer),
new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer),
// use (case-sensitive) UserName for role
new Claim(ClaimTypes.Role, context.UserName),
// random organisation for Joe public
new Claim(nameof(Organisations), org?.Id ?? Guid.NewGuid().ToString())
};
context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme));
return(Task.CompletedTask);
}
public virtual IActionResult ApiContactsByEmailByEmailGet([FromRoute][Required] string email)
{
try
{
var contact = _datastore.ByEmail(email);
if (contact == null || contact?.Id == Guid.Empty || contact?.Id == null)
{
return(StatusCode(404));
}
return(new ObjectResult(contact));
}
catch (Crm.CrmApiException ex)
{
return(StatusCode((int)ex.HttpStatus, ex.Message));
}
}
public void Update(Solutions solution)
{
_validator.ValidateAndThrowEx(solution, ruleSet: nameof(ISolutionsLogic.Update));
_modifier.ForUpdate(solution);
var oldSoln = _datastore.ById(solution.Id);
_datastore.Update(solution);
var contact = _contacts.ByEmail(Context.Email());
var record = new ChangeRecord <Solutions>(contact.Id, oldSoln, solution);
_notifier.Notify(record);
// TODO remove this code once we have activated SolutionChangeReceiver
// create SharePoint folder structure
if (solution.Status == SolutionStatus.Registered)
{
_evidenceBlobStoreLogic.PrepareForSolution(solution.Id);
}
}
public async Task Authenticate(TokenValidatedContext context)
{
// set roles based on email-->organisation-->org.PrimaryRoleId
var bearerToken = ((FrameRequestHeaders)context.HttpContext.Request.Headers).HeaderAuthorization.Single();
LogInformation($"Extracted token --> [{bearerToken}]");
// have to cache responses or UserInfo endpoint thinks we are a DOS attack
CachedUserInfoResponse cachedresponse = null;
if (_cache.TryGetValue(bearerToken, out string jsonCachedResponse))
{
LogInformation($"cache[{bearerToken}] --> [{jsonCachedResponse}]");
cachedresponse = JsonConvert.DeserializeObject <CachedUserInfoResponse>(jsonCachedResponse);
if (cachedresponse.Created < DateTime.UtcNow.Subtract(Expiry))
{
LogInformation($"Removing expired cached token --> [{bearerToken}]");
_cache.Remove(bearerToken);
cachedresponse = null;
}
}
var userInfo = Settings.OIDC_USERINFO_URL(_config);
if (cachedresponse == null)
{
var response = await _userInfoClient.GetAsync(userInfo, bearerToken.Substring(7));
if (response == null)
{
_logger.LogError($"No response from [{userInfo}]");
return;
}
LogInformation($"Updating token --> [{bearerToken}]");
_cache.SafeAdd(bearerToken, JsonConvert.SerializeObject(new CachedUserInfoResponse(response)));
cachedresponse = new CachedUserInfoResponse(response);
}
if (cachedresponse.Claims == null)
{
_logger.LogError($"No claims from [{userInfo}]");
return;
}
var userClaims = cachedresponse.Claims;
var claims = new List <Claim>(userClaims.Select(x => new Claim(x.Type, x.Value)));
var email = userClaims.SingleOrDefault(x => x.Type == "email")?.Value;
if (!string.IsNullOrEmpty(email))
{
var contact = _contactsDatastore.ByEmail(email);
if (contact == null)
{
_logger.LogError($"No contact for [{email}]");
return;
}
var org = _organisationDatastore.ByContact(contact.Id);
if (org == null)
{
_logger.LogError($"No organisation for [{contact.Id}]");
return;
}
switch (org.PrimaryRoleId)
{
case PrimaryRole.ApplicationServiceProvider:
claims.Add(new Claim(ClaimTypes.Role, Roles.Supplier));
break;
case PrimaryRole.GovernmentDepartment:
claims.Add(new Claim(ClaimTypes.Role, Roles.Admin));
claims.Add(new Claim(ClaimTypes.Role, Roles.Buyer));
break;
}
claims.Add(new Claim(nameof(Organisations), org.Id));
}
context.Principal.AddIdentity(new ClaimsIdentity(claims));
}
public Contacts ByEmail(string email)
{
return(_filter.Filter(new[] { _datastore.ByEmail(email) }).SingleOrDefault());
}