/// <summary> /// Checks if the given subject is allowed access to the tenant. /// </summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="tenantId">The tenant id to check against.</param> /// <param name="subjectId">The subject that requires ACL checks permissions.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <Result <bool> > IsAllowedAccessToTenantResultAsync(this IIamClient iamClient, Guid tenantId, string subjectId, System.Threading.CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <AclCheckResponse> response = await iamClient.IsAllowedAccessToTenantResultAsync( new AclCheckRequest { SubjectIds = { subjectId, }, }, tenantId, cancellationToken).ConfigureAwait(false); if (response.IsFail) { return(ErrorResult <bool>(response.Error)); } return(response.Value.SubjectIds.Any(s => string.Equals(s, subjectId, StringComparison.OrdinalIgnoreCase))); }
public async Task ValidateRequest_Default_Success() { string tenantName = Guid.NewGuid().ToString(); string tenantId = Guid.NewGuid().ToString(); var mockHttp = new MockHttpMessageHandler(); MockedRequest request = mockHttp .When(HttpMethod.Get, "*/tenants") .Respond("application/json", $"[{{'tenantId': '{tenantId}', 'name': '{tenantName}'}}]"); IServiceProvider services = ConfigureServices(mockHttp); IIamClient iamClient = services.GetRequiredService <IIamClient>(); ICollection <Tenant> tenants = await iamClient.ListTenantsAsync().ConfigureAwait(false); mockHttp.GetMatchCount(request).Should().Be(1); tenants.Should().NotBeNullOrEmpty(); tenants.Should().HaveCount(1); Tenant tenant = tenants.Single(); tenant.Should().NotBeNull(); tenant.TenantId.Should().Be(tenantId); tenant.Name.Should().Be(tenantName); }
/// <summary> /// Revokes a given subject access rights to the tenant. /// </summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="tenantId">The tenant id to revoke access.</param> /// <param name="subjectId">The subject that requires revoked permissions.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task RemoveAccessToTenantAsync(this IIamClient iamClient, Guid tenantId, string subjectId, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result result = await iamClient.RemoveAccessToTenantResultAsync(tenantId, subjectId, cancellationToken).ConfigureAwait(false); if (result.IsFail) { throw ApiException.Create(result.Error); } }
/// <summary>List Accounts.</summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <object> ListAccountsAsync(this IIamClient iamClient, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <object> result = await iamClient.ListAccountsResultAsync(cancellationToken).ConfigureAwait(false); if (result.IsSuccess) { return(result.Value); } throw ApiException.Create(result.Error); }
/// <summary>Get Tenant.</summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="tenantId">The ID of the requested tenant.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <Tenant> GetTenantAsync(this IIamClient iamClient, Guid tenantId, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <Tenant> result = await iamClient.GetTenantResultAsync(tenantId, cancellationToken).ConfigureAwait(false); if (result.IsSuccess) { return(result.Value); } throw ApiException.Create(result.Error); }
/// <summary>List Tenants.</summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="subjectId">The ID of the subject (e.g. user ID).</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <ICollection <Tenant> > ListTenantsAsync(this IIamClient iamClient, string subjectId = null, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <ICollection <Tenant> > result = await iamClient.ListTenantsResultAsync(subjectId, cancellationToken).ConfigureAwait(false); if (result.IsSuccess) { return(result.Value); } throw ApiException.Create(result.Error); }
/// <summary> /// Get information about the currently logged in user. /// </summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="subjectId">Optional user id.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <UserInfoResponse> GetMyDetailsAsync(this IIamClient iamClient, string subjectId, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <UserInfoResponse> result = await iamClient.GetMyDetailsResultAsync(subjectId, cancellationToken).ConfigureAwait(false); if (result.IsSuccess) { return(result.Value); } throw ApiException.Create(result.Error); }
/// <summary> /// Checks if the given subject is allowed access to the tenant. /// </summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="request">The subject that requires a permission check.</param> /// <param name="tenantId">The tenant id to check against.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <AclCheckResponse> IsAllowedAccessToTenantAsync(this IIamClient iamClient, AclCheckRequest request, Guid tenantId, CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } Result <AclCheckResponse> result = await iamClient.IsAllowedAccessToTenantResultAsync(request, tenantId, cancellationToken).ConfigureAwait(false); if (result.IsSuccess) { return(result.Value); } throw ApiException.Create(result.Error); }
public async Task ValidateRequest_CustomVersion_Success() { (string accessToken, ITokenClientFactory tokenClientFactory) = MockTokenClientFactory(); string apiVersion = Guid.NewGuid().ToString(); var mockHttp = new MockHttpMessageHandler(); MockedRequest request = mockHttp .When("*") .WithHeaders("Authorization", $"Bearer {accessToken}") .WithQueryString("api-version", apiVersion) .With(r => r.Headers.Contains("Subscription-Key") == false) .Respond(HttpStatusCode.OK); var serviceCollection = new ServiceCollection(); serviceCollection.AddSingleton(tokenClientFactory); serviceCollection.AddHttpClient(IamClientOptions.IamHttpClientName) .ConfigurePrimaryHttpMessageHandler(() => mockHttp); serviceCollection.AddIamClient(new IamClientOptions { TokenClientOptions = new ClientCredentialsTokenClientOptions { Authority = string.Empty, ClientId = string.Empty, ClientSecret = string.Empty, }, IamApiUri = new Uri("http://localhost"), ApiVersion = apiVersion, }); ServiceProvider services = serviceCollection.BuildServiceProvider(); IIamClient iamClient = services.GetRequiredService <IIamClient>(); _ = await iamClient.ListTenantsAsync().ConfigureAwait(false); mockHttp.GetMatchCount(request).Should().Be(1); }
/// <summary>Create Tenant.</summary> /// <param name="iamClient">The IamClient to use.</param> /// <param name="request">The request body.</param> /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param> /// <returns>The raw HttpResponseMessage.</returns> public static async Task <Result <Tenant> > CreateTenantResultAsync(this IIamClient iamClient, CreateTenantRequest request, System.Threading.CancellationToken cancellationToken = default) { if (iamClient is null) { throw new ArgumentNullException(nameof(iamClient)); } HttpResponseMessage response = await iamClient.CreateTenantHttpResponseAsync(request, cancellationToken).ConfigureAwait(false); using (response) { switch (response.StatusCode) { case HttpStatusCode.OK: return(await response.DeserializeJsonContentAsync <Tenant>().ConfigureAwait(false)); case HttpStatusCode.NoContent: return(default); case HttpStatusCode.BadRequest: case HttpStatusCode.InternalServerError: { ErrorResponse errorResponse = await response.DeserializeJsonContentAsync <ErrorResponse>().ConfigureAwait(false); return(ErrorResult <Tenant>(errorResponse.Error)); } default: { UnexpectedStatusCodeError error = await UnexpectedStatusCodeError.CreateAsync(response, $"{nameof(IIamClient)}.{nameof(CreateTenantResultAsync)}").ConfigureAwait(false); return(ErrorResult <Tenant>(error)); } } } }