public async Task <IActionResult> StoreData([FromBody] StoreSessionDataRequest request)
{
if (request == null)
{
return(new NotFoundResult());
}
if (string.IsNullOrEmpty(request.Key))
{
return(new NotFoundResult());
}
if (!string.IsNullOrEmpty(request.Data) && request.Data.Length > 4096)
{
return(new NotFoundResult());
}
var spa = _externalSpaStore.GetRecord(request.Key);
if (spa == null)
{
return(new NotFoundResult());
}
var key = $".extSpa.Session.{request.Key}";
SessionCacheManager <string>
.Insert(_httpContextAccessor.HttpContext, key, request.Data);
return(new OkResult());
}
public async Task UpdateEventEndDate(Guid eventId, DateTime endTime)
{
var datetimeUtcIso8601 = endTime.ToUniversalTime().ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", CultureInfo.InvariantCulture);
var extendEventStatement = "UPDATE EventData SET endtime = '" + datetimeUtcIso8601 + "' WHERE EventID=" + eventId + ";";
var session = SessionCacheManager.GetSession(KeySpace);
await session.ExecuteAsync((await session.PrepareAsync(extendEventStatement)).Bind());
}
private async Task <IEnumerable <Guid> > GetEventParticipantsList(Guid eventId)
{
var session = SessionCacheManager.GetSession(KeySpace);
var query = "SELECT UserId FROM EventParticipantMapping WHERE EventId=" + eventId.ToString() + "ALLOW FILTERING;";
var preparedStatement = await session.PrepareAsync(query);
var resultSet = await session.ExecuteAsync(preparedStatement.Bind());
return(resultSet.Select(row => row.GetValue <Guid>("userid")));
}
public async Task <DataContract.Event> GetEvent(Guid eventId)
{
var query = "SELECT EventDetails from EventData WHERE EventId=" + eventId.ToString() + ";";
var sessionL = SessionCacheManager.GetSession(KeySpace);
var preparedStatement = await sessionL.PrepareAsync(query);
var resultSet = await sessionL.ExecuteAsync(preparedStatement.Bind());
return(JsonConvert.DeserializeObject <DataContract.Event>(resultSet.First().GetValue <string>("eventdetails")));
}
private async Task <IEnumerable <Guid> > GetEventIdsByUserId(Guid userid)
{
var sessionL = SessionCacheManager.GetSession(KeySpace);
var query = "SELECT EventId FROM EventParticipantMapping WHERE UserId=" + userid.ToString() + ";";
var preparedStatement = await sessionL.PrepareAsync(query);
var resultSet = await sessionL.ExecuteAsync(preparedStatement.Bind());
return(resultSet.Select(row => row.GetValue <Guid>("eventid")));
}
public async Task SaveEvent(Evento @event)
{
if (@event == null)
{
throw new ArgumentNullException(nameof(@event));
}
var updateParticipantStateStatement = "UPDATE EventData SET EventDetails = '" + JsonConvert.SerializeObject(@event) + "' WHERE EventID=" + @event.Id + ";";
var session = SessionCacheManager.GetSession(KeySpace);
await session.ExecuteAsync((await session.PrepareAsync(updateParticipantStateStatement)).Bind());
}
private async Task InsertAsyncEventData(Evento @event)
{
var session = SessionCacheManager.GetSession(KeySpace);
var eventJson = JsonConvert.SerializeObject(@event);
var insertEventData =
$"INSERT INTO EventData (EventId, StartTime, EndTime, EventDetails) values ({@event.Id},'{@event.StartTime.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture)}','{@event.EndTime.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture)}','{eventJson}');";
var ips = await session.PrepareAsync(insertEventData);
var statement = ips.Bind();
await session.ExecuteAsync(statement);
}
private async Task InsertEventParticipantMapping(Guid eventId, IEnumerable <Guid> participantIds)
{
var session = SessionCacheManager.GetSession(KeySpace);
participantIds?.ToList().ForEach(async participantId =>
{
var insertEventParticipantMapping = $"INSERT INTO UserEvent (UserId ,EventId) values ({participantId},{eventId});";
var ips = await session.PrepareAsync(insertEventParticipantMapping);
var statement = ips.Bind();
await session.ExecuteAsync(statement);
});
}
private async Task <IEnumerable <DataContract.Event> > GetEventsByEventIds(IEnumerable <Guid> eventIds)
{
var datetimeUtcIso8601 = DateTime.UtcNow.ToUniversalTime().ToString("yyyy-MM-dd'T'HH:mm:ss.fffzzz", CultureInfo.InvariantCulture);
var query = "SELECT EventDetails FROM EventData WHERE EventId IN (" + string.Join(",", eventIds.ToList()) + ") " +
"and EndTime > '" + datetimeUtcIso8601 + "' ALLOW FILTERING;";
var sessionL = SessionCacheManager.GetSession(KeySpace);
var preparedStatement = await sessionL.PrepareAsync(query);
var resultSet = await sessionL.ExecuteAsync(preparedStatement.Bind());
return(resultSet.Select(row => JsonConvert.DeserializeObject <DataContract.Event>(row.GetValue <string>("eventdetails"))));
}
private async Task DeleteEventParticipantMapping(Guid eventId, IEnumerable <Guid> participantIds)
{
var session = SessionCacheManager.GetSession(KeySpace);
participantIds?.ToList().ForEach(async participant =>
{
var deleteEventParticipantMappings = $"Delete from UserEvent where UserId ={participant} AND EventId={eventId};";
var ips = await session.PrepareAsync(deleteEventParticipantMappings);
var statement = ips.Bind();
await session.ExecuteAsync(statement);
});
}
public async Task DeleteEventParticipantMapping(Guid eventId)
{
var participantList = (await GetEventParticipantsList(eventId)).ToList();
var session = SessionCacheManager.GetSession(KeySpace);
participantList.ForEach(async participant =>
{
var deleteEventParticipantMappings = "Delete from EventParticipantMapping where UserId = " + participant + " AND EventId=" + eventId + ";";
var ips = await session.PrepareAsync(deleteEventParticipantMappings);
var statement = ips.Bind(participant, eventId);
await session.ExecuteAsync(statement);
});
}
public async Task UpdateEvent(Evento @event, bool updateParticipants = false)
{
if (@event == null)
{
throw new ArgumentNullException(nameof(@event));
}
if (updateParticipants)
{
await UpdateParticipants(@event);
}
var updateParticipantStateStatement = $"UPDATE EventData SET StartTime = '{@event.StartTime.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture)}',EndTime='{@event.EndTime.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture)}', EventDetails = '" + JsonConvert.SerializeObject(@event) + "' WHERE EventID=" + @event.Id + ";";
var session = SessionCacheManager.GetSession(KeySpace);
await session.ExecuteAsync((await session.PrepareAsync(updateParticipantStateStatement)).Bind());
}
public async Task <IActionResult> FetchData(string id)
{
if (string.IsNullOrEmpty(id))
{
return(new NotFoundResult());
}
var key = $".extSpa.Session.{id}";
if (Session.IsAvailable)
{
var data = SessionCacheManager <string>
.Grab(_httpContextAccessor.HttpContext, key);
return(new JsonResult(data));
}
return(new JsonResult(null));
}
private async Task InsertEventParticipantMapping(Evento @event)
{
var session = SessionCacheManager.GetSession(KeySpace);
List <Guid> participantList = (await GetEventParticipantsList(@event.Id)).ToList();
participantList.ForEach(async participant =>
{
var insertEventParticipantMapping = "INSERT INTO EventParticipantMapping " +
"(UserId ,EventId)" +
"values " +
"(" + participant + "," + @event.Id + ");";
var ips = await session.PrepareAsync(insertEventParticipantMapping);
var eventJson = JsonConvert.SerializeObject(@event);
var statement = ips.Bind();
await session.ExecuteAsync(statement);
});
}
public async Task <IActionResult> Logout()
{
var loadedSpas = SessionCacheManager <Dictionary <string, ExternalSPARecord> >
.Grab(_httpContextAccessor.HttpContext, ".loadedSpas") ?? new Dictionary <string, ExternalSPARecord>();
var query = from item in loadedSpas
let c = new FrontChannelRecord {
LogoutUri = item.Value.LogoutUri
}
select c;
var frontChannelRecords = query.ToList();
ViewBag.logoutRecords = frontChannelRecords;
await _signInManager.SignOutAsync();
_logger.LogInformation("User logged out.");
var url = Url.Action(nameof(HomeController.Index), "Home");
ViewBag.RedirectUrl = url;
return(View());
return(RedirectToAction(nameof(HomeController.Index), "Home"));
}
public ApiSessionAuthorizeAttribute() : base(_policy_)
{
_cache = SessionCacheManager.Instance();
}
public async Task DeleteAsyncEventData(Guid eventId)
{
var session = SessionCacheManager.GetSession(KeySpace);
var eventDeleteStatement = "Delete from EventData where EventId=" + eventId + ";";
await session.ExecuteAsync((await session.PrepareAsync(eventDeleteStatement)).Bind(eventId));
}
static void Main(string[] args)
{
bool is_raw = false;
bool is_silent = false;
int thread_cnt = DEFAULT_THREAD_CNT;
int iter_cnt = DEFAULT_ITERATION_CNT;
for (int inx = 0; inx < args.Length; inx++)
{
if ("-RAW".Equals(args[inx], StringComparison.InvariantCultureIgnoreCase))
{
is_raw = true;
}
if ("-SILENT".Equals(args[inx], StringComparison.InvariantCultureIgnoreCase))
{
is_silent = true;
}
else if ("-ITERATIONS".Equals(args[inx], StringComparison.InvariantCultureIgnoreCase))
{
iter_cnt = int.Parse(args[inx + 1]);
}
else if ("-THREADS".Equals(args[inx], StringComparison.InvariantCultureIgnoreCase))
{
thread_cnt = int.Parse(args[inx + 1]);
}
}
if (!is_silent)
{
Console.WriteLine("Authorization List Checker Test");
Console.WriteLine("AuthListTest [-RAW] [-SILENT] [-ITERATIONS <#>] [-THREADS <#>]");
Console.WriteLine("DB initialization");
}
DbManager.InitializeDB(thread_cnt);
if (!is_silent)
{
Console.WriteLine("Done");
}
User[] users = DbManager.GetUsers(thread_cnt);
var started = DateTime.Now;
ThreadPool.SetMaxThreads(thread_cnt, thread_cnt);
ThreadPool.SetMinThreads(thread_cnt, thread_cnt);
for (int i = 0; i < thread_cnt; i++)
{
var test = new AuthorizationCheckerTest()
{
IsSilent = is_silent,
ThreadIndex = i,
UserId = users[i].Id,
IterationCount = iter_cnt,
SessionMgr = (is_raw ?
(ISessionManager) new SessionManager() : new SessionCacheManager())
};
ThreadPool.QueueUserWorkItem(new WaitCallback(TestThreadProc), test);
}
while (Interlocked.Read(ref FinishedThreadsCount) < thread_cnt)
{
Thread.Sleep(0);
}
var total = (int)DateTime.Now.Subtract(started).TotalMilliseconds;
if (is_silent)
{
Console.WriteLine(total);
}
else
{
Console.WriteLine("TOTAL(" +
(is_raw ? "RAW" : "CACHE") + ", ITERATIONS:" + iter_cnt + ", THREADS:" + thread_cnt + ") = "
+ total + "ms");
}
SessionCacheManager.TerminateCaching();
}
public async Task <IActionResult> OnGetCallbackAsync(string returnUrl = null, string prompt = null, string remoteError = null)
{
string currentNameIdClaimValue = null;
if (User.Identity.IsAuthenticated)
{
// we will only create a new user if the user here is actually new.
var qName = from claim in User.Claims
where claim.Type == ".nameIdentifier"
select claim;
var nc = qName.FirstOrDefault();
currentNameIdClaimValue = nc?.Value;
}
var oidc = await HarvestOidcDataAsync();
var session = _httpContextAccessor.HttpContext.Session;
if (remoteError != null)
{
ErrorMessage = $"Error from external provider: {remoteError}";
return(RedirectToPage("./Login"));
}
var info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(RedirectToPage("./Login"));
}
// Sign in the user with this external login provider if the user already has a login.
/*
* var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor : true);
* if (result.Succeeded)
* {
* _logger.LogInformation("{Name} logged in with {LoginProvider} provider.", info.Principal.Identity.Name, info.LoginProvider);
* return LocalRedirect(Url.GetLocalUrl(returnUrl));
* }
*/
var query = from claim in info.Principal.Claims
where claim.Type == "DisplayName"
select claim;
var queryNameId = from claim in info.Principal.Claims
where claim.Type == ClaimTypes.NameIdentifier
select claim;
var nameClaim = query.FirstOrDefault();
var displayName = nameClaim.Value;
var nameIdClaim = queryNameId.FirstOrDefault();
if (!string.IsNullOrEmpty(currentNameIdClaimValue) &&
(currentNameIdClaimValue != nameIdClaim.Value))
{
session.Clear();
}
if (currentNameIdClaimValue == nameIdClaim.Value)
{
session.SetObject(".identity.oidc", oidc);
session.SetObject(".identity.strongLoginUtc", DateTimeOffset.UtcNow);
// this is a re login from the same user, so don't do anything;
return(LocalRedirect(Url.GetLocalUrl(returnUrl)));
}
// paranoid
var leftoverUser = await _userManager.FindByEmailAsync(displayName);
if (leftoverUser != null)
{
await _userManager.DeleteAsync(leftoverUser); // just using this inMemory userstore as a scratch holding pad
}
var user = new ApplicationUser {
UserName = nameIdClaim.Value, Email = displayName
};
// SHA256 is disposable by inheritance.
using (var sha256 = SHA256.Create())
{
// Send a sample text to hash.
var hashedBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(nameIdClaim.Value));
// Get the hashed string.
var hash = BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
SessionCacheManager <string> .Insert(_httpContextAccessor.HttpContext, ".identity.userHash", hash);
}
var result = await _userManager.CreateAsync(user);
var newUser = await _userManager.FindByIdAsync(user.Id);
var cQuery = from claim in _settings.Value.PostLoginClaims
let c = new Claim(claim.Name, claim.Value)
select c;
var eClaims = cQuery.ToList();
eClaims.Add(new Claim("custom-name", displayName));
eClaims.Add(new Claim(".nameIdentifier", nameIdClaim.Value));// normalized id.
await _userManager.AddClaimsAsync(newUser, eClaims);
if (result.Succeeded)
{
await _signInManager.SignInAsync(user, isPersistent : false);
await _userManager.DeleteAsync(user); // just using this inMemory userstore as a scratch holding pad
_logger.LogInformation("User created an account using {Name} provider.", info.LoginProvider);
session.SetObject(".identity.oidc", oidc);
session.SetObject(".identity.strongLoginUtc", DateTimeOffset.UtcNow);
// _httpContextAccessor.HttpContext.DropBlueGreenApplicationCookie(_deploymentOptions);
return(LocalRedirect(Url.GetLocalUrl(returnUrl)));
}
return(RedirectToPage("./Login"));
}
public async Task <IActionResult> Index(string id)
{
Logger.LogInformation("Hello from the External SPA Home Index Controller");
var spa = _externalSpaStore.GetRecord(id);
if (spa == null)
{
return(new NotFoundResult());
}
var loadedSpas = SessionCacheManager <Dictionary <string, ExternalSPARecord> > .Grab(_httpContextAccessor.HttpContext,
_loadedSpasKey) ?? new Dictionary <string, ExternalSPARecord>();
var result = HttpContext.User.Claims.Select(
c => new ClaimType {
Type = c.Type, Value = c.Value
});
var cacheKey = $".extSpaViewBagRecord.{id}";
ViewBagRecord viewBagRecord = null;
var value = await _cache.GetAsync(cacheKey);
if (value != null)
{
viewBagRecord = ZeroFormatterSerializer.Deserialize <ViewBagRecord>(value);
}
else
{
var doc = await _discoveryCache.GetAsync();
var request = new AuthorizeRequest(doc.AuthorizeEndpoint);
var url = request.CreateAuthorizeUrl(
clientId: spa.ClientId,
responseType: OidcConstants.ResponseTypes.Code,
prompt: OidcConstants.PromptModes.None,
redirectUri: spa.RedirectUri,
scope: "openid profile email");
var mySpaRecord = new MySpaRecord()
{
ClientId = spa.ClientId,
Key = spa.Key,
RedirectUri = spa.RedirectUri,
CacheBustHash = spa.CacheBustHash
};
viewBagRecord = new ViewBagRecord {
AuthorizeEndpoint = doc.AuthorizeEndpoint,
AuthorizeUrl = url, SpaRecord = mySpaRecord
};
var val = ZeroFormatterSerializer.Serialize(viewBagRecord);
var cacheEntryOptions = new DistributedCacheEntryOptions()
.SetSlidingExpiration(TimeSpan.FromMinutes(5));
_cache.Set(cacheKey, val, cacheEntryOptions);
}
ViewBag.ViewBagRecord = viewBagRecord;
if (!loadedSpas.ContainsKey(id))
{
loadedSpas.Add(id, spa);
SessionCacheManager <Dictionary <string, ExternalSPARecord> >
.Insert(_httpContextAccessor.HttpContext, _loadedSpasKey, loadedSpas);
}
var key = $".extSpa.Session.{viewBagRecord.SpaRecord.Key}";
var customData = SessionCacheManager <string>
.Grab(_httpContextAccessor.HttpContext, key);
ViewBag.CacheBustHash = viewBagRecord.SpaRecord.CacheBustHash;
ViewBag.CustomData = customData;
return(View(spa.View, result));
}