public async Task GetPolicy_TC02()
{
// Arrange
XacmlContextRequest request = new XacmlContextRequest(true, true, GetXacmlContextAttributesWithOrgAndApp(false));
// Act
XacmlPolicy xacmlPolicy = await _prp.GetPolicyAsync(request);
// Assert
Assert.Null(xacmlPolicy);
}
public async Task GetPolicy_TC03()
{
// Arrange
Stream dataStream = File.OpenRead("Data/policy.xml");
_policyRepositoryMock.Setup(p => p.GetPolicyAsync(It.Is <string>(s => s.Equals("org/app/policy.xml")))).ReturnsAsync(dataStream);
XacmlContextRequest request = new XacmlContextRequest(true, true, new List <XacmlContextAttributes>());
// Act & Assert
await Assert.ThrowsAsync <ArgumentException>(() => _prp.GetPolicyAsync(request));
}
private async Task <XacmlContextResponse> Authorize(XacmlContextRequest decisionRequest)
{
decisionRequest = await Enrich(decisionRequest);
XacmlPolicy policy = await GetPolicyAsync(decisionRequest);
PolicyDecisionPoint pdp = new PolicyDecisionPoint();
XacmlContextResponse xacmlContextResponse = pdp.Authorize(decisionRequest, policy);
return(xacmlContextResponse);
}
/// <summary>
/// Updates needed subject information for the Context Request for a specific delegation
/// </summary>
/// <param name="request">The original Xacml Context Request</param>
/// <param name="subjects">The list of PartyIds to be added as subject attributes</param>
public void Enrich(XacmlContextRequest request, List <int> subjects)
{
if (subjects?.Count == 0)
{
return;
}
XacmlContextAttributes subjectContextAttributes = request.GetSubjectAttributes();
subjectContextAttributes.Attributes.Add(GetPartyIdsAttribute(subjects));
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
!string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
!string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = await _instanceService.GetInstance(resourceAttributes.AppValue, resourceAttributes.OrgValue, Convert.ToInt32(resourceAttributes.InstanceValue.Split('/')[0]), new Guid(resourceAttributes.InstanceValue.Split('/')[1]));
if (instanceData != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.OrgAttribute, resourceAttributes.OrgValue, instanceData.Org);
string app = instanceData.AppId.Split("/")[1];
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.AppAttribute, resourceAttributes.AppValue, app);
if (instanceData.Process?.CurrentTask != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.TaskAttribute, resourceAttributes.TaskValue, instanceData.Process.CurrentTask.ElementId);
}
else if (instanceData.Process?.EndEvent != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.EndEventAttribute, null, instanceData.Process.EndEvent);
}
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.PartyAttribute, resourceAttributes.ResourcePartyValue, instanceData.InstanceOwner.PartyId);
resourceAttributes.ResourcePartyValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
public async Task GetPolicy_TC01()
{
// Arrange
await PopulateBlobStorage();
XacmlContextRequest request = new XacmlContextRequest(true, true, GetXacmlContextAttributesWithOrgAndApp());
// Act
XacmlPolicy xacmlPolicy = await _prp.GetPolicyAsync(request);
// Assert
Assert.NotNull(xacmlPolicy);
}
public XacmlPolicy GetPolicy(XacmlContextRequest request)
{
string testID = GetTestId(_httpContextAccessor.HttpContext);
if (!string.IsNullOrEmpty(testID) && testID.ToLower().Contains("altinnapps"))
{
return(ParsePolicy(testID + "Policy.xml", GetAltinnAppsPath()));
}
else
{
return(ParsePolicy(testID + "Policy.xml", GetConformancePath()));
}
}
private async Task <XacmlContextResponse> Authorize(XacmlContextRequest decisionRequest)
{
decisionRequest = await this._contextHandler.Enrich(decisionRequest);
_logger.LogInformation($"// DecisionController // Authorize // Enriched request: {JsonConvert.SerializeObject(decisionRequest)}.");
XacmlPolicy policy = await this._prp.GetPolicyAsync(decisionRequest);
PolicyDecisionPoint pdp = new PolicyDecisionPoint();
XacmlContextResponse xacmlContextResponse = pdp.Authorize(decisionRequest, policy);
_logger.LogInformation($"// DecisionController // Authorize // XACML ContextResponse: {JsonConvert.SerializeObject(xacmlContextResponse)}.");
return(xacmlContextResponse);
}
public async Task GetPolicy_TC02()
{
// Arrange
Stream dataStream = File.OpenRead("Data/policy.xml");
_policyRepositoryMock.Setup(p => p.GetPolicyAsync(It.Is <string>(s => s.Equals("org/app/policy2.xml")))).ReturnsAsync(dataStream);
XacmlContextRequest request = new XacmlContextRequest(true, true, GetXacmlContextAttributesWithOrgAndApp());
// Act
var policy = await _prp.GetPolicyAsync(request);
// Assert
Assert.Null(policy);
}
/// <summary>
/// Converts JSON request.
/// </summary>
/// <param name="xacmlJsonRequest">The JSON Request.</param>
/// <returns></returns>
public static XacmlContextRequest ConvertRequest(XacmlJsonRequest xacmlJsonRequest)
{
Guard.ArgumentNotNull(xacmlJsonRequest, nameof(xacmlJsonRequest));
ICollection <XacmlContextAttributes> contextAttributes = new Collection <XacmlContextAttributes>();
ConvertCategoryAttributes(xacmlJsonRequest.AccessSubject, XacmlConstants.MatchAttributeCategory.Subject, contextAttributes);
ConvertCategoryAttributes(xacmlJsonRequest.Action, XacmlConstants.MatchAttributeCategory.Action, contextAttributes);
ConvertCategoryAttributes(xacmlJsonRequest.Resource, XacmlConstants.MatchAttributeCategory.Resource, contextAttributes);
ConvertCategoryAttributes(xacmlJsonRequest.Category, null, contextAttributes);
XacmlContextRequest xacmlContextRequest = new XacmlContextRequest(false, false, contextAttributes);
return(xacmlContextRequest);
}
public async Task ContextHandler_TC02()
{
// Arrange
string testCase = "AltinnApps0022";
XacmlContextRequest request = TestSetupUtil.CreateXacmlContextRequest(testCase);
XacmlContextRequest expectedEnrichedRequest = TestSetupUtil.GetEnrichedRequest(testCase);
// Act
XacmlContextRequest enrichedRequest = await _contextHandler.Enrich(request);
// Assert
Assert.NotNull(enrichedRequest);
Assert.NotNull(expectedEnrichedRequest);
AssertionUtil.AssertEqual(expectedEnrichedRequest, enrichedRequest);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
!string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
!string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete && !string.IsNullOrEmpty(resourceAttributes.InstanceValue))
{
Instance instanceData = await _policyInformationRepository.GetInstance(resourceAttributes.InstanceValue);
if (instanceData != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.OrgAttribute, resourceAttributes.OrgValue, instanceData.Org);
string app = instanceData.AppId.Split("/")[1];
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.AppAttribute, resourceAttributes.AppValue, app);
if (instanceData.Process?.CurrentTask != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.TaskAttribute, resourceAttributes.TaskValue, instanceData.Process.CurrentTask.ElementId);
}
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.PartyAttribute, resourceAttributes.ResourcePartyValue, instanceData.InstanceOwner.PartyId);
resourceAttributes.ResourcePartyValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
/// <summary>
/// Initializes a new instance of the <see cref="PolicyInformationPoint"/> class.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="requestDoc">The request document.</param>
public PolicyInformationPoint(XacmlContextRequest request, XmlDocument requestDoc)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
if (requestDoc == null)
{
throw new ArgumentNullException(nameof(requestDoc));
}
this.request = request;
this.attributesProcessor = AttributesProcessor.Instance;
this.xpathProcessor = XPathProcessor.Instance;
this.requestDocument = requestDoc;
}
public async Task <XacmlPolicy> GetPolicyAsync(XacmlContextRequest request)
{
string testID = GetTestId(_httpContextAccessor.HttpContext);
if (!string.IsNullOrEmpty(testID) && testID.ToLower().Contains("altinnapps"))
{
if (File.Exists(Path.Combine(GetPolicyPath(request), "policy.xml")))
{
return(await Task.FromResult(ParsePolicy("policy.xml", GetPolicyPath(request))));
}
return(await Task.FromResult(ParsePolicy(testID + "Policy.xml", GetAltinnAppsPath())));
}
else
{
return(await Task.FromResult(ParsePolicy(testID + "Policy.xml", GetConformancePath())));
}
}
public void WriteRequest_11()
{
var s = new XacmlContextSubject(new XacmlContextAttribute(new Uri("uri:action"), new Uri("uri:type"), new XacmlContextAttributeValue()));
var r = new XacmlContextResource(new XacmlContextAttribute(new Uri("uri:action"), new Uri("uri:type"), new XacmlContextAttributeValue()));
var a = new XacmlContextAction(new XacmlContextAttribute(new Uri("uri:action"), new Uri("uri:type"), new XacmlContextAttributeValue()));
var request = new XacmlContextRequest(r, a, s);
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder))
{
var serializer = new Xacml10ProtocolSerializer();
serializer.WriteContextRequest(writer, request);
}
string xml = builder.ToString();
ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd"));
}
public ActionResult Post([FromBody] XacmlRequestApiModel model)
{
XacmlContextRequest request = null;
XacmlContextResponse xacmlContextResponse = null;
try
{
request = ParseApiBody(model);
}
catch (Exception)
{
XacmlContextResult result = new XacmlContextResult(XacmlContextDecision.Indeterminate)
{
Status = new XacmlContextStatus(XacmlContextStatusCode.SyntaxError)
};
xacmlContextResponse = new XacmlContextResponse(result);
}
if (request != null)
{
PolicyDecisionPoint pdp = new PolicyDecisionPoint(_contextHandler, _prp);
xacmlContextResponse = pdp.Authorize(request);
}
string accept = HttpContext.Request.Headers["Accept"];
if (!string.IsNullOrEmpty(accept) && accept.Equals("application/json"))
{
XacmlJsonResponse jsonReponse = XacmlJsonXmlConverter.ConvertResponse(xacmlContextResponse);
return(Ok(jsonReponse));
}
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder))
{
XacmlSerializer.WriteContextResponse(writer, xacmlContextResponse);
}
string xml = builder.ToString();
return(Content(xml));
}
private XacmlContextRequest ParseApiBody(XacmlRequestApiModel model)
{
XacmlContextRequest request = null;
if (Request.ContentType.Contains("application/json"))
{
XacmlJsonRequestRoot jsonRequest;
jsonRequest = (XacmlJsonRequestRoot)JsonConvert.DeserializeObject(model.BodyContent, typeof(XacmlJsonRequestRoot));
request = XacmlJsonXmlConverter.ConvertRequest(jsonRequest.Request);
}
else if (Request.ContentType.Contains("application/xml"))
{
using (XmlReader reader = XmlReader.Create(new StringReader(model.BodyContent)))
{
request = XacmlParser.ReadContextRequest(reader);
}
}
return(request);
}
public async Task <XacmlContextRequest> Enrich(XacmlContextRequest request)
{
string testID = GetTestId(_httpContextAccessor.HttpContext);
if (!string.IsNullOrEmpty(testID) && testID.ToLower().Contains("altinnapps"))
{
await EnrichResourceAttributes(request);
}
else
{
try
{
return(ParseRequest(testID + "Request_Enriched.xml", GetConformancePath()));
}
catch (Exception)
{
}
}
return(request);
}
/// <inheritdoc/>
public async Task <XacmlPolicy> GetPolicyAsync(XacmlContextRequest request)
{
string policyPath = GetPolicyPath(request);
if (!_memoryCache.TryGetValue(policyPath, out XacmlPolicy policy))
{
// Key not in cache, so get data.
using (Stream policyStream = await _repository.GetPolicyAsync(policyPath))
{
policy = (policyStream.Length > 0) ? ParsePolicy(policyStream) : null;
}
var cacheEntryOptions = new MemoryCacheEntryOptions()
.SetPriority(CacheItemPriority.High)
.SetAbsoluteExpiration(new TimeSpan(0, _generalSettings.PolicyCacheTimeout, 0));
_memoryCache.Set(policyPath, policy, cacheEntryOptions);
}
return(policy);
}
public async Task ContextHandler_TC05()
{
// Arrange
string testCase = "AltinnApps0004";
XacmlContextRequest request = TestSetupUtil.CreateXacmlContextRequest(testCase);
XacmlContextRequest expectedEnrichedRequest = TestSetupUtil.GetEnrichedRequest(testCase);
// Act
List <Role> roles = TestSetupUtil.GetRoles(1, 1000);
_rolesMock.Setup(p => p.GetDecisionPointRolesForUser(It.Is <int>(s => s.Equals(1)), It.Is <int>(p => p.Equals(1000)))).ReturnsAsync(roles);
XacmlContextRequest enrichedRequest = await _contextHandler.Enrich(request);
// Assert
Assert.NotNull(enrichedRequest);
Assert.NotNull(expectedEnrichedRequest);
AssertionUtil.AssertEqual(expectedEnrichedRequest, enrichedRequest);
}
public async Task <XacmlJsonResponse> GetDecisionForRequest(XacmlJsonRequestRoot xacmlJsonRequest)
{
try
{
XacmlContextRequest decisionRequest = XacmlJsonXmlConverter.ConvertRequest(xacmlJsonRequest.Request);
decisionRequest = await Enrich(decisionRequest);
Altinn.Authorization.ABAC.PolicyDecisionPoint pdp = new Altinn.Authorization.ABAC.PolicyDecisionPoint();
XacmlPolicy policy = await GetPolicyAsync(decisionRequest);
XacmlContextResponse contextResponse = pdp.Authorize(decisionRequest, policy);
return(XacmlJsonXmlConverter.ConvertResponse(contextResponse));
}
catch
{
}
return(null);
}
private XacmlContextResponse SetuUpPolicyDecisionPoint(string testCase, bool contextRequstIsEnriched)
{
XacmlContextRequest contextRequest = XacmlTestDataParser.ParseRequest(testCase + "Request.xml", GetAltinnAppsPath());
XacmlContextRequest contextRequestEnriched = contextRequest;
if (contextRequstIsEnriched)
{
contextRequestEnriched = XacmlTestDataParser.ParseRequest(testCase + "Request_Enriched.xml", GetAltinnAppsPath());
}
XacmlPolicy policy = XacmlTestDataParser.ParsePolicy(testCase + "Policy.xml", GetAltinnAppsPath());
Moq.Mock <IContextHandler> moqContextHandler = new Mock <IContextHandler>();
moqContextHandler.Setup(c => c.Enrich(It.IsAny <XacmlContextRequest>())).ReturnsAsync(contextRequestEnriched);
PolicyDecisionPoint pdp = new PolicyDecisionPoint();
XacmlContextResponse xacmlResponse = pdp.Authorize(contextRequestEnriched, policy);
return(xacmlResponse);
}
/// <summary>
/// Returns the list of rules that matched the ContextRequest.
/// </summary>
/// <param name="policy">The policy.</param>
/// <param name="decisionRequest">The decision request.</param>
/// <param name="requiredAttributeMissing">Tels if a required attribute is missing.</param>
/// <returns>All rules that are matching.</returns>
private ICollection <XacmlRule> GetMatchingRules(XacmlPolicy policy, XacmlContextRequest decisionRequest, out bool requiredAttributeMissing)
{
ICollection <XacmlRule> matchingRules = new Collection <XacmlRule>();
requiredAttributeMissing = false;
foreach (XacmlRule rule in policy.Rules)
{
XacmlAttributeMatchResult resourceMatch = rule.MatchAttributes(decisionRequest, XacmlConstants.MatchAttributeCategory.Resource);
XacmlAttributeMatchResult actionMatch = rule.MatchAttributes(decisionRequest, XacmlConstants.MatchAttributeCategory.Action);
if (resourceMatch.Equals(XacmlAttributeMatchResult.Match) && actionMatch.Equals(XacmlAttributeMatchResult.Match))
{
matchingRules.Add(rule);
}
else if (resourceMatch.Equals(XacmlAttributeMatchResult.RequiredAttributeMissing) || actionMatch.Equals(XacmlAttributeMatchResult.RequiredAttributeMissing))
{
requiredAttributeMissing = true;
}
}
return(matchingRules);
}
/// <summary>
/// Finds the correct policy path based on a XacmlContextRequest
/// </summary>
/// <param name="request">Xacml context request to use for finding the org and app for building the path</param>
/// <returns></returns>
public static string GetPolicyPath(XacmlContextRequest request)
{
string org = string.Empty;
string app = string.Empty;
foreach (XacmlContextAttributes attr in request.Attributes.Where(attr => attr.Category.OriginalString.Equals(XacmlConstants.MatchAttributeCategory.Resource)))
{
foreach (XacmlAttribute asd in attr.Attributes)
{
if (asd.AttributeId.OriginalString.Equals(AltinnXacmlConstants.MatchAttributeIdentifiers.OrgAttribute))
{
org = asd.AttributeValues.FirstOrDefault().Value;
}
if (asd.AttributeId.OriginalString.Equals(AltinnXacmlConstants.MatchAttributeIdentifiers.AppAttribute))
{
app = asd.AttributeValues.FirstOrDefault().Value;
}
}
}
return(GetAltinnAppsPolicyPath(org, app));
}
public async Task ContextHandler_TC02()
{
// Arrange
string testCase = "AltinnApps0002";
XacmlContextRequest request = TestSetupUtil.CreateXacmlContextRequest(testCase);
XacmlContextRequest expectedEnrichedRequest = TestSetupUtil.GetEnrichedRequest(testCase);
// Act
Instance instance = TestSetupUtil.GetInstanceData("26133fb5-a9f2-45d4-90b1-f6d93ad40713.json");
List <Role> roles = TestSetupUtil.GetRoles(1, 1000);
_policyInformationRepositoryMock.Setup(p => p.GetInstance(It.Is <string>(s => s.Equals("1000/26133fb5-a9f2-45d4-90b1-f6d93ad40713")))).ReturnsAsync(instance);
_rolesMock.Setup(p => p.GetDecisionPointRolesForUser(It.Is <int>(s => s.Equals(1)), It.Is <int>(p => p.Equals(1000)))).ReturnsAsync(roles);
XacmlContextRequest enrichedRequest = await _contextHandler.Enrich(request);
// Assert
Assert.NotNull(enrichedRequest);
Assert.NotNull(expectedEnrichedRequest);
AssertionUtil.AssertEqual(expectedEnrichedRequest, enrichedRequest);
}
public async Task ContextHanler_TC01()
{
// Arrange
string testCase = "AltinnApps0001";
XacmlContextRequest request = TestSetupUtil.CreateXacmlContextRequest(testCase);
XacmlContextRequest expectedEnrichedRequest = TestSetupUtil.GetEnrichedRequest(testCase);
// Act
Instance instance = TestSetupUtil.GetInstanceData("7dd3c208-0062-4ff6-9ef7-2384e9199a6c.json");
List <Role> roles = TestSetupUtil.GetRoles(1, 1000);
_policyInformationRepositoryMock.Setup(p => p.GetInstance(It.Is <string>(s => s.Equals("1000/7dd3c208-0062-4ff6-9ef7-2384e9199a6c")))).ReturnsAsync(instance);
_rolesMock.Setup(p => p.GetDecisionPointRolesForUser(It.Is <int>(s => s.Equals(1)), It.Is <int>(p => p.Equals(1000)))).ReturnsAsync(roles);
XacmlContextRequest enrichedRequest = await _contextHandler.Enrich(request);
// Assert
Assert.NotNull(enrichedRequest);
Assert.NotNull(expectedEnrichedRequest);
AssertionUtil.AssertEqual(expectedEnrichedRequest, enrichedRequest);
}
private async Task EnrichSubjectAttributes(XacmlContextRequest request, string resourceParty)
{
XacmlContextAttributes subjectContextAttributes = request.GetSubjectAttributes();
int subjectUserId = 0;
int resourcePartyId = Convert.ToInt32(resourceParty);
foreach (XacmlAttribute xacmlAttribute in subjectContextAttributes.Attributes)
{
if (xacmlAttribute.AttributeId.OriginalString.Equals(_userAttributeId))
{
subjectUserId = Convert.ToInt32(xacmlAttribute.AttributeValues.First().Value);
}
}
if (subjectUserId == 0)
{
return;
}
List <Role> roleList = await _rolesWrapper.GetDecisionPointRolesForUser(subjectUserId, resourcePartyId) ?? new List <Role>();
subjectContextAttributes.Attributes.Add(GetRoleAttribute(roleList));
}
private async Task <XacmlJsonResponse> Authorize(XacmlJsonRequest decisionRequest)
{
if (decisionRequest.MultiRequests == null || decisionRequest.MultiRequests.RequestReference == null ||
decisionRequest.MultiRequests.RequestReference.Count < 2)
{
XacmlContextRequest request = XacmlJsonXmlConverter.ConvertRequest(decisionRequest);
XacmlContextResponse xmlResponse = await Authorize(request);
return(XacmlJsonXmlConverter.ConvertResponse(xmlResponse));
}
else
{
XacmlJsonResponse multiResponse = new XacmlJsonResponse();
foreach (XacmlJsonRequestReference xacmlJsonRequestReference in decisionRequest.MultiRequests.RequestReference)
{
XacmlJsonRequest jsonMultiRequestPart = new XacmlJsonRequest();
foreach (string refer in xacmlJsonRequestReference.ReferenceId)
{
List <XacmlJsonCategory> resourceCategoriesPart = decisionRequest.Resource.Where(i => i.Id.Equals(refer)).ToList();
if (resourceCategoriesPart.Count > 0)
{
if (jsonMultiRequestPart.Resource == null)
{
jsonMultiRequestPart.Resource = new List <XacmlJsonCategory>();
}
jsonMultiRequestPart.Resource.AddRange(resourceCategoriesPart);
}
List <XacmlJsonCategory> subjectCategoriesPart = decisionRequest.AccessSubject.Where(i => i.Id.Equals(refer)).ToList();
if (subjectCategoriesPart.Count > 0)
{
if (jsonMultiRequestPart.AccessSubject == null)
{
jsonMultiRequestPart.AccessSubject = new List <XacmlJsonCategory>();
}
jsonMultiRequestPart.AccessSubject.AddRange(subjectCategoriesPart);
}
List <XacmlJsonCategory> actionCategoriesPart = decisionRequest.Action.Where(i => i.Id.Equals(refer)).ToList();
if (actionCategoriesPart.Count > 0)
{
if (jsonMultiRequestPart.Action == null)
{
jsonMultiRequestPart.Action = new List <XacmlJsonCategory>();
}
jsonMultiRequestPart.Action.AddRange(actionCategoriesPart);
}
}
XacmlContextResponse partResponse = await Authorize(XacmlJsonXmlConverter.ConvertRequest(jsonMultiRequestPart));
XacmlJsonResponse xacmlJsonResponsePart = XacmlJsonXmlConverter.ConvertResponse(partResponse);
if (multiResponse.Response == null)
{
multiResponse.Response = new List <XacmlJsonResult>();
}
multiResponse.Response.Add(xacmlJsonResponsePart.Response.First());
}
return(multiResponse);
}
}
private async Task <XacmlPolicy> GetPolicyAsync(XacmlContextRequest request)
{
XacmlPolicy xacmlPolicy = ParsePolicy("policy.xml", GetPolicyPath(request));
return(await Task.FromResult(xacmlPolicy));
}
public async Task <XacmlContextRequest> Enrich(XacmlContextRequest request)
{
await EnrichResourceAttributes(request);
return(request);
}
