public async Task <IHttpActionResult> PutDevice([FromBody] int id, [FromBody] Device device)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != device.id)
{
return(BadRequest());
}
db.Entry(device).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!DeviceExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
private AppModel Translate(AuthApp dbRecord)
{
return(new AppModel
{
ClientId = dbRecord.ClientId,
ClientSecret = dbRecord.ClientSecret,
Name = dbRecord.Name,
AllowImplicit = dbRecord.AllowImplicit,
AllowAuthCode = dbRecord.AllowAuthCode,
AllowClientCredentials = dbRecord.AllowClientCredentials,
RedirectUri = dbRecord.RedirectUri,
UserId = dbRecord.UserId,
DateCreated = dbRecord.DateCreated,
DateUpdated = dbRecord.DateUpdated,
UpdateBy = dbRecord.UpdatedBy,
});
}
public override async Task <AddGroupToAppReply> AddGroupToApp(AddGroupToAppRequest request, ServerCallContext context)
{
Guid groupId = new Guid(request.GroupId);
UserGroup group = await _authDbContext.UserGroup
.SingleAsync(g => g.Id == groupId);
Guid appId = new Guid(request.AppId);
AuthApp app = await _authDbContext.AuthApp
.Include(a => a.UserGroups)
.SingleAsync(a => a.Id == appId);
app.UserGroups.Add(group);
await _authDbContext.SaveChangesAsync();
return(new AddGroupToAppReply {
Success = true
});
}
// GET: api/Users
public async Task <IHttpActionResult> GetClientUsers()
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
return(Ok(await db.ClientUsers.ToListAsync()));
}
public override async Task <SaveAppInformationReply> SaveAppInformation(SaveAppInformationRequest request, ServerCallContext context)
{
Guid appId = new Guid(request.AppId);
AuthApp app = await _authDbContext
.AuthApp
.SingleAsync(a => a.Id == appId);
app.Name = request.Name;
app.Description = request.Description;
if (app.HostingType != AuthApp.HostingTypeEnum.NON_WEB)
{
app.Url = request.Url;
}
await _authDbContext.SaveChangesAsync();
return(new SaveAppInformationReply
{
Success = true,
});
}
public override async Task <GetAppDetailsReply> GetAppDetails(GetAppDetailsRequest request, ServerCallContext context)
{
Guid userId = new Guid(_userManager.GetUserId(context.GetHttpContext().User));
Guid appId = new Guid(request.Id);
AuthApp app = await _authDbContext.AuthApp
.Include(a => a.OidcAppSettings)
.Include(a => a.ProxyAppSettings)
.Where(a => a.UserGroups.Any(u => u.Members.Any(m => m.Id == userId)))
.SingleAsync(a => a.Id == appId);
GetAppDetailsReply reply = new GetAppDetailsReply
{
Id = app.Id.ToString(),
Name = app.Name,
Description = app.Description,
LoginUrl = app.Url,
HasLdapAuth = (app.AuthMethod == AuthApp.AuthMethodEnum.LDAP),
};
return(reply);
}
public async override Task <AppModel> Create(AppModel entity)
{
var dbRecord = new AuthApp
{
ClientId = entity.ClientId,
ClientSecret = entity.ClientSecret,
Name = entity.Name,
AllowImplicit = entity.AllowImplicit,
AllowAuthCode = entity.AllowAuthCode,
AllowClientCredentials = entity.AllowClientCredentials,
RedirectUri = entity.RedirectUri,
UserId = entity.UserId,
DateCreated = DateTime.UtcNow,
DateUpdated = DateTime.UtcNow,
UpdatedBy = entity.UpdateBy,
};
Uow.DbContext.App.Add(dbRecord);
await Uow.SaveChanges();
return(Translate(dbRecord));
}
public async Task <IHttpActionResult> GetIngredient([FromBody] SearchIngredient search)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
List <Ingredient> ingredients = db.Ingredients.ToList();
List <Ingredient> foundIngredients = new List <Ingredient>();
foreach (Ingredient i in ingredients)
{
foreach (String words in search.searchWords)
{
if (i.text.Contains(words))
{
foundIngredients.Add(i);
}
}
}
//if (ingredient == null)
//{
// return NotFound();
//}
return(Ok(foundIngredients));
}
public async Task <IHttpActionResult> GetDevice(int id)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
Device device = await db.Devices.FindAsync(id);
if (device == null)
{
return(NotFound());
}
return(Ok(device));
}
public override async Task <AddNewAppReply> AddNewApp(AddNewAppRequest request, ServerCallContext context)
{
AuthApp app = new AuthApp
{
Name = request.Name,
Url = request.Url,
Description = request.Description,
};
_authDbContext.Add(app);
switch (request.HostingType)
{
case HostingType.NonWeb:
app.HostingType = AuthApp.HostingTypeEnum.NON_WEB;
break;
case HostingType.WebGatekeeperProxy:
app.HostingType = AuthApp.HostingTypeEnum.WEB_GATEKEEPER_PROXY;
break;
case HostingType.WebGeneric:
app.HostingType = AuthApp.HostingTypeEnum.WEB_GENERIC;
break;
default:
throw new NotImplementedException("Auth mode is not implemented");
}
switch (request.DirectoryChoice)
{
case AddNewAppRequest.Types.DirectoryChoice.NoneDirectory:
app.DirectoryMethod = AuthApp.DirectoryMethodEnum.NONE;
break;
case AddNewAppRequest.Types.DirectoryChoice.LdapDirectory:
app.DirectoryMethod = AuthApp.DirectoryMethodEnum.LDAP;
break;
case AddNewAppRequest.Types.DirectoryChoice.ScimDirectory:
app.DirectoryMethod = AuthApp.DirectoryMethodEnum.SCIM;
break;
}
switch (request.AuthChoice)
{
case AddNewAppRequest.Types.AuthChoice.LdapAuth:
app.AuthMethod = AuthApp.AuthMethodEnum.LDAP;
break;
case AddNewAppRequest.Types.AuthChoice.OidcAuth:
app.AuthMethod = AuthApp.AuthMethodEnum.OIDC;
break;
}
if (app.AuthMethod == AuthApp.AuthMethodEnum.LDAP || app.DirectoryMethod == AuthApp.DirectoryMethodEnum.LDAP)
{
string assembledBaseDn = "dc=" + app.Id;
string bindUserPassword = _ldapSettingsDataProtector.Protect(_secureRandom.GetRandomString(16));
string bindUser = "******" + assembledBaseDn;
LdapAppSettings ldapAppSettings = new LdapAppSettings
{
AuthApp = app,
UseForAuthentication = (app.AuthMethod == AuthApp.AuthMethodEnum.LDAP),
UseForIdentity = (app.DirectoryMethod == AuthApp.DirectoryMethodEnum.LDAP),
BaseDn = assembledBaseDn,
BindUser = bindUser,
BindUserPassword = bindUserPassword,
};
_authDbContext.Add(ldapAppSettings);
app.LdapAppSettings = ldapAppSettings;
}
if (app.HostingType == AuthApp.HostingTypeEnum.WEB_GATEKEEPER_PROXY)
{
ProxyAppSettings proxyAppSettings = new ProxyAppSettings
{
AuthApp = app,
InternalHostname = request.ProxySetting.InternalHostname,
PublicHostname = request.ProxySetting.PublicHostname,
};
_authDbContext.Add(proxyAppSettings);
app.ProxyAppSettings = proxyAppSettings;
_configurationProvider.TryGet("tls.acme.support", out string isAcmeSupported);
if (isAcmeSupported == "true")
{
// FIXME: Passing an empty email is a hack here. The email is already passed in InstallService. Could be refactored.
BackgroundJob.Enqueue <IRequestAcmeCertificateJob>(job => job.Request("", request.ProxySetting.PublicHostname));
}
}
if (app.AuthMethod == AuthApp.AuthMethodEnum.OIDC)
{
OIDCAppSettings oidcAppSettings = new OIDCAppSettings
{
RedirectUrl = request.OidcSetting.RedirectUri,
AuthApp = app,
ClientId = Guid.NewGuid().ToString(),
ClientSecret = _secureRandom.GetRandomString(32),
Audience = "FIX_ME",
};
_authDbContext.Add(oidcAppSettings);
app.OidcAppSettings = oidcAppSettings;
}
if (app.DirectoryMethod == AuthApp.DirectoryMethodEnum.SCIM)
{
SCIMAppSettings scimAppSettings = new SCIMAppSettings
{
AuthApp = app,
Endpoint = request.ScimSetting.Endpoint,
Credentials = request.ScimSetting.Credentials,
};
_authDbContext.Add(scimAppSettings);
app.ScimAppSettings = scimAppSettings;
}
foreach (string groupId in request.GroupIds)
{
Guid groupIdGuid = new Guid(groupId);
UserGroup group = await _authDbContext.UserGroup
.Include(g => g.AuthApps)
.SingleAsync(g => g.Id == groupIdGuid);
group.AuthApps.Add(app);
}
await _authDbContext.SaveChangesAsync();
// fixme: this should be done outside a service
await _memoryPopulator.PopulateFromDatabase();
return(new AddNewAppReply
{
Success = true,
});
}
public override async Task <AppDetailReply> GetAppDetails(AppDetailRequest request, ServerCallContext context)
{
AuthApp app = await _authDbContext.AuthApp
.Include(a => a.LdapAppSettings)
.Include(a => a.UserGroups)
.Include(a => a.LdapAppSettings)
.Include(a => a.OidcAppSettings)
.Include(a => a.ProxyAppSettings)
.Include(a => a.ScimAppSettings)
.SingleAsync(f => f.Id == new Guid(request.Id));
AppDetailReply reply = new AppDetailReply
{
Id = app.Id.ToString(),
Name = app.Name,
Description = app.Description,
Url = app.Url,
};
switch (app.DirectoryMethod)
{
case AuthApp.DirectoryMethodEnum.NONE:
break;
case AuthApp.DirectoryMethodEnum.LDAP:
reply.LdapDirectorySetting = new AppDetailReply.Types.LdapDirectorySetting
{
BaseDn = app.LdapAppSettings.BaseDn,
Password = _ldapSettingsDataProtector.Unprotect(app.LdapAppSettings.BindUserPassword),
Username = app.LdapAppSettings.BindUser,
};
break;
case AuthApp.DirectoryMethodEnum.SCIM:
reply.ScimDirectorySetting = new AppDetailReply.Types.ScimDirectorySetting
{
Credentials = app.ScimAppSettings.Credentials,
Endpoint = app.ScimAppSettings.Endpoint,
};
break;
}
switch (app.HostingType)
{
case AuthApp.HostingTypeEnum.WEB_GENERIC:
reply.HostingType = HostingType.WebGeneric;
break;
case AuthApp.HostingTypeEnum.WEB_GATEKEEPER_PROXY:
reply.HostingType = HostingType.WebGatekeeperProxy;
reply.ProxyAuthSetting = new AppDetailReply.Types.ProxyAuthSetting
{
InternalHostname = app.ProxyAppSettings.InternalHostname,
PublicHostname = app.ProxyAppSettings.PublicHostname,
};
if (app.ProxyAppSettings.EndpointsWithoutAuth != null)
{
reply.ProxyAuthSetting.PublicEndpoints.AddRange(app.ProxyAppSettings.EndpointsWithoutAuth);
}
break;
case AuthApp.HostingTypeEnum.NON_WEB:
reply.HostingType = HostingType.NonWeb;
break;
}
switch (app.AuthMethod)
{
case AuthApp.AuthMethodEnum.LDAP:
reply.LdapAuthSetting = new AppDetailReply.Types.LdapAuthSetting
{
BaseDn = app.LdapAppSettings.BaseDn,
};
break;
case AuthApp.AuthMethodEnum.OIDC:
reply.OidcAuthSetting = new AppDetailReply.Types.OidcAuthSetting
{
ClientId = app.OidcAppSettings.ClientId,
ClientSecret = app.OidcAppSettings.ClientSecret,
RedirectUri = app.OidcAppSettings.RedirectUrl,
};
break;
}
foreach (UserGroup group in app.UserGroups)
{
GrantedAppGroup appGroup = new GrantedAppGroup
{
Id = group.Id.ToString(),
Name = group.Name,
};
reply.Groups.Add(appGroup);
}
return(reply);
}
