public async Task <ClaimsDto> GetClaims()
{
var claimsDto = new ClaimsDto();
//claimsDto.AllClaims = this._claimsManager.GetAll().ToList();
// 已登录
if (_appSession.UserId.HasValue)
{
var userIdString = _appSession.UserId.Value.ToString();
var userClaims = (await _userManager.GetClaimsByUserIdAsync(userIdString))
.Select(o => o.Value);
var userRoleNames = (await _userManager.GetRolesByUserIdAsync(userIdString));
var roleClaims = (await _roleManager.GetClaimsByRoleNamesAsync(userRoleNames.ToArray()))
.Select(o => o.Value);
claimsDto.GrantedClaims = userClaims.Union(roleClaims).Distinct().ToList();
}
else // 未登录
{
claimsDto.GrantedClaims = new List <string>();
}
return(claimsDto);
}
public IActionResult CreateClaim([FromBody] string email)
{
_logger.LogInformation("Processing GetExpenseForCostCenter Request");
string requestXML = _removeInvalidCharFromXML.GetCleanXML(email);
ClaimsDto processClaim = new ClaimsDto();
XDocument docx = XDocument.Parse(requestXML.ToString());
processClaim.costCenter = docx.Descendants("cost_centre")?.FirstOrDefault().Value.Length > 0 ?
docx.Descendants("cost_centre")?.FirstOrDefault().Value :
"UNKNOWN";
processClaim.total = docx.Descendants("total").FirstOrDefault().Value;
processClaim.PaymentMethod = docx.Descendants("payment_method").FirstOrDefault().Value;
processClaim.Description = docx.Descendants("description").FirstOrDefault().Value;
processClaim.Vendor = docx.Descendants("vendor").FirstOrDefault().Value;
processClaim.date = DateTime.Parse(docx.Descendants("date").FirstOrDefault().Value);
//If user input is not valid - Send Status code 400 Bad request
if (processClaim == null)
{
_logger.LogError("Invalid user request. Sending 400 Bad Request");
return(BadRequest());
}
_logger.LogError("User request - {@processClaim}");
TryValidateModel(processClaim);
if (!ModelState.IsValid)
{
_logger.LogError("Invalid user request. Sending 422 Sstatus Request");
return(new UnprocessableEntityObjectResult(ModelState));
}
var claimexpense = Mapper.Map <Expenses>(processClaim);
_claimRepository.AddClaim(claimexpense);
//Incase save fails, send 500 Status to the Client.
if (!_claimRepository.Save())
{
_logger.LogError("Request failed to save {@claimexpense}");
throw new Exception("Fail to add new Claim");
}
var claimToReturn = Mapper.Map <ClaimsDto>(claimexpense);
_logger.LogError("Completed Request, Return status code 201");
//Return url with status code 201 Created. In postman under Header section there should be Location Url created
return(CreatedAtRoute("GetExpense", new { id = new Guid(claimToReturn.Id) }, claimToReturn));
}
private async Task <User> CreateNewUser(ClaimsDto claimsDto)
{
var user = new User
{
Id = Guid.NewGuid(),
DisplayName = claimsDto.Claims["name"].ToString(),
Avatar = claimsDto.Claims["picture"].ToString(),
DateOfCreation = DateTime.Now,
GoogleId = claimsDto.Claims["user_id"].ToString(),
Email = claimsDto.Claims["email"].ToString()
};
_authContext.Users.Add(user);
await _authContext.SaveChangesAsync();
return(user);
}
private void SendMailApprovalReject(ClaimsDto claim, int status)
{
try
{
if (status != 1)
{
var template = _iClaimHelper.GetMailTemplate(status == 3 ? 1 : 2);
var msg = new MailMessage();
//Sender e-mail address.
msg.From = new MailAddress("*****@*****.**");
msg.Subject = template.Subject;
var body = template.TemplateBody.Replace("@CustomerName", claim.CustomersDto.CustomerName);
body = body.Replace("@SrNumber", claim.SrNumber);
msg.Body = body;
msg.To.Add(
"[email protected],[email protected]");
msg.IsBodyHtml = true;
//your remote SMTP server IP.
var smtp = new SmtpClient
{
Host = "smtp.gmail.com",
Port = 587,
Credentials =
new System.Net.NetworkCredential("*****@*****.**", "accessaxis"),
EnableSsl = true
};
smtp.Send(msg);
msg = null;
}
}
catch (Exception ex)
{
}
}
public async Task <ClaimsDto> VerifyTokenAsync(string jwt)
{
try
{
var token = await _firebaseApp.VerifyIdTokenAsync(jwt);
var claimsDto = new ClaimsDto
{
Subject = token.Subject,
Audience = token.Audience,
Issuer = token.Issuer,
ExpirationTimeSeconds = token.ExpirationTimeSeconds,
IssuedAtTimeSeconds = token.IssuedAtTimeSeconds,
Claims = token.Claims
};
return(claimsDto);
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
}
public async Task <IActionResult> UpdateClaims([FromBody] ClaimsDto entity)
{
var user = await _userManager.FindByIdAsync(entity.UserId);
if (user == null)
{
return(NotFound());
}
var removeClaims = new List <UserClaim>();
foreach (var claim in user.Claims ?? new List <UserClaim>())
{
if (claim.Type != JwtClaimTypes.Subject || claim.Type != JwtClaimTypes.Role)
{
continue;
}
if (!entity.Claims.Contains(claim.Value, StringComparer.OrdinalIgnoreCase))
{
removeClaims.Add(claim);
}
}
foreach (var claim in removeClaims)
{
await _userManager.RemoveClaimAsync(user, claim);
}
foreach (string newClaim in entity.Claims)
{
if (!user.Claims.Any(tbl => (tbl.Type == JwtClaimTypes.Role || tbl.Type == JwtClaimTypes.Subject) && tbl.Value.ToLower() == newClaim.ToLower()))
{
await _userManager.AddClaimAsync(user, new UserClaim(JwtClaimTypes.Role, newClaim));
}
}
// clean after
// converting subs to roles, and reserving sub for user id
var swapClaims = new List <UserClaim>();
var dupeClaims = new List <UserClaim>();
foreach (var c in user.Claims ?? new List <UserClaim>())
{
if (c.Type == JwtClaimTypes.Subject)
{
if (user.Claims.Any(claim => (claim.Type == JwtClaimTypes.Role && claim.Value == c.Value)))
{
dupeClaims.Add(c);
}
else
{
swapClaims.Add(c);
}
}
}
// Remove dupes
foreach (var claim in dupeClaims)
{
await _userManager.RemoveClaimAsync(user, claim);
}
// Add swap claims
foreach (var claim in swapClaims)
{
await _userManager.AddClaimAsync(user, new UserClaim(JwtClaimTypes.Role, claim.Value));
}
return(Ok(entity));
}
