private async Task RevokeCredential(Credential credential, CredentialRevocationSource revocationSourceKey, bool commitChanges) { credential.Expires = _dateTimeProvider.UtcNow; credential.RevocationSourceKey = revocationSourceKey; if (commitChanges) { await Entities.SaveChangesAsync(); } }
public async Task RevokeApiKeyCredential(Credential apiKeyCredential, CredentialRevocationSource revocationSourceKey, bool commitChanges = true) { if (apiKeyCredential == null) { throw new ArgumentNullException(nameof(apiKeyCredential)); } if (!IsActiveApiKeyCredential(apiKeyCredential)) { // Revoking not active API key credential is not allowed. throw new InvalidOperationException(string.Format( CultureInfo.CurrentCulture, ServicesStrings.RevokeCredential_UnrevocableApiKeyCredential, apiKeyCredential.Key)); } await Auditing.SaveAuditRecordAsync( new UserAuditRecord(user : apiKeyCredential.User, action : AuditedUserAction.RevokeCredential, affected : apiKeyCredential, revocationSource : Enum.GetName(typeof(CredentialRevocationSource), revocationSourceKey))); await RevokeCredential(apiKeyCredential, revocationSourceKey, commitChanges); }
public void GivenRevocableApiKey_ItReturnsResultWithApiKeyViewModel(string apiKeyType, CredentialRevocationSource revocationSourceKey, string leakedUrl) { // Arrange var revocationSource = Enum.GetName(typeof(CredentialRevocationSource), revocationSourceKey); var verifyQuery = "{\"ApiKey\":\"apiKey1\",\"LeakedUrl\":\"" + leakedUrl + "\",\"RevocationSource\":\"" + revocationSource + "\"}"; _authenticationService.Setup(x => x.GetApiKeyCredential(It.IsAny <string>())) .Returns(() => new Credential()); _authenticationService.Setup(x => x.DescribeCredential(It.IsAny <Credential>())) .Returns(GetApiKeyCredentialViewModel(apiKeyType, null)); _authenticationService.Setup(x => x.IsActiveApiKeyCredential(It.IsAny <Credential>())) .Returns(true); var apiKeysController = GetController <ApiKeysController>(); // Act var result = apiKeysController.Verify(verifyQuery); // Assert var jsonResult = Assert.IsType <JsonResult>(result); Assert.Equal((int)HttpStatusCode.OK, apiKeysController.Response.StatusCode); var apiKeyRevokeViewModels = Assert.IsType <List <ApiKeyRevokeViewModel> >(jsonResult.Data); Assert.Equal(1, apiKeyRevokeViewModels.Count); var apiKeyRevokeViewModel = Assert.IsType <ApiKeyRevokeViewModel>(apiKeyRevokeViewModels[0]); Assert.Equal(apiKeyType, apiKeyRevokeViewModel.ApiKeyViewModel.Type); Assert.Equal("apiKey1", apiKeyRevokeViewModel.ApiKey); Assert.Equal(revocationSource, apiKeyRevokeViewModel.RevocationSource); Assert.Equal(leakedUrl, apiKeyRevokeViewModel.LeakedUrl); Assert.True(apiKeyRevokeViewModel.IsRevocable); _authenticationService.Verify(x => x.GetApiKeyCredential(It.IsAny <string>()), Times.Once); _authenticationService.Verify(x => x.DescribeCredential(It.IsAny <Credential>()), Times.Once); _authenticationService.Verify(x => x.IsActiveApiKeyCredential(It.IsAny <Credential>()), Times.Once); }