/// <summary>
/// Creates a new connection instance used to make requests of the Sulekha Property API.
/// </summary>
/// <param name="baseAddress">The address to point this client to, such as https://api.tookanapp.com:8888.</param>
/// <param name="credentialStore">Provides credentials to the client when making requests</param>
/// <param name="httpClient">A raw <see cref="IHttpClient"/> used to make requests</param>
/// <param name="serializer">Class used to serialize and deserialize JSON requests</param>
/// <param name="jsonPipeline">Json Pipeline used to serialize and deserialize.</param>
public Connection(
Uri baseAddress,
ICredentialStore credentialStore,
IHttpClient httpClient,
ISerializationService serializer,
IJsonHttpPipeline jsonPipeline)
{
Ensure.ArgumentIsNotNull(baseAddress, nameof(baseAddress));
Ensure.ArgumentIsNotNull(credentialStore, nameof(credentialStore));
Ensure.ArgumentIsNotNull(httpClient, nameof(httpClient));
Ensure.ArgumentIsNotNull(serializer, nameof(serializer));
Ensure.ArgumentIsNotNull(jsonPipeline, nameof(jsonPipeline));
if (!baseAddress.IsAbsoluteUri)
{
throw new ArgumentException(
string.Format(CultureInfo.InvariantCulture, "The base address '{0}' must be an absolute URI",
baseAddress), nameof(baseAddress));
}
BaseAddress = baseAddress;
_authenticator = new Authenticator(credentialStore);
_httpClient = httpClient;
_jsonPipeline = jsonPipeline;
}
internal NuGetUpgrader(
string currentVersion,
ITracer tracer,
bool dryRun,
bool noVerify,
PhysicalFileSystem fileSystem,
NuGetUpgraderConfig config,
NuGetFeed nuGetFeed,
ICredentialStore credentialStore,
ProductUpgraderPlatformStrategy productUpgraderPlatformStrategy)
: base(
currentVersion,
tracer,
dryRun,
noVerify,
fileSystem,
productUpgraderPlatformStrategy)
{
this.nuGetUpgraderConfig = config;
this.nuGetFeed = nuGetFeed;
this.credentialStore = credentialStore;
// Extract the folder inside ProductUpgraderInfo.GetAssetDownloadsPath to ensure the
// correct ACLs are in place
this.ExtractedInstallerPath = Path.Combine(
ProductUpgraderInfo.GetAssetDownloadsPath(),
ExtractedInstallerDirectoryName);
}
/// <summary>
/// Creates a new <see cref="BasicAuthentication"/> object with an underlying credential store.
/// </summary>
/// <param name="credentialStore">
/// The <see cref="ICredentialStore"/> to delegate to.
/// </param>
public BasicAuthentication(ICredentialStore credentialStore)
{
if (credentialStore == null)
throw new ArgumentNullException("credentialStore", "The `credentialStore` parameter is null or invalid.");
this.CredentialStore = credentialStore;
}
public async Task <List <string> > GetVersions(Dictionary <string, object> projectExtraProperties, string documentName)
{
try
{
var token = projectExtraProperties["GithubAccessToken"]?.ToString();
ICredentialStore credentialStore = token.IsNullOrWhiteSpace()
? null
: new InMemoryCredentialStore(new Credentials(token));
var gitHubClient = new GitHubClient(
new ProductHeaderValue("AbpWebSite"),
credentialStore
);
var url = projectExtraProperties["GithubRootUrl"].ToString();
var releases = await gitHubClient.Repository.Release.GetAll(
GetGithubOrganizationNameFromUrl(url),
GetGithubRepositoryNameFromUrl(url)
);
return(releases.OrderByDescending(r => r.PublishedAt).Select(r => r.TagName).ToList());
}
catch (Exception ex)
{
Logger.LogError(ex.Message, ex);
return(new List <string>());
}
}
private async Task SeedGlobalAdministrator(
ICredentialRoleStore credentialRoleStore,
ICredentialStore credentialStore)
{
bool isExistingAnyAdminCredentials =
await credentialStore.IsExistingByCredentialRoleCode(SentinelCredentialRoleCodes.GlobalAdmin);
if (!isExistingAnyAdminCredentials)
{
string adminCredentialId = SentinelCredentialIds.Admin;
CredentialRole adminRole =
await credentialRoleStore.Get(SentinelCredentialRoleCodes.GlobalAdmin);
Credential admin = new Credential();
admin.BirthDate = new DateTime(2000, 1, 1);
admin.CreationDate = DateTime.UtcNow;
admin.DisplayName = adminCredentialId;
admin.CredentialId = adminCredentialId;
admin.Email = adminCredentialId + "@admin.com";
admin.PasswordSalt = HashingUtil.GenerateSalt();
admin.PasswordHash = HashingUtil.GenerateHash(adminCredentialId, admin.PasswordSalt);
admin.Roles = new List <CredentialRole> {
adminRole
};
await credentialStore.Create(admin);
}
}
public AccountService(IIdentityService identityService, ISuspensionManagerState suspensionManagerState, ICredentialStore credentialStore)
{
_identityService = identityService;
_suspensionManagerState = suspensionManagerState;
_credentialStore = credentialStore;
if (_suspensionManagerState != null)
{
if (_suspensionManagerState.SessionState.ContainsKey(ServerCookieHeaderKey))
{
_serverCookieHeader = _suspensionManagerState.SessionState[ServerCookieHeaderKey] as string;
}
if (_suspensionManagerState.SessionState.ContainsKey(SignedInUserKey))
{
_signedInUser = _suspensionManagerState.SessionState[SignedInUserKey] as UserInfo;
}
if (_suspensionManagerState.SessionState.ContainsKey(UserNameKey))
{
_userName = _suspensionManagerState.SessionState[UserNameKey].ToString();
}
if (_suspensionManagerState.SessionState.ContainsKey(PasswordKey))
{
_password = _suspensionManagerState.SessionState[PasswordKey].ToString();
}
}
}
public EncryptedLocalDiskReaderWriter([NotNull] IFileEncryptor fileEncryptor, [NotNull] ICredentialStore credentialStore)
{
if (fileEncryptor == null) throw new ArgumentNullException(nameof(fileEncryptor));
if (credentialStore == null) throw new ArgumentNullException(nameof(credentialStore));
this.fileEncryptor = fileEncryptor;
this.credentialStore = credentialStore;
}
/// <summary>
/// Creates a new authentication broker based for the specified resource.
/// </summary>
/// <param name="targetUri">The resource for which authentication is being requested.</param>
/// <param name="scope">The scope of the access being requested.</param>
/// <param name="personalAccessTokenStore">Storage container for personal access token secrets.</param>
/// <param name="adaRefreshTokenStore">Storage container for Azure access token secrets.</param>
/// <param name="authentication">
/// An implementation of <see cref="BaseAuthentication"/> if one was detected;
/// <see langword="null"/> otherwise.
/// </param>
/// <returns>
/// <see langword="true"/> if an authority could be determined; <see langword="false"/> otherwise.
/// </returns>
public static bool GetAuthentication(
Uri targetUri,
VstsTokenScope scope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
out BaseAuthentication authentication)
{
Trace.WriteLine("BaseVstsAuthentication::DetectAuthority");
Guid tenantId;
if (DetectAuthority(targetUri, out tenantId))
{
// empty Guid is MSA, anything else is AAD
if (tenantId == Guid.Empty)
{
Trace.WriteLine(" MSA authority detected");
authentication = new VstsMsaAuthentication(scope, personalAccessTokenStore, adaRefreshTokenStore);
}
else
{
Trace.WriteLine(" AAD authority for tenant '" + tenantId + "' detected");
authentication = new VstsAadAuthentication(tenantId, scope, personalAccessTokenStore, adaRefreshTokenStore);
(authentication as VstsAadAuthentication).TenantId = tenantId;
}
}
else
{
authentication = null;
}
return(authentication != null);
}
/// <summary>
/// Authorizes the client
/// </summary>
/// <param name="credentials">The credentials.</param>
/// <returns cref="IAuthorizationResult"> an authorization token object or null in case of failure</returns>
/// /// <returns cref="AuthorizationToken "> an authorization token object or null in case of failure</returns>
public async Task <IAuthorizationResult> AuthorizeAsync(ICredentialStore credentials)
{
var credentialStore = (IServiceCredentialStoreOauth )credentials;
var keyToEncode = credentialStore.ApplicationId + ":" + credentialStore.ApplicationSecret;
var encodedValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(keyToEncode));
var client = new RestClient(AuthorizeUri);
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddHeader("authorization", "Basic " + encodedValue);
request.AddParameter("application/x-www-form-urlencoded", "grant_type=client_credentials", ParameterType.RequestBody);
var response = await client.ExecutePostTaskAsync(request);
if (response.IsSuccessful)
{
Token = Newtonsoft.Json.JsonConvert.DeserializeObject <AuthorizationToken>(response.Content);
Token.Status = AuthorizationStatus.Authorized;
return(Token);
}
else
{
OnAuthorizationFailed(new SMSEventArgs()
{
Data = Newtonsoft.Json.JsonConvert.DeserializeObject <Dictionary <string, string> >(response.Content)
});
Token.Status = AuthorizationStatus.Unauthorized;
return(null);
}
}
public AuthorizeCommand(IMessageObserver observer, IRefreshTokenStore refreshStorage, ICredentialStore credentialStore, IGoulRequestHandler handler)
{
mObserver = observer;
mRefreshStorage = refreshStorage;
mCredStore = credentialStore;
mHandler = handler;
}
public AccountService(ISessionStateService sessionStateService, ICredentialStore credentialStore, IClientDeveloperService developerService)
{
//_developerService = new ServiceFactory<IDeveloperService>().GetService();
_sessionStateService = sessionStateService;
_credentialStore = credentialStore;
_developerService = developerService;
if (_sessionStateService != null)
{
if (_sessionStateService.SessionState.ContainsKey(SignedInUserKey))
{
SignedInUser = _sessionStateService.SessionState[SignedInUserKey] as UserInfo;
}
if (_sessionStateService.SessionState.ContainsKey(UserNameKey))
{
_userName = _sessionStateService.SessionState[UserNameKey].ToString();
}
if (_sessionStateService.SessionState.ContainsKey(PasswordKey))
{
_password = _sessionStateService.SessionState[PasswordKey].ToString();
}
}
}
/// <summary>
///
/// </summary>
/// <param name="tokenScope"></param>
/// <param name="personalAccessTokenStore"></param>
public GithubAuthentication(
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationCodeDelegate acquireAuthenticationCodeCallback,
AuthenticationResultDelegate authenticationResultCallback)
{
if (tokenScope == null)
{
throw new ArgumentNullException("tokenScope", "The parameter `tokenScope` is null or invalid.");
}
if (personalAccessTokenStore == null)
{
throw new ArgumentNullException("personalAccessTokenStore", "The parameter `personalAccessTokenStore` is null or invalid.");
}
if (acquireCredentialsCallback == null)
{
throw new ArgumentNullException("acquireCredentialsCallback", "The parameter `acquireCredentialsCallback` is null or invalid.");
}
if (acquireAuthenticationCodeCallback == null)
{
throw new ArgumentNullException("acquireAuthenticationCodeCallback", "The parameter `acquireAuthenticationCodeCallback` is null or invalid.");
}
TokenScope = tokenScope;
PersonalAccessTokenStore = personalAccessTokenStore;
GithubAuthority = new GithubAuthority();
AcquireCredentialsCallback = acquireCredentialsCallback;
AcquireAuthenticationCodeCallback = acquireAuthenticationCodeCallback;
AuthenticationResultCallback = authenticationResultCallback;
}
/// <summary>
/// Gets a configured authentication object for 'github.com'.
/// </summary>
/// <param name="targetUri">The uniform resource indicator of the resource which requires
/// authentication.</param>
/// <param name="tokenScope">The desired scope of any personal access tokens aqcuired.</param>
/// <param name="personalAccessTokenStore">A secure secret store for any personal access
/// tokens acquired.</param>
/// <param name="authentication">(out) The authenitcation object if successful.</param>
/// <returns>True if success; otherwise false.</returns>
public static bool GetAuthentication(
TargetUri targetUri,
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationCodeDelegate acquireAuthenticationCodeCallback,
AuthenticationResultDelegate authenticationResultCallback,
out BaseAuthentication authentication)
{
const string GitHubBaseUrlHost = "github.com";
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
{
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` is null or invalid.");
}
Trace.WriteLine("GithubAuthentication::GetAuthentication");
if (targetUri.ActualUri.DnsSafeHost.EndsWith(GitHubBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
authentication = new GithubAuthentication(tokenScope, personalAccessTokenStore, acquireCredentialsCallback, acquireAuthenticationCodeCallback, authenticationResultCallback);
Trace.WriteLine(" authentication for GitHub created");
}
else
{
authentication = null;
Trace.WriteLine(" not github.com, authentication creation aborted");
}
return(authentication != null);
}
public PickServerDatabaseViewModel(
IVisualStudioAccess visualStudioAccess,
ICredentialStore credentialStore,
Func <IPickSchemasDialog> pickSchemasDialogFactory,
Func <IPickConnectionDialog> pickConnectionDialogFactory)
{
this.visualStudioAccess = visualStudioAccess ?? throw new ArgumentNullException(nameof(visualStudioAccess));
this.pickSchemasDialogFactory = pickSchemasDialogFactory ?? throw new ArgumentNullException(nameof(pickSchemasDialogFactory));
this.pickConnectionDialogFactory = pickConnectionDialogFactory ?? throw new ArgumentNullException(nameof(pickConnectionDialogFactory));
this.credentialStore = credentialStore ?? throw new ArgumentNullException(nameof(credentialStore));
LoadedCommand = new RelayCommand(Loaded_Executed);
AddDatabaseConnectionCommand = new RelayCommand(AddDatabaseConnection_Executed);
AddAdhocDatabaseConnectionCommand = new RelayCommand(AddAdhocDatabaseConnection_Executed);
AddDatabaseDefinitionCommand = new RelayCommand(AddDatabaseDefinition_Executed);
RemoveDatabaseConnectionCommand = new RelayCommand(RemoveDatabaseConnection_Executed, RemoveDatabaseConnection_CanExecute);
OkCommand = new RelayCommand(Ok_Executed, Ok_CanExecute);
CancelCommand = new RelayCommand(Cancel_Executed);
FilterSchemasCommand = new RelayCommand(FilterSchemas_Executed, FilterSchemas_CanExecute);
CodeGenerationModeList = new[]
{
"EF Core 5",
"EF Core 3",
"EF Core 6",
};
DatabaseConnections = new ObservableCollection <DatabaseConnectionModel>();
DatabaseDefinitions = new ObservableCollection <DatabaseDefinitionModel>();
Schemas = new List <SchemaInfo>();
DatabaseDefinitions.CollectionChanged += (sender, args) => RaisePropertyChanged(nameof(DatabaseDefinitions));
}
public OrgNuGetUpgrader(
string currentVersion,
ITracer tracer,
PhysicalFileSystem fileSystem,
HttpClient httpClient,
bool dryRun,
bool noVerify,
OrgNuGetUpgraderConfig config,
string platform,
NuGetFeed nuGetFeed,
ICredentialStore credentialStore)
: base(
currentVersion,
tracer,
dryRun,
noVerify,
fileSystem,
config,
nuGetFeed,
credentialStore,
GVFSPlatform.Instance.CreateProductUpgraderPlatformInteractions(fileSystem, tracer))
{
this.httpClient = httpClient;
this.platform = platform;
}
public SessionsController(
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IAuthenticationSchemeProvider schemeProvider,
IEventService events,
TestUserStore users,
ICredentialStore credentialStore,
ISessionStore sessionStore,
ILoginAttemptStore loginAttemptStore,
IRequestInfoService requestInfoService,
ILoginAttemptLimitingService loginAttemptLimitingService,
ICredentialPenaltyStore credentialPenaltyStore)
{
// if the TestUserStore is not in DI, then we'll just use the global users collection
// this is where you would plug in your own custom identity management library (e.g. ASP.NET Identity)
_users = users;
_interaction = interaction;
_clientStore = clientStore;
_schemeProvider = schemeProvider;
_events = events;
this.CredentialStore = credentialStore;
this.SessionStore = sessionStore;
this.LoginAttemptStore = loginAttemptStore;
this.RequestInfoService = requestInfoService;
this.LoginAttemptLimitingService = loginAttemptLimitingService;
this.CredentialPenaltyStore = credentialPenaltyStore;
}
private void ICredentialStoreTest(ICredentialStore credentialStore, string url, string username, string password)
{
try
{
Uri uri = new Uri(url, UriKind.Absolute);
Credential writeCreds = new Credential(username, password);
Credential readCreds = null;
credentialStore.WriteCredentials(uri, writeCreds);
if (credentialStore.ReadCredentials(uri, out readCreds))
{
Assert.AreEqual(writeCreds.Password, readCreds.Password, "Passwords did not match between written and read credentials");
Assert.AreEqual(writeCreds.Username, readCreds.Username, "Usernames did not match between written and read credentials");
}
else
{
Assert.Fail("Failed to read credentials");
}
credentialStore.DeleteCredentials(uri);
Assert.IsFalse(credentialStore.ReadCredentials(uri, out readCreds), "Deleted credentials were read back");
}
catch (Exception exception)
{
Assert.Fail(exception.Message);
}
}
public UploadCommand(IMessageObserver observer, IGoulRequestHandler gRequestHandler, ICredentialStore credentialStore, IRefreshTokenStore refreshStore)
{
mObserver = observer;
mHandler = gRequestHandler;
mCredentialStore = credentialStore;
mRefreshStore = refreshStore;
}
/// <summary>
///
/// </summary>
/// <param name="tokenScope"></param>
/// <param name="personalAccessTokenStore"></param>
public GithubAuthentication(
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationCodeDelegate acquireAuthenticationCodeCallback,
AuthenticationResultDelegate authenticationResultCallback)
{
if (tokenScope == null)
throw new ArgumentNullException("tokenScope", "The parameter `tokenScope` is null or invalid.");
if (personalAccessTokenStore == null)
throw new ArgumentNullException("personalAccessTokenStore", "The parameter `personalAccessTokenStore` is null or invalid.");
if (acquireCredentialsCallback == null)
throw new ArgumentNullException("acquireCredentialsCallback", "The parameter `acquireCredentialsCallback` is null or invalid.");
if (acquireAuthenticationCodeCallback == null)
throw new ArgumentNullException("acquireAuthenticationCodeCallback", "The parameter `acquireAuthenticationCodeCallback` is null or invalid.");
TokenScope = tokenScope;
PersonalAccessTokenStore = personalAccessTokenStore;
GithubAuthority = new GithubAuthority();
AcquireCredentialsCallback = acquireCredentialsCallback;
AcquireAuthenticationCodeCallback = acquireAuthenticationCodeCallback;
AuthenticationResultCallback = authenticationResultCallback;
}
public void Init()
{
userId = Guid.NewGuid().ToString();
ssoGroupKey = Guid.NewGuid().ToString();
credential = new Credential();
inMemoryCredentialStore = new InMemoryCredentialStore();
}
public ApplicationDatabaseService(
[NotNull] IApplicationDatabaseRepository applicationRepository,
[NotNull] IEnumerable<ISupportsModelPersistence> databaseDependents,
[NotNull] MonitorableDependencies monitorableDependencies,
[NotNull] ICredentialStore credentialStore,
[NotNull] ILogger logger)
{
if (applicationRepository == null)
{
throw new ArgumentNullException(nameof(applicationRepository));
}
if (databaseDependents == null)
{
throw new ArgumentNullException(nameof(databaseDependents));
}
if (monitorableDependencies == null) throw new ArgumentNullException(nameof(monitorableDependencies));
if (credentialStore == null) throw new ArgumentNullException(nameof(credentialStore));
if (logger == null) throw new ArgumentNullException(nameof(logger));
this.applicationRepository = applicationRepository;
this.monitorableDependencies = monitorableDependencies;
this.credentialStore = credentialStore;
this.logger = logger;
this.databaseDependents = databaseDependents.OrderBy(d => d.LoadSequence).ToList();
this.monitorableDependencies.NotifyOfDependencyChange<IApplicationDatabaseService>(this);
InitialiseDirtyDataTable();
}
/// <summary>
/// Gets a configured authentication object for 'github.com'.
/// </summary>
/// <param name="targetUri">The uniform resource indicator of the resource which requires
/// authentication.</param>
/// <param name="tokenScope">The desired scope of any personal access tokens aqcuired.</param>
/// <param name="personalAccessTokenStore">A secure secret store for any personal access
/// tokens acquired.</param>
/// <param name="authentication">(out) The authenitcation object if successful.</param>
/// <returns>True if success; otherwise false.</returns>
public static bool GetAuthentication(
Uri targetUri,
GithubTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
out BaseAuthentication authentication)
{
const string GitHubBaseUrlHost = "github.com";
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` is null or invalid.");
Trace.WriteLine("GithubAuthentication::GetAuthentication");
if (targetUri.DnsSafeHost.EndsWith(GitHubBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
authentication = new GithubAuthentication(tokenScope, personalAccessTokenStore);
Trace.WriteLine(" authentication for GitHub created");
}
else
{
authentication = null;
Trace.WriteLine(" not github.com, authentication creation aborted");
}
return authentication != null;
}
/// <summary>
/// Creates a new connection instance used to make requests of the GitHub API.
/// </summary>
/// <param name="productInformation">
/// The name (and optionally version) of the product using this library. This is sent to the server as part of
/// the user agent for analytics purposes.
/// </param>
/// <param name="baseAddress">
/// The address to point this client to such as https://api.github.com or the URL to a GitHub Enterprise
/// instance.</param>
/// <param name="credentialStore">Provides credentials to the client when making requests.</param>
/// <param name="httpClient">A raw <see cref="IHttpClient"/> used to make requests.</param>
/// <param name="serializer">Class used to serialize and deserialize JSON requests.</param>
public Connection(
ProductHeaderValue productInformation,
Uri baseAddress,
ICredentialStore credentialStore,
IHttpClient httpClient,
IJsonSerializer serializer)
{
Ensure.ArgumentNotNull(productInformation, "productInformation");
Ensure.ArgumentNotNull(baseAddress, "baseAddress");
Ensure.ArgumentNotNull(credentialStore, "credentialStore");
Ensure.ArgumentNotNull(httpClient, "httpClient");
Ensure.ArgumentNotNull(serializer, "serializer");
if (!baseAddress.IsAbsoluteUri)
{
throw new ArgumentException(
String.Format(CultureInfo.InvariantCulture, "The base address '{0}' must be an absolute URI",
baseAddress), "baseAddress");
}
UserAgent = FormatUserAgent(productInformation);
BaseAddress = baseAddress;
_authenticator = new Authenticator(credentialStore);
_httpClient = httpClient;
_jsonPipeline = new JsonHttpPipeline();
}
public NuGetUpgrader(
string currentVersion,
ITracer tracer,
PhysicalFileSystem fileSystem,
bool dryRun,
bool noVerify,
NuGetUpgraderConfig config,
string downloadFolder,
ICredentialStore credentialStore)
: this(
currentVersion,
tracer,
dryRun,
noVerify,
fileSystem,
config,
new NuGetFeed(
config.FeedUrl,
config.PackageFeedName,
downloadFolder,
null,
GVFSPlatform.Instance.UnderConstruction.SupportsNuGetEncryption,
tracer),
credentialStore,
GVFSPlatform.Instance.CreateProductUpgraderPlatformInteractions(fileSystem, tracer))
{
}
public CredentialStoreDiagnostic(ICredentialStore credentialStore)
: base("Credential storage")
{
EnsureArgument.NotNull(credentialStore, nameof(credentialStore));
_credentialStore = credentialStore;
}
/// <summary>
/// Gets a configured authentication object for 'github.com'.
/// </summary>
/// <param name="targetUri">
/// The uniform resource indicator of the resource which requires authentication.
/// </param>
/// <param name="tokenScope">The desired scope of any personal access tokens acquired.</param>
/// <param name="personalAccessTokenStore">
/// A secure secret store for any personal access tokens acquired.
/// </param>
/// <param name="authentication">(out) The authentication object if successful.</param>
/// <returns>True if success; otherwise false.</returns>
public static BaseAuthentication GetAuthentication(
TargetUri targetUri,
TokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationCodeDelegate acquireAuthenticationCodeCallback,
AuthenticationResultDelegate authenticationResultCallback)
{
BaseAuthentication authentication = null;
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
{
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` is null or invalid.");
}
if (targetUri.DnsSafeHost.EndsWith(GitHubBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
var normalizedTargetUri = NormalizeUri(targetUri);
authentication = new Authentication(normalizedTargetUri, tokenScope, personalAccessTokenStore, acquireCredentialsCallback, acquireAuthenticationCodeCallback, authenticationResultCallback);
Git.Trace.WriteLine($"created GitHub authentication for '{normalizedTargetUri}'.");
}
else
{
authentication = null;
Git.Trace.WriteLine($"not github.com, authentication creation aborted.");
}
return(authentication);
}
/// <summary>
/// Identify the Hosting service from the the targetUri.
/// <para/>
/// Returns a `<see cref="BaseAuthentication"/>` instance if the `<paramref name="targetUri"/>` represents Bitbucket; otherwise `<see langword=""="null"/>`.
/// </summary>
/// <param name="targetUri"></param>
public static BaseAuthentication GetAuthentication(
RuntimeContext context,
TargetUri targetUri,
ICredentialStore personalAccessTokenStore,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireAuthenticationOAuthDelegate acquireAuthenticationOAuthCallback)
{
BaseAuthentication authentication = null;
BaseSecureStore.ValidateTargetUri(targetUri);
if (personalAccessTokenStore == null)
{
throw new ArgumentNullException(nameof(personalAccessTokenStore), $"The `{nameof(personalAccessTokenStore)}` is null or invalid.");
}
if (targetUri.QueryUri.DnsSafeHost.EndsWith(BitbucketBaseUrlHost, StringComparison.OrdinalIgnoreCase))
{
authentication = new Authentication(context, personalAccessTokenStore, acquireCredentialsCallback, acquireAuthenticationOAuthCallback);
context.Trace.WriteLine("authentication for Bitbucket created");
}
else
{
authentication = null;
}
return(authentication);
}
public MsaAuthentication(
RuntimeContext context,
TokenScope tokenScope,
ICredentialStore personalAccessTokenStore)
: base(context, tokenScope, personalAccessTokenStore)
{
Authority = new Authority(context, AzureDevOps.Authentication.Authority.DefaultAuthorityHostUrl);
}
public VstsMsaAuthentication(
RuntimeContext context,
VstsTokenScope tokenScope,
ICredentialStore personalAccessTokenStore)
: base(context, tokenScope, personalAccessTokenStore)
{
VstsAuthority = new VstsAzureAuthority(context, DefaultAuthorityHost);
}
public CredentialStore(ICredentialStore store)
{
if (store == null)
{
throw new ArgumentNullException(nameof(store));
}
this.store = store;
}
/// <summary>
/// Test constructor which allows for using fake credential stores
/// </summary>
internal VstsAadAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore vstsIdeTokenCache,
IVstsAuthority vstsAuthority)
: base(personalAccessTokenStore,
vstsIdeTokenCache,
vstsAuthority)
{ }
internal SecretCache(ICredentialStore credentialStore)
{
if (credentialStore == null)
throw new ArgumentNullException(nameof(credentialStore));
_namespace = credentialStore.Namespace;
_getTargetName = credentialStore.UriNameConversion;
}
public ConfigurationSerializer(
IVsSolution solution,
ISourceControlledFileSystem sccFileSystem,
ICredentialStore store,
ILogger logger)
: this(solution, sccFileSystem, store, logger, new FileWrapper())
{
}
public GetAuthorizationUrlCommand(IMessageObserver observer,
ICredentialStore credentialStore,
IGoulRequestHandler handler)
{
mObserver = observer;
mCredentialStore = credentialStore;
mHandler = handler;
}
/// <summary>
/// Initializes a new instance of the <see cref="AbstractClient"/> class.
/// </summary>
/// <param name="client">Client.</param>
/// <param name="rootUrl">Root URL.</param>
/// <param name="servicePath">Service path.</param>
/// <param name="initializer">Initializer.</param>
/// <param name="store">Store.</param>
protected AbstractClient(HttpClient client, string rootUrl, string servicePath, KinveyClientRequestInitializer initializer, ICredentialStore store)
: base(client, rootUrl, servicePath, initializer)
{
this.store = store;
this.MICHostName = "https://auth.kinvey.com/";
this.NetworkFactory = new NetworkFactory(this);
this.UserFactory = new UserRequestFactory(this);
}
/// <summary>
/// Creates a new <see cref="BasicAuthentication"/> object with an underlying credential store.
/// </summary>
/// <param name="credentialStore">
/// The <see cref="ICredentialStore"/> to delegate to.
/// </param>
public BasicAuthentication(ICredentialStore credentialStore)
{
if (credentialStore == null)
{
throw new ArgumentNullException(nameof(credentialStore));
}
this.CredentialStore = credentialStore;
}
public CredentialService(ICredentialStore store, IMailSender mailSender,
IContentTypeManager contentTypeManager,
IPersister persister)
{
_store = store;
_mailSender = mailSender;
_contentTypeManager = contentTypeManager;
_persister = persister;
}
/// <summary>
/// Creates a new <see cref="BasicAuthentication"/> object with an underlying credential store.
/// </summary>
/// <param name="credentialStore">
/// The <see cref="ICredentialStore"/> to delegate to.
/// </param>
public BasicAuthentication(ICredentialStore credentialStore)
{
if (credentialStore == null)
{
throw new ArgumentNullException("credentialStore", "The `credentialStore` parameter is null or invalid.");
}
this.CredentialStore = credentialStore;
}
public CredentialsController(
ICredentialRoleStore credentialRoleStore,
ICredentialStore credentialStore,
IDisplayNameRule displayNameRule)
{
this.CredentialRoleStore = credentialRoleStore;
this.CredentialStore = credentialStore;
this.DisplayNameRule = displayNameRule;
}
/// <summary>
/// Test constructor which allows for using fake credential stores
/// </summary>
internal VstsAadAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore vstsIdeTokenCache,
IVstsAuthority vstsAuthority)
: base(personalAccessTokenStore,
vstsIdeTokenCache,
vstsAuthority)
{
}
public void TestInitialize()
{
solutionMock = new Mock <IVsSolution>();
configurableSccFileSystem = new ConfigurableSourceControlledFileSystem();
configurableStore = new ConfigurableCredentialStore();
loggerMock = new Mock <ILogger>();
fileMock = new Mock <IFile>();
testSubject = new ConfigurationSerializer(solutionMock.Object, configurableSccFileSystem, configurableStore, loggerMock.Object, fileMock.Object);
}
/// <summary>
/// Invoked by a derived classes implementation. Allows custom back-end implementations to be used.
/// </summary>
/// <param name="tokenScope">The desired scope of the acquired personal access token(s).</param>
/// <param name="personalAccessTokenStore">The secret store for acquired personal access token(s).</param>
/// <param name="adaRefreshTokenStore">The secret store for acquired Azure refresh token(s).</param>
protected BaseVsoAuthentication(
VsoTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore = null)
: this(tokenScope, personalAccessTokenStore)
{
this.AdaRefreshTokenStore = adaRefreshTokenStore ?? this.AdaRefreshTokenStore;
this.VsoAdalTokenCache = new VsoAdalTokenCache();
this.VsoIdeTokenCache = new TokenRegistry();
}
public VstsMsaAuthentication(
VstsTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore = null)
: base(tokenScope,
personalAccessTokenStore,
adaRefreshTokenStore)
{
this.VstsAuthority = new VstsAzureAuthority(DefaultAuthorityHost);
}
/// <summary>
/// Test constructor which allows for using fake credential stores
/// </summary>
internal VsoAadAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
ITokenStore vsoIdeTokenCache,
IVsoAuthority vsoAuthority)
: base(personalAccessTokenStore,
adaRefreshTokenStore,
vsoIdeTokenCache,
vsoAuthority)
{ }
/// <summary>
/// Invoked by a derived classes implementation. Allows custom back-end implementations to be used.
/// </summary>
/// <param name="tokenScope">The desired scope of the acquired personal access token(s).</param>
/// <param name="personalAccessTokenStore">The secret store for acquired personal access token(s).</param>
/// <param name="adaRefreshTokenStore">The secret store for acquired Azure refresh token(s).</param>
protected BaseVstsAuthentication(
VstsTokenScope tokenScope,
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore = null)
: this(tokenScope, personalAccessTokenStore)
{
this.AdaRefreshTokenStore = adaRefreshTokenStore ?? this.AdaRefreshTokenStore;
this.VstsAdalTokenCache = new VstsAdalTokenCache();
this.VstsIdeTokenCache = new TokenRegistry();
}
/// <summary>
/// Test constructor which allows for using fake credential stores
/// </summary>
/// <param name="personalAccessTokenStore"></param>
/// <param name="adaRefreshTokenStore"></param>
/// <param name="vstsIdeTokenCache"></param>
/// <param name="liveAuthority"></param>
internal VstsMsaAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
ITokenStore vstsIdeTokenCache,
IVstsAuthority liveAuthority)
: base(personalAccessTokenStore,
adaRefreshTokenStore,
vstsIdeTokenCache,
liveAuthority)
{ }
/// <summary>
/// Creates a new <see cref="SecretStore"/> backed by the operating system keychain /
/// secrets vault.
/// </summary>
/// <param name="namespace">The namespace of the secrets written and read by this store.</param>
/// <param name="credentialCache">
/// (optional) Write-through, read-first cache. Default cache is used if a custom cache is
/// not provided.
/// </param>
/// <param name="tokenCache">
/// (optional) Write-through, read-first cache. Default cache is used if a custom cache is
/// not provided.
/// </param>
public SecretStore(string @namespace, ICredentialStore credentialCache = null, ITokenStore tokenCache = null, Secret.UriNameConversion getTargetName = null)
{
if (String.IsNullOrWhiteSpace(@namespace) || @namespace.IndexOfAny(IllegalCharacters) != -1)
throw new ArgumentNullException("prefix", "The `prefix` parameter is null or invalid.");
_getTargetName = getTargetName ?? Secret.UriToSimpleName;
_namespace = @namespace;
_credentialCache = credentialCache ?? new SecretCache(@namespace, _getTargetName);
_tokenCache = tokenCache ?? new SecretCache(@namespace, _getTargetName);
}
/// <summary>
///
/// </summary>
/// <param name="tokenScope"></param>
/// <param name="personalAccessTokenStore"></param>
public GithubAuthentication(GithubTokenScope tokenScope, ICredentialStore personalAccessTokenStore)
{
if (tokenScope == null)
throw new ArgumentNullException("tokenScope", "The parameter `tokenScope` is null or invalid.");
if (personalAccessTokenStore == null)
throw new ArgumentNullException("personalAccessTokenStore", "The parameter `personalAccessTokenStore` is null or invalid.");
TokenScope = tokenScope;
PersonalAccessTokenStore = personalAccessTokenStore;
GithubAuthority = new GithubAuthority();
}
/// <summary>
/// Creates a new <see cref="SecretStore"/> backed by the operating system keychain /
/// secrets vault.
/// </summary>
/// <param name="namespace">The namespace of the secrets written and read by this store.</param>
/// <param name="credentialCache">
/// (optional) Write-through, read-first cache. Default cache is used if a custom cache is
/// not provided.
/// </param>
/// <param name="tokenCache">
/// (optional) Write-through, read-first cache. Default cache is used if a custom cache is
/// not provided.
/// </param>
public SecretStore(string @namespace, ICredentialStore credentialCache = null, ITokenStore tokenCache = null, Secret.UriNameConversion getTargetName = null)
{
if (String.IsNullOrWhiteSpace(@namespace))
throw new ArgumentNullException(nameof(@namespace));
if (@namespace.IndexOfAny(IllegalCharacters) != -1)
throw new ArgumentException(nameof(@namespace));
_getTargetName = getTargetName ?? Secret.UriToName;
_namespace = @namespace;
_credentialCache = credentialCache ?? new SecretCache(@namespace, _getTargetName);
_tokenCache = tokenCache ?? new SecretCache(@namespace, _getTargetName);
}
protected BaseVstsAuthentication(VstsTokenScope tokenScope, ICredentialStore personalAccessTokenStore)
{
if (ReferenceEquals(tokenScope, null))
throw new ArgumentNullException(nameof(TokenScope));
if (ReferenceEquals(personalAccessTokenStore, null))
throw new ArgumentNullException(nameof(personalAccessTokenStore));
this.ClientId = DefaultClientId;
this.Resource = DefaultResource;
this.TokenScope = tokenScope;
this.PersonalAccessTokenStore = personalAccessTokenStore;
this.VstsAuthority = new VstsAzureAuthority();
}
/// <summary>
/// Creates a new <see cref="BasicAuthentication"/> object with an underlying credential store.
/// </summary>
/// <param name="credentialStore">
/// The <see cref="ICredentialStore"/> to delegate to.
/// </param>
/// <param name="ntlmSupport">
/// <para>The level of NTLM support to be provided by this instance.</para>
/// <para>If `<see cref="NtlmSupport.Always"/>` is used, the
/// `<paramref name="acquireCredentialsCallback"/>` and `<paramref name="acquireResultCallback"/>`
/// will be ignored by `<see cref="GetCredentials(TargetUri)"/>`.</para>
/// </param>
/// <param name="acquireCredentialsCallback">
/// (optional) delegate for acquiring credentials.
/// </param>
/// <param name="acquireResultCallback">
/// (optional) delegate for notification of acquisition results.
/// </param>
public BasicAuthentication(
ICredentialStore credentialStore,
NtlmSupport ntlmSupport,
AcquireCredentialsDelegate acquireCredentialsCallback,
AcquireResultDelegate acquireResultCallback)
{
if (credentialStore == null)
throw new ArgumentNullException(nameof(credentialStore));
_acquireCredentials = acquireCredentialsCallback;
_acquireResult = acquireResultCallback;
_credentialStore = credentialStore;
_ntlmSupport = ntlmSupport;
}
internal BaseVstsAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore vstsIdeTokenCache,
IVstsAuthority vstsAuthority)
: this(VstsTokenScope.ProfileRead, personalAccessTokenStore)
{
if (ReferenceEquals(vstsIdeTokenCache, null))
throw new ArgumentNullException(nameof(vstsIdeTokenCache));
if (ReferenceEquals(vstsAuthority, null))
throw new ArgumentNullException(nameof(vstsAuthority));
this.VstsIdeTokenCache = vstsIdeTokenCache;
this.VstsAuthority = vstsAuthority;
this.VstsAdalTokenCache = TokenCache.DefaultShared;
}
internal /*for testing purposes*/ SolutionBindingSerializer(IServiceProvider serviceProvider, ICredentialStore store)
{
if (serviceProvider == null)
{
throw new ArgumentNullException(nameof(serviceProvider));
}
if (store == null)
{
throw new ArgumentNullException(nameof(store));
}
this.serviceProvider = serviceProvider;
this.credentialStore = store;
}
internal BaseVsoAuthentication(
ICredentialStore personalAccessTokenStore,
ITokenStore adaRefreshTokenStore,
ITokenStore vsoIdeTokenCache,
IVsoAuthority vsoAuthority)
: this(VsoTokenScope.ProfileRead, personalAccessTokenStore)
{
Debug.Assert(adaRefreshTokenStore != null, "The adaRefreshTokenStore paramter is null or invalid.");
Debug.Assert(vsoIdeTokenCache != null, "The vsoIdeTokenCache paramter is null or invalid.");
Debug.Assert(vsoAuthority != null, "The vsoAuthority paramter is null or invalid.");
this.AdaRefreshTokenStore = adaRefreshTokenStore;
this.VsoIdeTokenCache = vsoIdeTokenCache;
this.VsoAuthority = vsoAuthority;
this.VsoAdalTokenCache = TokenCache.DefaultShared;
}
private BaseVsoAuthentication(VsoTokenScope tokenScope, ICredentialStore personalAccessTokenStore)
{
if (tokenScope == null)
throw new ArgumentNullException("scope", "The `scope` parameter is null or invalid.");
if (personalAccessTokenStore == null)
throw new ArgumentNullException("personalAccessTokenStore", "The `personalAccessTokenStore` paramter is null or invalid.");
AdalTrace.TraceSource.Switch.Level = SourceLevels.Off;
AdalTrace.LegacyTraceSwitch.Level = TraceLevel.Off;
this.ClientId = DefaultClientId;
this.Resource = DefaultResource;
this.TokenScope = tokenScope;
this.PersonalAccessTokenStore = personalAccessTokenStore;
this.AdaRefreshTokenStore = new SecretStore(AdalRefreshPrefx);
this.VsoAuthority = new VsoAzureAuthority();
}
/// <summary>
///
/// </summary>
/// <param name="tenantId">
/// <para>The unique identifier for the responsible Azure tenant.</para>
/// <para>Use <see cref="BaseVstsAuthentication.GetAuthentication"/>
/// to detect the tenant identity and create the authentication object.</para>
/// </param>
/// <param name="tokenScope">The scope of all access tokens acquired by the authority.</param>
/// <param name="personalAccessTokenStore">The secure secret store for storing any personal
/// access tokens acquired.</param>
/// <param name="adaRefreshTokenStore">The secure secret store for storing any Azure tokens
/// acquired.</param>
public VstsAadAuthentication(
Guid tenantId,
VstsTokenScope tokenScope,
ICredentialStore personalAccessTokenStore)
: base(tokenScope, personalAccessTokenStore)
{
if (tenantId == Guid.Empty)
{
this.VstsAuthority = new VstsAzureAuthority(AzureAuthority.DefaultAuthorityHostUrl);
}
else
{
// create an authority host URL in the format of https://login.microsoft.com/12345678-9ABC-DEF0-1234-56789ABCDEF0
string authorityHost = AzureAuthority.GetAuthorityUrl(tenantId);
this.VstsAuthority = new VstsAzureAuthority(authorityHost);
}
}
/// <summary>
/// Configures credentials properties and auto persistence from the credential store.
/// </summary>
/// <param name="credentialStore">The <see cref="ICredentialStore">ICredentialStore</see> used to persist credentials.</param>
private void ConfigureCredentialPersistence(ICredentialStore credentialStore)
{
var loadCredentialsTask = Task.Run<IEnumerable<CredentialModel>>(async () =>
{
return await credentialStore.GetCredentialsAsync().ConfigureAwait(false);
});
this.credentialList = new ReactiveList<CredentialModel>(loadCredentialsTask.Result);
this.credentialList.AutoPersist((creds) =>
{
return Observable.FromAsync<Unit>(async () =>
{
await credentialStore.SaveCredentialsAsync(creds.AsEnumerable());
return Unit.Default;
});
});
}
public AccountService(IIdentityService identityService, ISessionStateService sessionStateService, ICredentialStore credentialStore)
{
_identityService = identityService;
_sessionStateService = sessionStateService;
_credentialStore = credentialStore;
if (_sessionStateService != null)
{
if (_sessionStateService.SessionState.ContainsKey(SignedInUserKey))
{
_signedInUser = _sessionStateService.SessionState[SignedInUserKey] as UserInfo;
}
if (_sessionStateService.SessionState.ContainsKey(UserNameKey))
{
_userName = _sessionStateService.SessionState[UserNameKey].ToString();
}
if (_sessionStateService.SessionState.ContainsKey(PasswordKey))
{
_password = _sessionStateService.SessionState[PasswordKey].ToString();
}
}
}
public void Setup()
{
mFactory = new Factory(new DefaultModuleConfiguration(), new ITModuleConfiguration());
mObserver = (RecordingObserver)mFactory.Build<IMessageObserver>();
mApp = mFactory.Build<IApp>();
mFile = new DotNetFile();
mRefreshToken = new RefreshTokenStore(mFile, "refreshToken.txt");
mCredentials = new CredentialStore(mFile, "credentials.txt");
var provider = new TestConfigurationProvider();
provider.SetupCredentialsFile();
provider.SetupRefreshTokenFile();
provider.SetupDummyFile();
mFileManager = new GDriveFileManager(mCredentials.Get(), mRefreshToken.Get());
new Retry(30, 125)
.WithWork(x => {
mFileManager.CleanGDriveAcct();
Assert.That(mFileManager.ListAllFilesOnRootById().ToArray(), Is.Empty);
})
.Start();
mFolderManager = new FolderManager(mCredentials.Get(), mRefreshToken.Get());
}
/// <summary>
/// Create a new instance of the GitHub API v3 client pointing to the specified baseAddress.
/// </summary>
/// <param name="productInformation">
/// The name (and optionally version) of the product using this library. This is sent to the server as part of
/// the user agent for analytics purposes.
/// </param>
/// <param name="credentialStore">Provides credentials to the client when making requests.</param>
/// <param name="baseAddress">
/// The address to point this client to. Typically used for GitHub Enterprise
/// instances</param>
public GitHubClient(ProductHeaderValue productInformation, ICredentialStore credentialStore, Uri baseAddress)
: this(new Connection(productInformation, FixUpBaseUri(baseAddress), credentialStore))
{
}