public async void Process(IThreatModel model) { Connect.ChangeDisconnectButtonStatus(null, false); var schemaManager = new DevOpsConfigPropertySchemaManager(model); var connector = schemaManager.GetDevOpsConnector(out var url, out var project); if (connector != null && !string.IsNullOrWhiteSpace(url) && !string.IsNullOrWhiteSpace(project)) { try { var tokenManager = new SecretsManager(); var token = tokenManager.GetSecret(url); if (!string.IsNullOrWhiteSpace(token)) { connector.Connect(url, token); var projects = (await connector.GetProjectsAsync())?.ToArray(); if (projects?.Contains(project) ?? false) { if (connector.OpenProject(project)) { DevOpsManager.Register(connector, model); Connect.ChangeDisconnectButtonStatus(connector, true); var configManager = new ExtensionConfigurationManager(model, this.GetExtensionId()); configManager.Apply(); await DevOpsManager.UpdateAsync(model); } } else { connector.Disconnect(); ShowWarning?.Invoke( "DevOps system cannot be automatically connected due to an internal error."); } } else { ShowWarning?.Invoke( "DevOps system cannot be automatically connected because no Personal Access Token has been found."); } } catch (Exception exc) { ShowWarning?.Invoke($@"DevOps system cannot be automatically connected due to the following error: {exc.Message}. Everything else should be unaffected."); } } }
private void _serverUrl_TextChanged(object sender, EventArgs e) { if (!string.IsNullOrWhiteSpace(_serverUrl.Text) && _urls.ContainsCaseInsensitive(_serverUrl.Text?.Trim('/'))) { var token = _tokenManager.GetSecret(_serverUrl.Text); if (!string.IsNullOrWhiteSpace(token)) { _accessToken.Text = token; } } //else // _accessToken.Text = null; _loadProjects.Enabled = LoadProjectsEnabled(); }
// This method gets called by the runtime. Use this method to inject services to the container public void ConfigureServices(IServiceCollection services) { if (_env.IsProduction()) { var secretsMgr = new SecretsManager(); string dbConnectionString = secretsMgr.GetDbConnectionString(); services.AddDbContext <MSAContext>(options => options.UseSqlServer(dbConnectionString)); // Get salt and bind to option model services.PostConfigure <Salt>(options => { options.salt = secretsMgr.GetSecret("astronautsloth/salt"); }); // Get JWT secret and bind to option model dynamic token = JsonConvert.DeserializeObject(secretsMgr.GetSecret("astronautsloth/jwt")); string tokenSecret = token.secret; string tokenIssuer = token.issuer; string tokenAudience = token.audience; services.PostConfigure <TokenManagement>(options => { options.Secret = tokenSecret; options.Issuer = tokenIssuer; options.Audience = tokenAudience; }); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { options.Events = new JwtBearerEvents { OnMessageReceived = context => { context.Token = context.Request.Cookies["auth-token"]; return(Task.CompletedTask); }, }; options.RequireHttpsMetadata = false; options.SaveToken = true; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(tokenSecret)), ValidIssuer = tokenIssuer, ValidAudience = tokenAudience, ValidateIssuer = false, ValidateAudience = false }; }); } else { services.AddDbContext <MSAContext>(options => options.UseSqlServer(Configuration["MultiSpaApp:ConnectionString"])); services.AddDatabaseDeveloperPageExceptionFilter(); services.Configure <Salt>(Configuration.GetSection("salt")); services.Configure <TokenManagement>(Configuration.GetSection("tokenManagement")); var token = Configuration.GetSection("tokenManagement").Get <TokenManagement>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { options.Events = new JwtBearerEvents { OnMessageReceived = context => { context.Token = context.Request.Cookies["auth-token"]; return(Task.CompletedTask); }, }; options.RequireHttpsMetadata = false; options.SaveToken = true; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(token.Secret)), ValidIssuer = token.Issuer, ValidAudience = token.Audience, ValidateIssuer = false, ValidateAudience = false }; }); } services.AddSignalR(); // CSRF token service services.AddAntiforgery(options => { options.HeaderName = "csrf-token"; }); services.AddScoped <ApiAntiforgeryTokenAuthorizationFilter>(); // Custom CSRF token validation attribute - Antiforgery not supported for APIs with no views services.AddScoped <ITokenAuthService, TokenAuthService>(); services.AddScoped <IUserRepository, UserRepository>(); // Test UserRepository with fake dependencies services.AddScoped <IFriendshipRepository, FriendshipRepository>(); services.AddScoped <IUserManager, UserManager>(); services.AddScoped <IFriendshipManager, FriendshipManager>(); services.AddScoped <IMessageRepository, MessageRepository>(); services.AddScoped <IConversationRepository, ConversationRepository>(); services.AddScoped <IConversationManager, ConversationManager>(); services.AddScoped <ICommentRepository, CommentRepository>(); services.AddScoped <SecretsManager>(); services.AddTransient <StupidLoader>(); services.AddSingleton <IUserIdProvider, EmailBasedUserIdProvider>(); services.AddControllers(); services.AddHttpContextAccessor(); }