public void Save(AccessKey accessKey)
{
if (accessKey == null)
throw new ArgumentNullException("accessKey");
using (var context = new DeviceHiveContext())
{
context.AccessKeys.Add(accessKey);
if (accessKey.ID > 0)
{
context.Entry(accessKey).State = EntityState.Modified;
foreach (var permission in accessKey.Permissions.Where(e => e.ID > 0))
{
context.Entry(permission).State = EntityState.Modified;
}
foreach (var permission in context.AccessKeyPermissions.Where(e => e.AccessKeyID == accessKey.ID))
{
if (context.Entry(permission).State == EntityState.Unchanged)
context.AccessKeyPermissions.Remove(permission);
}
}
context.SaveChanges();
}
}
/// <summary>
/// Initializes all required properties.
/// </summary>
/// <param name="client">Associated OAuthClient object.</param>
/// <param name="userId">Associated user identifier.</param>
/// <param name="accessKey">Associated AccessKey object.</param>
/// <param name="type">OAuth type.</param>
/// <param name="scope">Requested OAuth scope.</param>
public OAuthGrant(OAuthClient client, int userId, AccessKey accessKey, int type, string scope)
{
if (client == null)
throw new ArgumentNullException("client");
if (accessKey == null)
throw new ArgumentNullException("accessKey");
if (string.IsNullOrEmpty(scope))
throw new ArgumentException("Scope is null or empty!", "scope");
this.Timestamp = DateTime.UtcNow;
this.Client = client;
this.UserID = userId;
this.AccessKey = accessKey;
this.Type = type;
this.Scope = scope;
}
public void Save(AccessKey accessKey)
{
if (accessKey == null)
throw new ArgumentNullException("accessKey");
_mongo.EnsureIdentity(accessKey);
if (accessKey.Permissions == null)
accessKey.Permissions = new List<AccessKeyPermission>();
accessKey.Permissions.ForEach(e => _mongo.EnsureIdentity(e));
_mongo.AccessKeys.Save(accessKey);
_mongo.OAuthGrants.Update(Query<OAuthGrant>.EQ(e => e.AccessKeyID, accessKey.ID),
Update<OAuthGrant>.Set(e => e.AccessKey, accessKey), new MongoUpdateOptions { Flags = UpdateFlags.Multi });
}
public void Authenticate()
{
if (ActionContext.GetParameter("AuthUser") == null)
throw new WebSocketRequestException("Please specify 'login' and 'password' or 'accessKey'");
CurrentUser = (User)ActionContext.GetParameter("AuthUser");
CurrentAccessKey = (AccessKey)ActionContext.GetParameter("AuthAccessKey");
SendSuccessResponse();
}
public void OAuthGrant()
{
var user = new User("Test", 0, 0);
user.SetPassword("pass");
DataContext.User.Save(user);
RegisterTearDown(() => DataContext.User.Delete(user.ID));
var accessKey = new AccessKey(user.ID, AccessKeyType.OAuth, "test");
DataContext.AccessKey.Save(accessKey);
RegisterTearDown(() => DataContext.AccessKey.Delete(accessKey.ID));
var client = new OAuthClient("Test", "test.com", "http://test.com/oauth2", "test_client");
DataContext.OAuthClient.Save(client);
RegisterTearDown(() => DataContext.OAuthClient.Delete(client.ID));
var grant = new OAuthGrant(client, user.ID, accessKey, 0, "scope");
grant.AuthCode = Guid.NewGuid();
DataContext.OAuthGrant.Save(grant);
RegisterTearDown(() => DataContext.OAuthGrant.Delete(grant.ID));
// test GetByUser
var grants = DataContext.OAuthGrant.GetByUser(user.ID);
Assert.Greater(grants.Count, 0);
// test Get(id)
var grant1 = DataContext.OAuthGrant.Get(grant.ID);
Assert.IsNotNull(grant1);
Assert.Less(Math.Abs(DateTime.UtcNow.Subtract(grant1.Timestamp).TotalMinutes), 10);
Assert.AreEqual(0, grant1.Type);
Assert.AreEqual("scope", grant1.Scope);
Assert.AreEqual(client.ID, grant1.ClientID);
Assert.IsNotNull(grant1.Client);
Assert.AreEqual(user.ID, grant1.UserID);
Assert.AreEqual(accessKey.ID, grant1.AccessKeyID);
Assert.IsNotNull(grant1.AccessKey);
// test Get(authCode)
var grant2 = DataContext.OAuthGrant.Get(grant.AuthCode.Value);
Assert.IsNotNull(grant2);
Assert.AreEqual(0, grant2.Type);
Assert.AreEqual("scope", grant2.Scope);
Assert.AreEqual(user.ID, grant2.UserID);
Assert.AreEqual(client.ID, grant2.ClientID);
Assert.IsNotNull(grant2.Client);
Assert.AreEqual(accessKey.ID, grant2.AccessKeyID);
Assert.IsNotNull(grant2.AccessKey);
// test Save
grant.AuthCode = Guid.NewGuid();
grant.Type = 1;
grant.AccessType = 1;
grant.RedirectUri = "http://test.com/oauth";
grant.Scope = "scope scope2";
grant.Networks = new[] { 5, 10 };
DataContext.OAuthGrant.Save(grant);
var grant3 = DataContext.OAuthGrant.Get(grant.ID);
Assert.AreEqual(grant.AuthCode, grant3.AuthCode);
Assert.AreEqual(1, grant3.Type);
Assert.AreEqual(1, grant3.AccessType);
Assert.AreEqual("http://test.com/oauth", grant3.RedirectUri);
Assert.AreEqual("scope scope2", grant3.Scope);
Assert.AreEqual(2, grant3.Networks.Length);
Assert.AreEqual(5, grant3.Networks[0]);
Assert.AreEqual(10, grant3.Networks[1]);
Assert.AreEqual(user.ID, grant3.UserID);
Assert.AreEqual(client.ID, grant3.ClientID);
Assert.IsNotNull(grant3.Client);
Assert.AreEqual(accessKey.ID, grant3.AccessKeyID);
Assert.IsNotNull(grant3.AccessKey);
// test update relationship
var client2 = new OAuthClient("Test2", "test2.com", "http://test.com/oauth/2", "test_client2");
DataContext.OAuthClient.Save(client2);
RegisterTearDown(() => DataContext.OAuthClient.Delete(client2.ID));
grant.Client = client2;
DataContext.OAuthGrant.Save(grant);
var grant4 = DataContext.OAuthGrant.Get(grant.ID);
Assert.AreEqual(client2.ID, grant4.ClientID);
Assert.IsNotNull(grant4.Client);
// test Delete
DataContext.OAuthClient.Delete(grant.ID);
var grant5 = DataContext.OAuthClient.Get(grant.ID);
Assert.IsNull(grant5);
}
public void AccessKey()
{
var user = new User("Test", (int)UserRole.Administrator, (int)UserStatus.Active);
user.SetPassword("TestPass");
DataContext.User.Save(user);
RegisterTearDown(() => DataContext.User.Delete(user.ID));
var accessKey = new AccessKey(user.ID, AccessKeyType.Default, "Test");
accessKey.Permissions.Add(new AccessKeyPermission { Subnets = new[] { "127.0.0.1" } });
accessKey.Permissions.Add(new AccessKeyPermission { Subnets = new[] { "127.0.0.2" } });
DataContext.AccessKey.Save(accessKey);
RegisterTearDown(() => DataContext.AccessKey.Delete(accessKey.ID));
// test GetByUser
var accessKeys = DataContext.AccessKey.GetByUser(user.ID);
Assert.AreEqual(1, accessKeys.Count);
Assert.AreEqual(accessKey.ID, accessKeys[0].ID);
Assert.AreEqual(user.ID, accessKeys[0].UserID);
// test GetByUsers
accessKeys = DataContext.AccessKey.GetByUsers(new[] { user.ID }, new AccessKeyFilter { Type = (int)AccessKeyType.Default });
Assert.AreEqual(1, accessKeys.Count);
Assert.AreEqual(accessKey.ID, accessKeys[0].ID);
Assert.AreEqual(user.ID, accessKeys[0].UserID);
// test Get(id)
var accessKey1 = DataContext.AccessKey.Get(accessKey.ID);
Assert.IsNotNull(accessKey1);
Assert.AreEqual("Test", accessKey1.Label);
Assert.AreEqual(accessKey.Key, accessKey1.Key);
Assert.IsNotNull(accessKey1.Permissions);
Assert.AreEqual(2, accessKey1.Permissions.Count);
Assert.AreEqual(new[] { "127.0.0.1" }, accessKey1.Permissions[0].Subnets);
Assert.AreEqual(new[] { "127.0.0.2" }, accessKey1.Permissions[1].Subnets);
// test Save
accessKey.Type = (int)AccessKeyType.Session;
accessKey.Label = "Test2";
accessKey.GenerateKey();
accessKey.ExpirationDate = DateTime.UtcNow;
accessKey.Permissions.RemoveAt(1);
accessKey.Permissions.Add(new AccessKeyPermission {
Subnets = new[] { "127.0.0.3" },
Domains = new[] { "www.example.com" },
Networks = new[] { 1, 2, 3 }});
DataContext.AccessKey.Save(accessKey);
var accessKey2 = DataContext.AccessKey.Get(accessKey.ID);
Assert.AreEqual(1, accessKey2.Type);
Assert.AreEqual("Test2", accessKey2.Label);
Assert.AreEqual(accessKey.Key, accessKey2.Key);
Assert.IsNotNull(accessKey2.ExpirationDate);
Assert.IsNotNull(accessKey2.Permissions);
Assert.AreEqual(2, accessKey2.Permissions.Count);
Assert.AreEqual(new[] { "127.0.0.1" }, accessKey2.Permissions[0].Subnets);
Assert.AreEqual(new[] { "127.0.0.3" }, accessKey2.Permissions[1].Subnets);
Assert.AreEqual(new[] { "www.example.com" }, accessKey2.Permissions[1].Domains);
Assert.AreEqual(new[] { 1, 2, 3 }, accessKey2.Permissions[1].Networks);
// test Delete
DataContext.AccessKey.Delete(accessKey.ID);
var accessKey3 = DataContext.AccessKey.Get(accessKey.ID);
Assert.IsNull(accessKey3);
}
private AccessKey CreateAccessKey(User user)
{
const string Label = "Session Token";
var accessKey = new AccessKey(user.ID, AccessKeyType.Session, Label);
accessKey.Permissions = new List<AccessKeyPermission>();
accessKey.Permissions.Add(new AccessKeyPermission()); // allow everything permission
accessKey.ExpirationDate = DateTime.UtcNow.Add(DeviceHiveConfiguration.Authentication.SessionTimeout);
DataContext.AccessKey.Save(accessKey);
return accessKey;
}
