/// <summary>
/// Registers an application.
/// </summary>
/// <param name="clientId">The client id.</param>
/// <param name="clientSecret">The client secret.</param>
/// <param name="redirectUri">The redirect URI.</param>
/// <param name="name">The name.</param>
public void RegisterApplication(string clientId, string clientSecret, string redirectUri, string name)
{
var client = CreateManagementServiceClient();
var serviceIdentity = client.ServiceIdentities.Where(si => si.Name == clientId).ToList().FirstOrDefault();
if (serviceIdentity != null)
{
throw new InvalidOperationException(string.Format(
"An application with client_id '{0}' already exists.", clientId));
}
// Create a service identity
serviceIdentity = new ServiceIdentity
{
Name = clientId,
Description = name,
RedirectAddress = redirectUri
};
var serviceIdentityKey = new ServiceIdentityKey
{
DisplayName = string.Format("Credentials for {0}", clientId),
Value = Encoding.UTF8.GetBytes(clientSecret),
Type = IdentityKeyTypes.Password.ToString(),
Usage = IdentityKeyUsages.Password.ToString(),
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(100) // Validity 100 years. After that?
};
// Process modifications to the namespace
client.AddToServiceIdentities(serviceIdentity);
client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
client.SaveChanges(SaveChangesOptions.Batch);
}
public void LinkSensor(int id, string sensorId)
{
// Has a sensor already been linked?
var brewWithSensor = BrewRepository.GetAll().FirstOrDefault(b => b.SensorId == sensorId);
if (brewWithSensor != null && brewWithSensor.Id != id)
{
throw new ArgumentException(
string.Format("The sensor with id {0} can not be linked to the brew because the sensor has already been linked to another brew.", sensorId), "sensorId");
}
// Get the brew
var brew = GetBrew(id);
// First unlink the current sensor
if (!string.IsNullOrEmpty(brew.SensorId))
{
UnlinkSensor(id, brew.SensorId);
}
// Link sensor in our datastore
brew.SensorId = sensorId;
brew.LastModified = DateTime.UtcNow;
BrewRepository.CommitChanges();
// We want a custom identity for the sensor which only allows sending to the service bus.
var serviceManagementWrapper = new ServiceManagementWrapper(AcsNamespace, ManagementIssuer, ManagementKey);
var client = serviceManagementWrapper.CreateManagementServiceClient();
client.IgnoreResourceNotFoundException = true;
// Clean up if we already exist as a sensor
var existingRule = client.Rules.AddQueryOption("$filter", "Description eq '" + string.Format("Add Send claim value for sensor id {0}", sensorId) + "'").FirstOrDefault();
if (existingRule != null)
{
client.DeleteObject(existingRule);
client.SaveChanges(SaveChangesOptions.Batch);
}
serviceManagementWrapper.RemoveServiceIdentity(sensorId);
// Create a new identity
var serviceIdentity = new ServiceIdentity
{
Name = sensorId,
Description = string.Format("Sensor id: {0}", sensorId)
};
var serviceIdentityKey = new ServiceIdentityKey
{
DisplayName = string.Format("Credentials for {0}", sensorId),
Value = Encoding.UTF8.GetBytes(sensorId),
Type = IdentityKeyTypes.Symmetric.ToString(),
Usage = IdentityKeyUsages.Password.ToString(),
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddMonths(2) // sensors can be linked for up to 2 months
};
// Process modifications to the namespace
client.AddToServiceIdentities(serviceIdentity);
client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
client.SaveChanges(SaveChangesOptions.Batch);
// Add a Send claim
var issuer = client.Issuers.AddQueryOption("$filter", "Name eq 'LOCAL AUTHORITY'").FirstOrDefault();
var ruleGroup = client.RuleGroups.AddQueryOption("$filter", "Name eq 'Default Rule Group for ServiceBus'").FirstOrDefault();
var rule = new Rule
{
Description = string.Format("Add Send claim value for sensor id {0}", sensorId),
InputClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
InputClaimValue = sensorId,
OutputClaimType = "net.windows.servicebus.action",
OutputClaimValue = "Send",
IssuerId = issuer.Id,
RuleGroupId = ruleGroup.Id,
RuleGroup = ruleGroup,
Issuer = issuer
};
client.AddToRules(rule);
client.SaveChanges(SaveChangesOptions.Batch);
}
public void AddServiceIdentityWithCertificate(string name, IEnumerable<X509Certificate2> certificates)
{
try
{
var client = CreateManagementServiceClient();
var serviceIdentity = new ServiceIdentity
{
Name = name
};
client.AddToServiceIdentities(serviceIdentity);
foreach (var certificate in certificates)
{
var serviceIdentityKey = new ServiceIdentityKey
{
DisplayName = "Credentials for " + name,
Type = IdentityKeyTypes.X509Certificate.ToString(),
Usage = IdentityKeyUsages.Signing.ToString(),
Value = certificate.GetRawCertData(),
StartDate = certificate.NotBefore,
EndDate = certificate.NotAfter
};
client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
}
client.SaveChanges(SaveChangesOptions.Batch);
}
catch (Exception ex)
{
throw TryGetExceptionDetails(ex);
}
}
public void AddServiceIdentity(string name, string secret)
{
try
{
var client = this.CreateManagementServiceClient();
var defaultStartDate = DateTime.UtcNow;
var defaultEndDate = defaultStartDate.AddYears(1);
var serviceIdentity = new ServiceIdentity
{
Name = name
};
client.AddToServiceIdentities(serviceIdentity);
var serviceIdentityKey = new ServiceIdentityKey
{
DisplayName = "Credentials for " + name,
Value = Encoding.UTF8.GetBytes(secret),
Type = IdentityKeyTypes.Password.ToString(),
Usage = IdentityKeyUsages.Password.ToString(),
StartDate = defaultStartDate,
EndDate = defaultEndDate
};
client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey);
client.SaveChanges(SaveChangesOptions.Batch);
}
catch (Exception ex)
{
throw TryGetExceptionDetails(ex);
}
}
