Esempio n. 1
0
        /// <summary>
        ///   Obtains a SWT token from ACSv2.
        /// </summary>
        /// <returns>A token  from ACS.</returns>
        static string GetManagementToken(AccessControlSettings settings)
        {
            try
            {
                //
                // Request a token from ACS
                //
                WebClient client = new WebClient();
                client.BaseAddress = string.Format(CultureInfo.CurrentCulture, "https://{0}.{1}", settings.ServiceNamespace,
                                                   settings.AccessControlServiceAddress);

                Uri scopeUri = new Uri(client.BaseAddress + settings.AccessControlManagementPath);
                NameValueCollection values = new NameValueCollection();
                values.Add("grant_type", "client_credentials");
                values.Add("client_id", settings.ManagementServiceIdentityName);
                values.Add("client_secret", settings.ManagementServiceIdentityKey);
                values.Add("scope", scopeUri.ToString());

                byte[] responseBytes = client.UploadValues("/v2/OAuth2-13", "POST", values);

                //
                // Extract the access token and return it.
                //
                using (MemoryStream responseStream = new MemoryStream(responseBytes))
                {
                    OAuth2TokenResponse tokenResponse =
                        (OAuth2TokenResponse) new DataContractJsonSerializer(typeof(OAuth2TokenResponse)).ReadObject(responseStream);
                    return(tokenResponse.access_token);
                }
            }
            catch (Exception)
            {
                return(null);
            }
        }
Esempio n. 2
0
        public static AccessControlServiceIdentity Create(AccessControlSettings accessControlSettings, string name)
        {
            AccessControlServiceIdentity identity = new AccessControlServiceIdentity(accessControlSettings);

            identity.RegenerateKey();
            identity.Name = name;
            return(identity);
        }
Esempio n. 3
0
        /// <summary>
        ///   Creates and returns a ManagementService object. This is the only 'interface' used by other classes.
        /// </summary>
        /// <returns>An instance of the ManagementService.</returns>
        public static ManagementService CreateManagementServiceClient(AccessControlSettings settings)
        {
            string managementServiceEndpoint = String.Format(CultureInfo.InvariantCulture, "https://{0}.{1}/{2}", settings.ServiceNamespace,
                                                             settings.AccessControlServiceAddress, settings.AccessControlManagementPath);
            ManagementService managementService = new ManagementService(new Uri(managementServiceEndpoint));

            managementService.SendingRequest += (o, e) => AddManagementTokenWithWritePermission((HttpWebRequest)e.Request, settings);
            return(managementService);
        }
        public static void ResetNamespace(Uri rpAddress, AccessControlSettings settings)
        {
            rpAddress = new UriBuilder(rpAddress)
            {
                Scheme = "http", Port = -1
            }.Uri;
            var serviceClient = ManagementServiceHelper.CreateManagementServiceClient(settings);

            foreach (var g1 in from g in serviceClient.RuleGroups where g.Name.StartsWith(rpAddress.AbsoluteUri) select g)
            {
                serviceClient.DeleteRuleGroupByNameIfExists(g1.Name);
            }
            serviceClient.SaveChanges();
        }
        public static AccessControlList GetAccessControlList(Uri relyingPartyUri, AccessControlSettings settings)
        {
            var localPath = relyingPartyUri.LocalPath;

            relyingPartyUri =
                new UriBuilder(relyingPartyUri)
            {
                Scheme = "http", Port = -1, Path = localPath.Substring(0, localPath.EndsWith("/") ? localPath.Length - 1 : localPath.Length)
            }.Uri;

            var relyingPartyAddress    = relyingPartyUri.AbsoluteUri;
            var serviceClient          = ManagementServiceHelper.CreateManagementServiceClient(settings);
            var longestPrefixRpAddress = GetLongestPrefixRelyingPartyAddress(serviceClient, relyingPartyAddress);

            if (longestPrefixRpAddress != null)
            {
                var relyingParty = GetRelyingPartyByAddress(serviceClient, longestPrefixRpAddress);
                if (relyingParty != null)
                {
                    return(new AccessControlList(relyingPartyUri, relyingParty, serviceClient));
                }
            }
            throw new InvalidOperationException();
        }
Esempio n. 6
0
 /// <summary>
 ///   Helper function for the event handler above, adding the SWT token to the HTTP 'Authorization' header.
 ///   The SWT token is cached so that we don't need to obtain a token on every request.
 /// </summary>
 /// <param name = "args">Event arguments.</param>
 public static void AddManagementTokenWithWritePermission(HttpWebRequest args, AccessControlSettings settings)
 {
     if (cachedSwtToken == null)
     {
         cachedSwtToken = GetManagementToken(settings);
     }
     args.Headers.Add(HttpRequestHeader.Authorization, "Bearer " + cachedSwtToken);
 }
Esempio n. 7
0
 AccessControlServiceIdentity(AccessControlSettings settings)
 {
     this.settings = settings;
 }