/// <summary>
/// Function that inserts a attendee into the attendance table
/// </summary>
/// <param name="eventId">Event id attendee is joining</param>
/// <param name="userId">User id of the attendee</param>
/// <returns>A string based on what happended</returns>
public string JoinEvent(int eventId, string jwt)
{
var eventJoinedMessage = "Joined Event";
var userID = _jWTService.GetUserIDFromToken(jwt);
var hasClaims = _jWTService.CheckUserClaims(jwt, joinEventClaims);
if(hasClaims.Equals("Authorized"))
{
var isEventandUserValid = _attendeeService.DoesEventandUserExist(eventId, userID);
if (isEventandUserValid == false)
{
return eventJoinedMessage = "Event or User does not exist";
}
var doesAttendeeExist = _attendeeService.DoesAttendeeExist(eventId, userID);
if (doesAttendeeExist)
{
return eventJoinedMessage = "You have already joined the event";
}
var attendeeJoined = _attendeeService.InsertAttendee(eventId, userID);
if (attendeeJoined == false)
{
return eventJoinedMessage = "Uh Oh something went wrong";
}
}
else
{
eventJoinedMessage = "Sorry you are not allowed to join events";
}
return eventJoinedMessage;
}
public void CheckIfUserHasTheseClaims_Pass()
{
//Assign
var jwtString = "eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJDYW5WaWV3RXZlbnRzIjoiOTkiLCJDYW5DcmVhdGVFdmVudHMiOiI5OSIsIk92ZXIxOCI6Ijk5IiwiZXhwIjoxNTU1NjcyMDEyLCJpc3MiOiJncmVldG5ncm91cC5jb20iLCJhdWQiOiJ0ZXN0QGdtYWlsLmNvbSJ9.2qSi4OwEFrbTD9GG3hx6fqZFuYVIjUzPGIRs8ZLjWB0";
var claimsToCheck = new List <string>();
claimsToCheck.Add(ctx.Claims.FirstOrDefault(c => c.ClaimId.Equals(1)).ClaimName);
claimsToCheck.Add(ctx.Claims.FirstOrDefault(c => c.ClaimId.Equals(2)).ClaimName);
var expected = true;
//Act
var actual = jwtService.CheckUserClaims(jwtString, claimsToCheck);
//Assert
Assert.AreEqual(expected, actual);
}
public IHttpActionResult CheckUsersClaims([FromBody] ClaimCheckRequest request)
{
var _jwtService = new JWTService();
var _gngLoggerService = new LoggerService();
var claimsToCheckResult = _jwtService.CheckUserClaims(request.JWT, request.ClaimsToCheck);
var expirationCheckResult = _jwtService.IsTokenExpired(request.JWT);
try
{
if (claimsToCheckResult.Equals("Authorized") &&
expirationCheckResult.Equals("NotExpired"))
{
return(Content(HttpStatusCode.OK, "Authorized to view content"));
}
else if (claimsToCheckResult.Equals("Authorized") &&
expirationCheckResult.Equals("Expired"))
{
return(Content(HttpStatusCode.Forbidden, "There was a problem in checking your session, please " +
"try again"));
}
else if (claimsToCheckResult.Equals("Unauthorized"))
{
return(Content(HttpStatusCode.Forbidden, "You are unauthorized to view this content. If this " +
"was a mistake, please contact an admin"));
}
else
{
return(Content(HttpStatusCode.Forbidden, "There was an problem in checking your session, please re-login and try again"));
}
}
catch (Exception e)
{
_gngLoggerService.LogBadRequest(_jwtService.GetUserIDFromToken(request.JWT).ToString(),
request.Ip, request.UrlToEnter, e.ToString());
return(Content(HttpStatusCode.BadRequest, "Service is unavailable"));
}
}
