public void Check(ValidateConfirmationLinkParameter parameter)
{
if (parameter == null)
{
throw new ArgumentNullException(nameof(parameter));
}
if (string.IsNullOrWhiteSpace(parameter.ConfirmationCode))
{
throw new BaseDocumentManagementApiException(ErrorCodes.InvalidRequest, string.Format(ErrorDescriptions.ParameterIsMissing, "confirmation_code"));
}
if (string.IsNullOrWhiteSpace(parameter.Subject))
{
throw new BaseDocumentManagementApiException(ErrorCodes.InvalidRequest, ErrorDescriptions.SubjectIsMissing);
}
}
public async Task <bool> Execute(string wellKnownConfiguration, ValidateConfirmationLinkParameter validateConfirmationLinkParameter, AuthenticateParameter authenticateParameter)
{
if (string.IsNullOrWhiteSpace(wellKnownConfiguration))
{
throw new ArgumentNullException(nameof(wellKnownConfiguration));
}
_validateConfirmationLinkParameterValidator.Check(validateConfirmationLinkParameter);
var confirmationLink = await _officeDocumentConfirmationLinkStore.Get(validateConfirmationLinkParameter.ConfirmationCode);
if (confirmationLink == null)
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.TheConfirmationCodeIsNotValid);
}
CheckConfirmationLink(confirmationLink);
var officeDocument = await _officeDocumentRepository.Get(confirmationLink.DocumentId);
if (officeDocument == null)
{
throw new DocumentNotFoundException();
}
if (string.IsNullOrWhiteSpace(officeDocument.UmaResourceId))
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.NoUmaResource);
}
if (string.IsNullOrWhiteSpace(officeDocument.UmaPolicyId))
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.NoUmaPolicy);
}
var grantedToken = await _tokenStore.GetToken(authenticateParameter.WellKnownConfigurationUrl, authenticateParameter.ClientId, authenticateParameter.ClientSecret, new[] { "uma_protection" });
if (grantedToken == null || string.IsNullOrWhiteSpace(grantedToken.AccessToken))
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.CannotRetrieveAccessToken);
}
var policy = await _identityServerUmaClientFactory.GetPolicyClient().GetByResolution(officeDocument.UmaPolicyId, authenticateParameter.WellKnownConfigurationUrl, grantedToken.AccessToken);
if (policy.ContainsError)
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.UmaPolicyDoesntExist);
}
var putPolicyRules = new List <PutPolicyRule>();
if (policy.Content.Rules != null)
{
foreach (var rule in policy.Content.Rules)
{
putPolicyRules.Add(new PutPolicyRule
{
Id = rule.Id,
Claims = rule.Claims,
ClientIdsAllowed = rule.ClientIdsAllowed,
OpenIdProvider = rule.OpenIdProvider,
Scopes = rule.Scopes
});
}
}
if (!putPolicyRules.Any(p => p.Claims != null && p.Claims.Any(c => c.Type == "sub" && c.Value == validateConfirmationLinkParameter.Subject)))
{
putPolicyRules.Add(new PutPolicyRule
{
Claims = new List <PostClaim>
{
new PostClaim
{
Type = "sub",
Value = validateConfirmationLinkParameter.Subject
}
},
OpenIdProvider = wellKnownConfiguration,
Scopes = Constants.DEFAULT_SCOPES.ToList()
});
}
var updatedResult = await _identityServerUmaClientFactory.GetPolicyClient().UpdateByResolution(new PutPolicy
{
PolicyId = policy.Content.Id,
Rules = putPolicyRules
}, authenticateParameter.WellKnownConfigurationUrl, grantedToken.AccessToken);
if (updatedResult.ContainsError)
{
throw new BaseDocumentManagementApiException(ErrorCodes.InternalError, ErrorDescriptions.UmaPolicyCannotBeUpdated);
}
// TODO : DECREASE THE NUMBER OF CONFIRMATION LINKS
await UseConfirmationLink(confirmationLink);
return(true);
}
public Task <bool> ValidateConfirmationLink(string wellKnownConfiguration, ValidateConfirmationLinkParameter validateConfirmationLinkParameter, AuthenticateParameter authenticateParameter)
{
return(_validateConfirmationLinkAction.Execute(wellKnownConfiguration, validateConfirmationLinkParameter, authenticateParameter));
}
