/// <summary> /// Registers an application. /// </summary> /// <param name="clientId">The client id.</param> /// <param name="clientSecret">The client secret.</param> /// <param name="redirectUri">The redirect URI.</param> /// <param name="name">The name.</param> public void RegisterApplication(string clientId, string clientSecret, string redirectUri, string name) { var client = CreateManagementServiceClient(); var serviceIdentity = client.ServiceIdentities.Where(si => si.Name == clientId).ToList().FirstOrDefault(); if (serviceIdentity != null) { throw new InvalidOperationException(string.Format( "An application with client_id '{0}' already exists.", clientId)); } // Create a service identity serviceIdentity = new ServiceIdentity { Name = clientId, Description = name, RedirectAddress = redirectUri }; var serviceIdentityKey = new ServiceIdentityKey { DisplayName = string.Format("Credentials for {0}", clientId), Value = Encoding.UTF8.GetBytes(clientSecret), Type = IdentityKeyTypes.Password.ToString(), Usage = IdentityKeyUsages.Password.ToString(), StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(100) // Validity 100 years. After that? }; // Process modifications to the namespace client.AddToServiceIdentities(serviceIdentity); client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey); client.SaveChanges(SaveChangesOptions.Batch); }
public void LinkSensor(int id, string sensorId) { // Has a sensor already been linked? var brewWithSensor = BrewRepository.GetAll().FirstOrDefault(b => b.SensorId == sensorId); if (brewWithSensor != null && brewWithSensor.Id != id) { throw new ArgumentException( string.Format("The sensor with id {0} can not be linked to the brew because the sensor has already been linked to another brew.", sensorId), "sensorId"); } // Get the brew var brew = GetBrew(id); // First unlink the current sensor if (!string.IsNullOrEmpty(brew.SensorId)) { UnlinkSensor(id, brew.SensorId); } // Link sensor in our datastore brew.SensorId = sensorId; brew.LastModified = DateTime.UtcNow; BrewRepository.CommitChanges(); // We want a custom identity for the sensor which only allows sending to the service bus. var serviceManagementWrapper = new ServiceManagementWrapper(AcsNamespace, ManagementIssuer, ManagementKey); var client = serviceManagementWrapper.CreateManagementServiceClient(); client.IgnoreResourceNotFoundException = true; // Clean up if we already exist as a sensor var existingRule = client.Rules.AddQueryOption("$filter", "Description eq '" + string.Format("Add Send claim value for sensor id {0}", sensorId) + "'").FirstOrDefault(); if (existingRule != null) { client.DeleteObject(existingRule); client.SaveChanges(SaveChangesOptions.Batch); } serviceManagementWrapper.RemoveServiceIdentity(sensorId); // Create a new identity var serviceIdentity = new ServiceIdentity { Name = sensorId, Description = string.Format("Sensor id: {0}", sensorId) }; var serviceIdentityKey = new ServiceIdentityKey { DisplayName = string.Format("Credentials for {0}", sensorId), Value = Encoding.UTF8.GetBytes(sensorId), Type = IdentityKeyTypes.Symmetric.ToString(), Usage = IdentityKeyUsages.Password.ToString(), StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddMonths(2) // sensors can be linked for up to 2 months }; // Process modifications to the namespace client.AddToServiceIdentities(serviceIdentity); client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey); client.SaveChanges(SaveChangesOptions.Batch); // Add a Send claim var issuer = client.Issuers.AddQueryOption("$filter", "Name eq 'LOCAL AUTHORITY'").FirstOrDefault(); var ruleGroup = client.RuleGroups.AddQueryOption("$filter", "Name eq 'Default Rule Group for ServiceBus'").FirstOrDefault(); var rule = new Rule { Description = string.Format("Add Send claim value for sensor id {0}", sensorId), InputClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", InputClaimValue = sensorId, OutputClaimType = "net.windows.servicebus.action", OutputClaimValue = "Send", IssuerId = issuer.Id, RuleGroupId = ruleGroup.Id, RuleGroup = ruleGroup, Issuer = issuer }; client.AddToRules(rule); client.SaveChanges(SaveChangesOptions.Batch); }
public void AddServiceIdentityWithCertificate(string name, IEnumerable<X509Certificate2> certificates) { try { var client = CreateManagementServiceClient(); var serviceIdentity = new ServiceIdentity { Name = name }; client.AddToServiceIdentities(serviceIdentity); foreach (var certificate in certificates) { var serviceIdentityKey = new ServiceIdentityKey { DisplayName = "Credentials for " + name, Type = IdentityKeyTypes.X509Certificate.ToString(), Usage = IdentityKeyUsages.Signing.ToString(), Value = certificate.GetRawCertData(), StartDate = certificate.NotBefore, EndDate = certificate.NotAfter }; client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey); } client.SaveChanges(SaveChangesOptions.Batch); } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }
public void AddServiceIdentity(string name, string secret) { try { var client = this.CreateManagementServiceClient(); var defaultStartDate = DateTime.UtcNow; var defaultEndDate = defaultStartDate.AddYears(1); var serviceIdentity = new ServiceIdentity { Name = name }; client.AddToServiceIdentities(serviceIdentity); var serviceIdentityKey = new ServiceIdentityKey { DisplayName = "Credentials for " + name, Value = Encoding.UTF8.GetBytes(secret), Type = IdentityKeyTypes.Password.ToString(), Usage = IdentityKeyUsages.Password.ToString(), StartDate = defaultStartDate, EndDate = defaultEndDate }; client.AddRelatedObject(serviceIdentity, "ServiceIdentityKeys", serviceIdentityKey); client.SaveChanges(SaveChangesOptions.Batch); } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }