public JobController(IAadHelperProvider aadHelperProvider) { this.aadHelperProvider = aadHelperProvider; }
public ResetStatusController(IAadHelperProvider aadHelperProvider) { this.aadHelperProvider = aadHelperProvider; }
public UserInfoController(IAadHelperProvider aadHelperProvider) { this.aadHelperProvider = aadHelperProvider; }
public FieldEngineerDBCleanup(IAadHelperProvider aadHelperProvider) { this.aadHelperProvider = aadHelperProvider; }
public override void OnAuthorization(HttpActionContext actionContext) { if (actionContext == null) { throw new ArgumentNullException("actionContext"); } // Check whether we are running in a mode where local host access is allowed through without authentication. if (!this.isInitialized) { HttpConfiguration config = actionContext.ControllerContext.Configuration; this.isHosted = config.GetIsHosted(); this.aadHelperProvider = config.DependencyResolver.GetService <IAadHelperProvider>(); this.isInitialized = true; } ApiController controller = actionContext.ControllerContext.Controller as ApiController; if (!this.isHosted && actionContext.RequestContext.IsLocal) { var localUser = new ServiceUser(); var providerIdentitiesProperty = typeof(ServiceUser).GetProperty("ProviderIdentities", BindingFlags.Instance | BindingFlags.NonPublic | BindingFlags.Public); var providerIdentities = (Collection <ProviderCredentials>)providerIdentitiesProperty.GetValue(localUser); providerIdentities.Add(new AzureActiveDirectoryCredentials { ObjectId = LocalUserObjectId }); localUser.AddIdentity(new ClaimsIdentity()); if (controller != null) { controller.User = localUser; } // Test validation of group membership IEnumerable <string> testGroupValues; if (actionContext.Request.Headers.TryGetValues(TestUserGroupHeaderName, out testGroupValues)) { var testGroup = testGroupValues.FirstOrDefault(); if (testGroup != null) { if (this.Group.ToString().Equals(testGroup, StringComparison.OrdinalIgnoreCase)) { // Ok, continue } else { // Wrong group actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User is not logged in or not a member of the required group"); } } } return; } if (this.aadHelperProvider == null) { Trace.TraceError("Could not resolve depdendency for 'IAadHelperProvider' in AuthorizeAadGroupAttribute"); } bool isAuthorized = false; if (controller != null && this.aadHelperProvider != null) { string groupId = this.aadHelperProvider.GetGroupId(this.Group); if (!string.IsNullOrEmpty(groupId)) { ServiceUser serviceUser = controller.User as ServiceUser; if (serviceUser != null && serviceUser.Level == AuthorizationLevel.User) { var idents = serviceUser.GetIdentitiesAsync().Result; var clientAadCredentials = idents.OfType <AzureActiveDirectoryCredentials>().FirstOrDefault(); if (clientAadCredentials != null) { string accessToken = this.aadHelperProvider.GetAccessToken(); CallContext currentCallContext = new CallContext(accessToken, Guid.NewGuid()); GraphConnection graphConnection = new GraphConnection(currentCallContext); bool isMember = graphConnection.IsMemberOf(groupId, clientAadCredentials.ObjectId); if (isMember) { isAuthorized = true; } } } } } if (!isAuthorized) { actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User is not logged in or not a member of the required group"); } }
public static void SendEmail(ApiServices services, Job job, string aadObjectId, IAadHelperProvider aadHelperProvider) { var htmlContent = GetJobDetailsInHTML(job); string accessToken = aadHelperProvider.GetAccessToken(); string agentName = aadHelperProvider.GetUserDisplayName(aadObjectId, accessToken); string managerEmail = aadHelperProvider.GetManagerEmail(aadObjectId, accessToken); if (managerEmail == null) { // No e-mail (possibly running locally) return; } try { // Read values from service app settings string fromEmailId = services.Settings["SendGridFromEmailId"]; string fromEmailUserName = services.Settings["SendGridFromEmailUserName"]; string sendGridUserName = services.Settings["SendGridUserName"]; string sendGridPassword = services.Settings["SendGridPassword"]; if (string.IsNullOrEmpty(fromEmailId) || string.IsNullOrEmpty(fromEmailUserName) || string.IsNullOrEmpty(sendGridUserName) || string.IsNullOrEmpty(sendGridPassword)) { services.Log.Warn("SendGrid is not properly configured, skipping sending e-mail."); return; } SendGrid jobCompleteEmailMessage = SendGrid.GetInstance(); jobCompleteEmailMessage.AddTo(managerEmail); jobCompleteEmailMessage.From = new MailAddress(fromEmailId, fromEmailUserName); jobCompleteEmailMessage.Subject = "Job Complete Report from:" + agentName; jobCompleteEmailMessage.Html = htmlContent; var credentials = new NetworkCredential(sendGridUserName, sendGridPassword); // Create a REST transport for sending email. var transportREST = Web.GetInstance(credentials); transportREST.Deliver(jobCompleteEmailMessage); services.Log.Info("Job complete email sent for jobId: " + job.Id); } catch (Exception ex) { services.Log.Error("Error sending email: " + ex.Message); } }