public async Task <SharedAccount> CreateSharedAccountAsync(SharedAccountAddModel sharedAccountModel) { if (sharedAccountModel == null) { throw new ArgumentNullException(nameof(sharedAccountModel)); } _dataProtectionService.Validate(); var sharedAccount = new SharedAccount() { Name = sharedAccountModel.Name, Urls = Validation.VerifyUrls(sharedAccountModel.Urls), Apps = sharedAccountModel.Apps, Login = await ValidateAccountNameAndLoginAsync(sharedAccountModel.Name, sharedAccountModel.GetLogin()), LoginType = sharedAccountModel.LoginType, Password = _dataProtectionService.Encrypt(sharedAccountModel.Password), PasswordChangedAt = DateTime.UtcNow }; if (!string.IsNullOrWhiteSpace(sharedAccountModel.OtpSecret)) { Validation.VerifyOtpSecret(sharedAccountModel.OtpSecret); sharedAccount.OtpSecret = _dataProtectionService.Encrypt(sharedAccountModel.OtpSecret); sharedAccount.OtpSecretChangedAt = DateTime.UtcNow; } return(await _sharedAccountRepository.AddAsync(sharedAccount)); }
public async Task ExecuteRemoteTasks(string vaultId, Device remoteDevice, bool primaryAccountOnly) { _dataProtectionService.Validate(); var vault = await _hardwareVaultService.GetVaultByIdAsync(vaultId); if (vault == null) { throw new HESException(HESCode.HardwareVaultNotFound); } // Tasks query var query = _hardwareVaultTaskService .TaskQuery() .Include(t => t.HardwareVault) .Include(t => t.Account) .Where(t => t.HardwareVaultId == vaultId); if (primaryAccountOnly) { query = query.Where(x => x.AccountId == vault.Employee.PrimaryAccountId || x.Operation == TaskOperation.Primary); } query = query.OrderBy(x => x.CreatedAt).AsNoTracking(); var tasks = await query.ToListAsync(); while (tasks.Any()) { foreach (var task in tasks) { task.Password = _dataProtectionService.Decrypt(task.Password); task.OtpSecret = _dataProtectionService.Decrypt(task.OtpSecret); await ExecuteRemoteTask(remoteDevice, task); await TaskCompleted(task.Id); } tasks = await query.ToListAsync(); } await _hardwareVaultService.UpdateNeedSyncAsync(vault, false); await _synchronizationService.HardwareVaultStateChanged(vault.Id); }
public async Task AddHardwareVaultAsync(string employeeId, string vaultId) { if (employeeId == null) { throw new ArgumentNullException(nameof(employeeId)); } if (vaultId == null) { throw new ArgumentNullException(nameof(vaultId)); } _dataProtectionService.Validate(); var employee = await GetEmployeeByIdAsync(employeeId); if (employee == null) { throw new Exception("Employee not found"); } if (employee.HardwareVaults.Count > 0) { throw new Exception("Cannot add more than one hardware vault."); } var vault = await _hardwareVaultService.GetVaultByIdAsync(vaultId); if (vault == null) { throw new Exception($"Vault {vault} not found"); } if (vault.Status != VaultStatus.Ready) { throw new Exception($"Vault {vaultId} in a status that does not allow to reserve."); } vault.EmployeeId = employeeId; vault.Status = VaultStatus.Reserved; vault.IsStatusApplied = false; vault.MasterPassword = _dataProtectionService.Encrypt(GenerateMasterPassword()); var accounts = await GetAccountsByEmployeeIdAsync(employeeId); var tasks = new List <HardwareVaultTask>(); // Create a task for accounts that were created without a vault foreach (var account in accounts.Where(x => x.Password != null)) { tasks.Add(_hardwareVaultTaskService.GetAccountCreateTask(vault.Id, account.Id, account.Password, account.OtpSecret)); } if (tasks.Count > 0) { vault.NeedSync = true; } using (TransactionScope transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled)) { await _hardwareVaultService.UpdateVaultAsync(vault); await _hardwareVaultService.CreateVaultActivationAsync(vaultId); if (tasks.Count > 0) { await _hardwareVaultTaskService.AddRangeTasksAsync(tasks); } transactionScope.Complete(); } }