/// <summary>
/// Stores a client SID and secret so that push notifications can be sent to that app.
/// </summary>
/// <param name="id">The Package Security Identifier (SID) of the client app.</param>
/// <param name="clientSecret">The client secret of the app.</param>
/// <returns>The asynchronous operation.</returns>
public async Task Put(string id, string clientSecret)
{
var client = new PushNotificationClientEntity(id, clientSecret);
this.ClientTable.AddObject(client);
await this.ClientTable.SaveChangesAsync();
}
public async Task <ActionResult> PutClient(PushNotificationClientEntity clientEntity)
{
Requires.NotNull(clientEntity, "clientEntity");
if (this.TryValidateModel(clientEntity))
{
clientEntity.ClientSecret = clientEntity.ClientSecret.Trim();
clientEntity.PackageSecurityIdentifier = clientEntity.PackageSecurityIdentifier.Trim();
// Check that the credentials are accurate before storing them. This prevents DoS
// attacks where folks could specify the wrong client secret for an existing registration
// to thwart obtaining access tokens in the future.
await clientEntity.AcquireWnsPushBearerTokenAsync(this.HttpClient);
if (clientEntity.AccessToken != null)
{
var existingClient = await this.ClientTable.GetAsync(clientEntity.PackageSecurityIdentifier);
if (existingClient != null)
{
existingClient.ClientSecret = clientEntity.ClientSecret;
existingClient.AccessToken = clientEntity.AccessToken;
this.ClientTable.UpdateObject(existingClient);
}
else
{
// Recreate with only the whitelisted properties copied over, to mitigate against
// artificially created posts that include more properties than we intend to allow
// the client to submit.
var newClient = new PushNotificationClientEntity(
clientEntity.PackageSecurityIdentifier, clientEntity.ClientSecret);
newClient.AccessToken = clientEntity.AccessToken;
this.ClientTable.AddObject(newClient);
}
await this.ClientTable.SaveChangesAsync();
this.ViewData["Successful"] = true;
}
}
return(this.View());
}
