public void DesactivateUser(string userName)
{
Logger.LogInformation($"Try to desactivate user {userName}");
using (var c = RepositoriesFactory.CreateContext())
{
var repo = RepositoriesFactory.GetUserRepository(c);
var user = repo.GetByUserName(userName);
var local = this.GetErrorStringLocalizer();
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(local["DeleteUserNoUserFound"]);
}
user.IsValid = false;
repo.Update(user);
var ucRepo = RepositoriesFactory.GetUserClientRepository(c);
foreach (var uc in ucRepo.GetAllByCriterias(user.UserName, null, null, null, 0, Int32.MaxValue))
{
uc.RefreshToken = String.Empty;
ucRepo.Update(uc);
}
c.Commit();
}
}
private string GenerateAndSaveCode(string clientPublicId, string userName, string scope)
{
var codeValue = RandomService.GenerateRandomString(CodeLenght);
using (var context = RepositoriesFactory.CreateContext())
{
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var codeRepo = RepositoriesFactory.GetCodeRepository(context);
var uc = userClientRepo.GetUserClientByClientPublicIdAndUserName(clientPublicId, userName);
codeRepo.Add(new Domain.Code()
{
CodeValue = codeValue,
ExpirationTimeStamp = new DateTimeOffset(DateTime.Now.AddSeconds(Configuration.CodeDurationInSeconds)).ToUnixTimeSeconds(),
IsValid = true,
Scope = scope,
UserClientId = uc.Id
});
context.Commit();
}
return(codeValue);
}
public void DeleteReturnUrl(DeleteReturnUrlDto toDelete)
{
this.Validate(toDelete);
var resource = this.GetErrorStringLocalizer();
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myReturnUrl = returnUrlRepo.GetById(toDelete.IdReturnUrl);
if (myReturnUrl == null)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlUnknowReturnUrl"]);
}
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toDelete.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(myReturnUrl.Client.PublicId, toDelete.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["DeleteReturnUrlBadUserNameOrClientId"]);
}
returnUrlRepo.Delete(myReturnUrl);
context.Commit();
}
}
private bool CheckIfUserHasAuthorizeOrDeniedClientAccess(string clientPublicId, string userName)
{
using (var context = RepositoriesFactory.CreateContext())
{
var clientUserRepo = RepositoriesFactory.GetUserClientRepository(context);
return(clientUserRepo.GetUserClientByClientPublicIdAndUserName(clientPublicId, userName) != null);
}
}
public int CreateReturnUrl(CreateReturnUrlDto toCreate)
{
this.Validate(toCreate);
var idCreated = 0;
var resource = this.GetErrorStringLocalizer();
if (!Uri.TryCreate(toCreate.ReturnUrl, UriKind.Absolute, out var u))
{
throw new DaOAuthServiceException(resource["CreateReturnUrlReturnUrlIncorrect"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toCreate.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(toCreate.ClientPublicId, toCreate.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlBadUserNameOrClientId"]);
}
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var client = clientRepo.GetByPublicId(toCreate.ClientPublicId);
if (client == null || !client.IsValid)
{
throw new DaOAuthServiceException(resource["CreateReturnUrlInvalidClient"]);
}
var existingReturnUrl = client.ClientReturnUrls.FirstOrDefault(c => c.ReturnUrl.Equals(toCreate.ReturnUrl, StringComparison.OrdinalIgnoreCase));
if (existingReturnUrl != null)
{
idCreated = existingReturnUrl.Id;
}
else
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
idCreated = returnUrlRepo.Add(new Domain.ClientReturnUrl()
{
ClientId = client.Id,
ReturnUrl = toCreate.ReturnUrl
});
}
context.Commit();
}
return(idCreated);
}
public void Delete(DeleteClientDto toDelete)
{
Logger.LogInformation(String.Format("Try to create delete by user {0}", toDelete != null ? toDelete.UserName : String.Empty));
Validate(toDelete);
using (var context = RepositoriesFactory.CreateContext())
{
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var clientReturnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myUser = userRepo.GetByUserName(toDelete.UserName);
if (myUser == null || !myUser.IsValid)
{
throw new DaOAuthServiceException("DeleteClientInvalidUserName");
}
var myClient = clientRepo.GetById(toDelete.Id);
if (myClient == null)
{
throw new DaOAuthServiceException("DeleteClientUnknowClient");
}
var myUserClient = userClientRepo
.GetUserClientByClientPublicIdAndUserName(myClient.PublicId, toDelete.UserName);
if (myUserClient == null || !myUserClient.Client.UserCreator.UserName.Equals(toDelete.UserName, StringComparison.OrdinalIgnoreCase))
{
throw new DaOAuthServiceException("DeleteClientWrongUser");
}
foreach (var cr in clientReturnUrlRepo.GetAllByClientPublicId(myClient.PublicId).ToList())
{
clientReturnUrlRepo.Delete(cr);
}
foreach (var cs in clientScopeRepo.GetAllByClientId(myClient.Id).ToList())
{
clientScopeRepo.Delete(cs);
}
foreach (var uc in userClientRepo.GetAllByClientId(myClient.Id).ToList())
{
userClientRepo.Delete(uc);
}
userClientRepo.Delete(myUserClient);
clientRepo.Delete(myClient);
context.Commit();
}
}
private bool CheckIfUserHasAuthorizeClient(string clientPublicId, string userName)
{
using (var context = RepositoriesFactory.CreateContext())
{
var clientUserRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = clientUserRepo.GetUserClientByClientPublicIdAndUserName(clientPublicId, userName);
return(uc != null && uc.IsActif);
}
}
public int SearchCount(UserClientSearchDto criterias)
{
Validate(criterias, ExtendValidationSearchCriterias);
var count = 0;
using (var c = RepositoriesFactory.CreateContext())
{
var userClientRepo = RepositoriesFactory.GetUserClientRepository(c);
count = userClientRepo.GetAllByCriteriasCount(criterias.UserName, criterias.Name, true, GetClientTypeId(criterias.ClientType));
}
return(count);
}
private bool CheckIfTokenIsValid(JwtTokenDto tokenDetail, IContext context)
{
if (!tokenDetail.IsValid)
{
return(false);
}
var clientUserRepo = RepositoriesFactory.GetUserClientRepository(context);
var client = clientUserRepo.GetUserClientByClientPublicIdAndUserName(tokenDetail.ClientId, tokenDetail.UserName);
return(client == null || !client.IsActif
? false
: client.RefreshToken != null && client.RefreshToken.Equals(tokenDetail.Token, StringComparison.Ordinal));
}
public void DeleteUser(string userName)
{
Logger.LogInformation($"delete user {userName}");
using (var context = RepositoriesFactory.CreateContext())
{
var userRepository = RepositoriesFactory.GetUserRepository(context);
var clientRepository = RepositoriesFactory.GetClientRepository(context);
var userClientRepository = RepositoriesFactory.GetUserClientRepository(context);
var user = userRepository.GetByUserName(userName);
var local = this.GetErrorStringLocalizer();
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(local["DeleteUserNoUserFound"]);
}
var clients = clientRepository.GetAllClientsByIdCreator(user.Id);
IList <Client> toDeleteClients = new List <Client>();
IList <UserClient> toDeleteUsersClients = new List <UserClient>();
foreach (var client in clients)
{
foreach (var uc in userClientRepository.GetAllByClientId(client.Id))
{
toDeleteUsersClients.Add(uc);
}
toDeleteClients.Add(client);
}
foreach (var uc in toDeleteUsersClients)
{
userClientRepository.Delete(uc);
}
foreach (var c in toDeleteClients)
{
clientRepository.Delete(c);
}
userRepository.Delete(user);
context.Commit();
}
}
public int CreateUserClient(CreateUserClientDto toCreate)
{
Validate(toCreate);
var id = 0;
var local = GetErrorStringLocalizer();
using (var context = RepositoriesFactory.CreateContext())
{
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toCreate.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(local["CreateUserClientInvalidUserName"]);
}
var client = clientRepo.GetByPublicId(toCreate.ClientPublicId);
if (client == null || !client.IsValid)
{
throw new DaOAuthServiceException(local["CreateUserClientInvalidClientPublicId"]);
}
var uc = userClientRepo.GetUserClientByClientPublicIdAndUserName(toCreate.ClientPublicId, toCreate.UserName);
if (uc != null)
{
throw new DaOAuthServiceException(local["CreateUserClientClientAlreadyRegister"]);
}
id = userClientRepo.Add(new UserClient()
{
ClientId = client.Id,
CreationDate = DateTime.Now,
IsActif = toCreate.IsActif,
UserId = user.Id
});
context.Commit();
}
return(id);
}
public IEnumerable <UserClientListDto> Search(UserClientSearchDto criterias)
{
Validate(criterias, ExtendValidationSearchCriterias);
IList <UserClient> clients = null;
var clientTypeId = GetClientTypeId(criterias.ClientType);
using (var context = RepositoriesFactory.CreateContext())
{
var clientRepo = RepositoriesFactory.GetUserClientRepository(context);
clients = clientRepo.GetAllByCriterias(criterias.UserName, criterias.Name,
true, clientTypeId, criterias.Skip, criterias.Limit).ToList();
}
return(clients != null?clients.ToDto(criterias.UserName) : new List <UserClientListDto>());
}
public void UpdateReturnUrl(UpdateReturnUrlDto toUpdate)
{
this.Validate(toUpdate);
var resource = this.GetErrorStringLocalizer();
if (!Uri.TryCreate(toUpdate.ReturnUrl, UriKind.Absolute, out var u))
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlReturnUrlIncorrect"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var myReturnUrl = returnUrlRepo.GetById(toUpdate.IdReturnUrl);
if (myReturnUrl == null)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlUnknowReturnUrl"]);
}
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toUpdate.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlInvalidUser"]);
}
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var uc = ucRepo.GetUserClientByClientPublicIdAndUserName(myReturnUrl.Client.PublicId, toUpdate.UserName);
if (uc == null)
{
throw new DaOAuthServiceException(resource["UpdateReturnUrlBadUserNameOrClientId"]);
}
myReturnUrl.ReturnUrl = toUpdate.ReturnUrl;
returnUrlRepo.Update(myReturnUrl);
context.Commit();
}
}
public void UpdateUserClient(UpdateUserClientDto toUpdate)
{
IList <ValidationResult> ExtendValidation(UpdateUserClientDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
using (var context = RepositoriesFactory.CreateContext())
{
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var myUc = ucRepo.GetUserClientByClientPublicIdAndUserName(toValidate.ClientPublicId, toValidate.UserName);
if (myUc == null)
{
result.Add(new ValidationResult(resource["UpdateUserClientUserOrClientNotFound"]));
}
if (myUc != null && (myUc.User == null || !myUc.User.IsValid))
{
result.Add(new ValidationResult(resource["UpdateUserClientUserNotValid"]));
}
if (myUc != null && (myUc.Client == null || !myUc.Client.IsValid))
{
result.Add(new ValidationResult(resource["UpdateUserClientClientNotValid"]));
}
}
return(result);
}
this.Validate(toUpdate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var ucRepo = RepositoriesFactory.GetUserClientRepository(context);
var myUc = ucRepo.GetUserClientByClientPublicIdAndUserName(toUpdate.ClientPublicId, toUpdate.UserName);
myUc.IsActif = toUpdate.IsActif;
ucRepo.Update(myUc);
context.Commit();
}
}
private TokenInfoDto GenerateAccessTokenAndUpdateRefreshToken(AskTokenDto tokenInfo, IContext context, string userName)
{
TokenInfoDto toReturn;
var newRefreshToken = JwtService.GenerateToken(new CreateTokenDto()
{
ClientPublicId = tokenInfo.ClientPublicId,
Scope = tokenInfo.Scope,
SecondsLifeTime = Configuration.RefreshTokenLifeTimeInSeconds,
TokenName = OAuthConvention.RefreshToken,
UserName = userName
});
var accesToken = JwtService.GenerateToken(new CreateTokenDto()
{
ClientPublicId = tokenInfo.ClientPublicId,
Scope = tokenInfo.Scope,
SecondsLifeTime = Configuration.AccesTokenLifeTimeInSeconds,
TokenName = OAuthConvention.AccessToken,
UserName = userName
});
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var myUc = userClientRepo.GetUserClientByClientPublicIdAndUserName(tokenInfo.ClientPublicId, userName);
myUc.RefreshToken = newRefreshToken.Token;
userClientRepo.Update(myUc);
toReturn = new TokenInfoDto()
{
AccessToken = accesToken.Token,
ExpireIn = Configuration.AccesTokenLifeTimeInSeconds,
RefreshToken = newRefreshToken.Token,
Scope = tokenInfo.Scope,
TokenType = OAuthConvention.AccessToken
};
return(toReturn);
}
public ClientDto Update(UpdateClientDto toUpdate)
{
IList <ValidationResult> ExtendValidation(UpdateClientDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (toValidate.ReturnUrls == null || toValidate.ReturnUrls.Count() == 0)
{
result.Add(new ValidationResult(resource["UpdateClientDtoDefaultReturnUrlRequired"]));
}
if (toValidate.ReturnUrls != null)
{
foreach (var ur in toValidate.ReturnUrls)
{
if (!Uri.TryCreate(ur, UriKind.Absolute, out var u))
{
result.Add(new ValidationResult(resource["UpdateClientDtoReturnUrlIncorrect"]));
}
}
}
if (toValidate.ClientType != ClientTypeName.Confidential && toValidate.ClientType != ClientTypeName.Public)
{
result.Add(new ValidationResult(resource["UpdateClientDtoTypeIncorrect"]));
}
if (!toValidate.ClientSecret.IsMatchClientSecretPolicy())
{
result.Add(new ValidationResult(resource["UpdateClientDtoClientSecretDontMatchPolicy"]));
}
return(result);
}
Logger.LogInformation(String.Format("Try to update client for user {0}", toUpdate != null ? toUpdate.UserName : String.Empty));
Validate(toUpdate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var resource = this.GetErrorStringLocalizer();
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var scopeRepo = RepositoriesFactory.GetScopeRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientReturnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var myClient = clientRepo.GetById(toUpdate.Id);
if (myClient == null || !myClient.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidClient"]);
}
var ucs = userClientRepo.GetAllByCriterias(toUpdate.UserName, toUpdate.Name, null, null, 0, 50);
if (ucs != null && ucs.Count() > 0)
{
var myUc = ucs.First();
if (myUc.ClientId != myClient.Id)
{
throw new DaOAuthServiceException(resource["UpdateClientNameAlreadyUsed"]);
}
}
var cl = clientRepo.GetByPublicId(toUpdate.PublicId);
if (cl != null && cl.Id != myClient.Id)
{
throw new DaOAuthServiceException(resource["UpdateClientpublicIdAlreadyUsed"]);
}
var scopes = scopeRepo.GetAll();
if (toUpdate.ScopesIds != null)
{
IList <int> ids = scopes.Select(s => s.Id).ToList();
foreach (var scopeId in toUpdate.ScopesIds)
{
if (!ids.Contains(scopeId))
{
throw new DaOAuthServiceException(resource["UpdateClientScopeDontExists"]);
}
}
}
var myUser = userRepo.GetByUserName(toUpdate.UserName);
if (myUser == null || !myUser.IsValid)
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidUser"]);
}
var myUserClient = userClientRepo.
GetUserClientByClientPublicIdAndUserName(myClient.PublicId, toUpdate.UserName);
if (myUserClient == null || !myUserClient.Client.UserCreator.UserName.Equals(toUpdate.UserName, StringComparison.OrdinalIgnoreCase))
{
throw new DaOAuthServiceException(resource["UpdateClientInvalidUser"]);
}
// update returns urls
foreach (var ru in clientReturnUrlRepo.GetAllByClientPublicId(myClient.PublicId).ToList())
{
clientReturnUrlRepo.Delete(ru);
}
foreach (var ru in toUpdate.ReturnUrls)
{
clientReturnUrlRepo.Add(new ClientReturnUrl()
{
ClientId = myClient.Id,
ReturnUrl = ru
});
}
// updates clients scopes
foreach (var s in clientScopeRepo.GetAllByClientId(myClient.Id).ToList())
{
clientScopeRepo.Delete(s);
}
if (toUpdate.ScopesIds != null)
{
foreach (var s in toUpdate.ScopesIds)
{
clientScopeRepo.Add(new ClientScope()
{
ClientId = myClient.Id,
ScopeId = s
});
}
}
// update client
myClient.ClientSecret = toUpdate.ClientSecret;
myClient.ClientTypeId = toUpdate.ClientType.Equals(
ClientTypeName.Confidential, StringComparison.OrdinalIgnoreCase)
? (int)EClientType.CONFIDENTIAL : (int)EClientType.PUBLIC;
myClient.Description = toUpdate.Description;
myClient.Name = toUpdate.Name;
myClient.PublicId = toUpdate.PublicId;
clientRepo.Update(myClient);
context.Commit();
return(myClient.ToDto(true));
}
}
public int CreateClient(CreateClientDto toCreate)
{
IList <ValidationResult> ExtendValidation(CreateClientDto toValidate)
{
var resource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (toValidate.ReturnUrls == null || toValidate.ReturnUrls.Count() == 0)
{
result.Add(new ValidationResult(resource["CreateClientDtoDefaultReturnUrlRequired"]));
}
foreach (var ur in toValidate.ReturnUrls)
{
if (!Uri.TryCreate(ur, UriKind.Absolute, out var u))
{
result.Add(new ValidationResult(resource["CreateClientDtoReturnUrlIncorrect"]));
}
}
if (toValidate.ClientType != ClientTypeName.Confidential && toValidate.ClientType != ClientTypeName.Public)
{
result.Add(new ValidationResult(resource["CreateClientDtoTypeIncorrect"]));
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(toValidate.UserName);
if (user == null || !user.IsValid)
{
result.Add(new ValidationResult(String.Format(resource["CreateClientDtoInvalidUser"], toCreate.UserName)));
}
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
if (!String.IsNullOrEmpty(toValidate.Name) && userClientRepo.GetAllByCriteriasCount(toValidate.UserName, toValidate.Name, null, null) > 0)
{
result.Add(new ValidationResult(resource["CreateClientDtoNameAlreadyUse"]));
}
}
return(result);
}
Logger.LogInformation(String.Format("Try to create client by user {0}", toCreate != null ? toCreate.UserName : String.Empty));
this.Validate(toCreate, ExtendValidation);
using (var context = RepositoriesFactory.CreateContext())
{
var returnUrlRepo = RepositoriesFactory.GetClientReturnUrlRepository(context);
var clientRepo = RepositoriesFactory.GetClientRepository(context);
var userClientRepo = RepositoriesFactory.GetUserClientRepository(context);
var userRepo = RepositoriesFactory.GetUserRepository(context);
var clientScopeRepo = RepositoriesFactory.GetClientScopeRepository(context);
var user = userRepo.GetByUserName(toCreate.UserName);
var client = new Client()
{
ClientSecret = RandomService.GenerateRandomString(16),
ClientTypeId = toCreate.ClientType.Equals(ClientTypeName.Confidential, StringComparison.OrdinalIgnoreCase) ? (int)EClientType.CONFIDENTIAL : (int)EClientType.PUBLIC,
CreationDate = DateTime.Now,
Description = toCreate.Description,
IsValid = true,
Name = toCreate.Name,
PublicId = RandomService.GenerateRandomString(16),
UserCreatorId = user.Id
};
clientRepo.Add(client);
foreach (var ur in toCreate.ReturnUrls)
{
var clientReturnUrl = new ClientReturnUrl()
{
ReturnUrl = ur,
ClientId = client.Id
};
returnUrlRepo.Add(clientReturnUrl);
}
var userClient = new UserClient()
{
ClientId = client.Id,
CreationDate = DateTime.Now,
IsActif = true,
RefreshToken = String.Empty,
UserId = user.Id
};
userClientRepo.Add(userClient);
if (toCreate.ScopesIds != null)
{
foreach (var sId in toCreate.ScopesIds)
{
clientScopeRepo.Add(new ClientScope()
{
ClientId = client.Id,
ScopeId = sId
});
}
}
context.Commit();
return(client.Id);
}
}