public async Task <UserSettingsListModel> GetAllAsync(string userId) { UserSettingsInput input = new UserSettingsInput { UserId = userId, }; return(await this.container.GetAllAsync(input)); }
public async Task <UserSettingsModel> GetAsync(string userId, string setting) { UserSettingsInput input = new UserSettingsInput { UserId = userId, SettingKey = setting, }; return(await this.container.GetAsync(input)); }
public async Task <UserSettingsModel> PutAsync(string userId, string setting, string value) { UserSettingsInput input = new UserSettingsInput { UserId = userId, SettingKey = setting, Value = value, }; return(await this.container.UpdateAsync(input)); }
public async Task <UserSettingsModel> CreateUserSettings(Invitation invitation, string userId) { UserSettingsInput settingsInput = new UserSettingsInput { UserId = userId, SettingKey = "InviteUserMetaData", Value = invitation.InviteUserMetaData, }; return(await this.userSettingsContainer.CreateAsync(settingsInput)); }
private async Task CleanupUserSettingsIfUserHasNoOtherTenants(UserTenantModel userTenantModel) { if (userTenantModel != null) { bool userHasOtherTenants = await this.DoesUserHaveAnyOtherTenants(userTenantModel.UserId); if (!userHasOtherTenants) { UserSettingsInput settingsInput = new UserSettingsInput(); settingsInput.UserId = userTenantModel.UserId; UserSettingsListModel userSettings = await this.settingsContainer.GetAllAsync(settingsInput); if (userSettings != null && userSettings.Models != null) { foreach (UserSettingsModel settingsModel in userSettings.Models) { settingsInput.UserId = settingsModel.UserId; settingsInput.SettingKey = settingsModel.SettingKey; await this.settingsContainer.DeleteAsync(settingsInput); } } } } }
public async Task <JwtSecurityToken> GetIdentityToken(List <Claim> claims, string tenant, string audience, DateTime?expiration) { // add iat claim var timeSinceEpoch = DateTime.UtcNow.ToEpochTime(); claims.Add(new Claim("iat", timeSinceEpoch.ToString(), ClaimValueTypes.Integer)); var userId = claims.First(t => t.Type == "sub").Value; // Create a userTenantInput for the purpose of finding the full tenant list associated with this user UserTenantInput tenantInput = new UserTenantInput { UserId = userId, }; UserTenantListModel tenantsModel = await this.userTenantContainer.GetAllAsync(tenantInput); List <UserTenantModel> tenantList = tenantsModel.Models; // User did not specify the tenant to log into so get the default or last used if (string.IsNullOrEmpty(tenant)) { // authState has no tenant, so we should use either the User's last used tenant, or the first tenant available to them // Create a UserSettingsInput for the purpose of finding the LastUsedTenant setting for this user this.logger.LogInformation("User did not specify Tenant so default/last used tenant is set."); UserSettingsInput settingsInput = new UserSettingsInput { UserId = userId, SettingKey = "LastUsedTenant", }; UserSettingsModel lastUsedSetting = await this.userSettingsContainer.GetAsync(settingsInput); // Has last used tenant and it is in the list if (lastUsedSetting != null && tenantList.Count(t => t.TenantId == lastUsedSetting.Value) > 0) { tenant = lastUsedSetting.Value; } if (string.IsNullOrEmpty(tenant) && tenantList.Count > 0) { tenant = tenantList.First() .TenantId; // Set the tenant to the first tenant in the list of tenants for this user } } // If User not associated with Tenant then dont add claims return token without if (tenant != null) { UserTenantInput input = new UserTenantInput { UserId = userId, Tenant = tenant, }; UserTenantModel tenantModel = await this.userTenantContainer.GetAsync(input); // Add Tenant claims.Add(new Claim("tenant", tenantModel.TenantId)); // Add Roles tenantModel.RoleList.ForEach(role => claims.Add(new Claim("role", role))); // Settings Update LastUsedTenant UserSettingsInput settingsInput = new UserSettingsInput { UserId = claims.Where(c => c.Type == "sub").First().Value, SettingKey = "LastUsedTenant", Value = tenant, }; // Update if name is not the same await this.userSettingsContainer.UpdateAsync(settingsInput); if (tenantModel.Name != claims.Where(c => c.Type == "name").First().Value) { input.Name = claims.Where(c => c.Type == "name").First().Value; await this.userTenantContainer.UpdateAsync(input); } } DateTime expirationDateTime = expiration ?? DateTime.Now.AddDays(30); // add all tenants they have access to claims.AddRange(tenantList.Select(t => new Claim("available_tenants", t.TenantId))); // Token to String so you can use it in your client var token = this.MintToken(claims, audience, expirationDateTime); return(token); }
public async Task <object> PostAsync( [FromForm] string state, [FromForm] string id_token, [FromForm] string error, [FromForm] string error_description) { if (!string.IsNullOrEmpty(error)) { // If there was an error returned from B2C, throw it as an expcetion throw new Exception($"Azure B2C returned an error: {{{error}: {error_description}}}"); } AuthState authState = null; try { authState = JsonConvert.DeserializeObject <AuthState>(state); } catch (Exception e) { throw new Exception("Invlid state from authentication redirect", e); } var originalAudience = authState.ClientId; // Bring over Subject and Name var jwtHandler = new JwtSecurityTokenHandler(); var jwt = jwtHandler.ReadJwtToken(id_token); var claims = jwt.Claims.Where(t => new List <string> { "sub", "name" }.Contains(t.Type)).ToList(); string invitedTenant = authState.Tenant; string userNameOrEmail = string.Empty; // If theres an invitation token then add user to tenant if (!string.IsNullOrEmpty(authState.Invitation)) { var inviteJWT = jwtHandler.ReadJwtToken(authState.Invitation); string inviteUserId = inviteJWT.Claims.Where(c => c.Type == "userId").First().Value; string newUserId = claims.Where(c => c.Type == "sub").First().Value; invitedTenant = inviteJWT.Claims.Where(c => c.Type == "tenant").First().Value; // Extract first email var emailClaim = jwt.Claims.Where(t => t.Type == "emails").FirstOrDefault(); if (emailClaim != null) { claims.Add(new Claim("email", emailClaim.Value)); var userName = claims.Where(c => c.Type == "name").FirstOrDefault(); if (userName == null) { // Adding the name to claims as the update name code block fails inside method GetIdentityToken in JwtHelpers claims.Add(new Claim("name", emailClaim.Value)); userNameOrEmail = emailClaim.Value; } else { userNameOrEmail = userName.Value; } } UserTenantInput userTenant = new UserTenantInput() { UserId = newUserId, Tenant = invitedTenant, Roles = JsonConvert.SerializeObject(inviteJWT.Claims.Where(c => c.Type == "role").Select(c => c.Value).ToList()), Type = "Member", Name = userNameOrEmail, }; await this.userTenantContainer.UpdateAsync(userTenant); UserSettingsInput userSettings = new UserSettingsInput() { UserId = newUserId, SettingKey = "inviteId", Value = inviteUserId, }; // Store invite Id await this.userSettingsContainer.UpdateAsync(userSettings); // Transfer settings to new userID await this.userSettingsContainer.UpdateUserIdAsync(inviteUserId, newUserId); try { // Delete placeholder for invite userTenant.UserId = inviteUserId; await this.userTenantContainer.DeleteAsync(userTenant); } catch (Exception) { // Do nothing, delete will fail only for scenarios where the update is incorrectly working or if the invited user gets deleted for some reason. // Not throwing an exception because a delete failure will not break the code however there will be some unused invites } } if (!string.IsNullOrEmpty(authState.Nonce)) { claims.Add(new Claim("nonce", authState.Nonce)); } string tokenString = jwtHandler.WriteToken(await this.jwtHelper.GetIdentityToken(claims, invitedTenant, originalAudience, null)); // Build Return Uri var returnUri = new UriBuilder(authState.ReturnUrl); // Need to build Query carefully to not clobber other query items -- just injecting state // var query = HttpUtility.ParseQueryString(returnUri.Query); // query["state"] = HttpUtility.UrlEncode(authState.state); // returnUri.Query = query.ToString(); returnUri.Fragment = "id_token=" + tokenString + "&state=" + HttpUtility.UrlEncode(authState .State); // pass token in Fragment for more security (Browser wont forward...) return(this.Redirect(returnUri.Uri.ToString())); }
public UserSettingsModel(UserSettingsInput input) { this.PartitionKey = input.UserId; this.RowKey = input.SettingKey; this.Value = input.Value; }