예제 #1
0
        public static void AddIdentity(this ManagementService svc, 
            Credentials serviceIdentity, DateTime startDate, DateTime endDate)
        {
            Contract.Requires(svc != null);
            Contract.Requires(serviceIdentity != null);
            Contract.Requires(startDate != default(DateTime));
            Contract.Requires(endDate > startDate);

            var sid = new ServiceIdentity()
            {
                Name = serviceIdentity.UserName
            };

            var key = new ServiceIdentityKey()
            {
                StartDate = startDate,
                EndDate = endDate,
                Type = "Password",
                Usage = "Password",
                Value = Encoding.UTF8.GetBytes(serviceIdentity.Password),
                DisplayName = string.Format(CultureInfo.InvariantCulture,
                    "{0} key for {1}", "Password", serviceIdentity.UserName)
            };

            svc.AddToServiceIdentities(sid);

            svc.AddRelatedObject(sid, "ServiceIdentityKeys", key);

            svc.SaveChanges(SaveChangesOptions.Batch);
        }
예제 #2
0
        private async static Task<string> GetTokenFromACS(string acsNamespace,
            Credentials credentials)
        {
            var client = new HttpClient();

            client.BaseAddress = new Uri(string.Format(CultureInfo.CurrentCulture,
                "https://{0}.{1}", acsNamespace, ACSHOSTNAME));

            var content = new FormUrlEncodedContent(new[] 
            {
                new KeyValuePair<string, string>("grant_type",
                    "client_credentials"),
                new KeyValuePair<string, string>("client_id",
                    credentials.UserName),
                new KeyValuePair<string, string>("client_secret", 
                    credentials.Password),
                new KeyValuePair<string, string>("scope", 
                    client.BaseAddress + ACSMANAGEMENTSERVICE)
            });

            var response = await client.PostAsync("/v2/OAuth2-13", content);

            response.EnsureSuccessStatusCode();

            var json = await response.Content.ReadAsStringAsync();

            var data = JObject.Parse(json);

            return data["access_token"].ToString();
        }
예제 #3
0
        public static ManagementService CreateManagementServiceClient(
            string acsNamespace, Credentials credentials)
        {
            Contract.Requires(acsNamespace.IsAcsNamespace());
            Contract.Requires(credentials != null);

            var endpoint = string.Format(
                CultureInfo.InvariantCulture, "https://{0}.{1}/{2}",
                acsNamespace, ACSHOSTNAME, ACSMANAGEMENTSERVICE);

            var managementService = new ManagementService(new Uri(endpoint));

            managementService.SendingRequest += (s, e) =>
            {
                if (cachedSwtToken == null)
                {
                    cachedSwtToken = AsyncContext.Run<string>(() =>
                        GetTokenFromACS(acsNamespace, credentials));
                }

                e.Request.Headers.Add(
                    HttpRequestHeader.Authorization, "Bearer " + cachedSwtToken);
            };

            return managementService;
        }
예제 #4
0
        public static void DeleteExistingEntries(this ManagementService svc, Uri realm,
            Credentials serviceIdentity, string ruleGroupName)
        {
            Contract.Requires(svc != null);
            Contract.Requires(realm != null);
            Contract.Requires(realm.IsAbsoluteUri);
            Contract.Requires(realm.AbsolutePath == "/");
            Contract.Requires(serviceIdentity != null);
            Contract.Requires(!string.IsNullOrWhiteSpace(ruleGroupName));

            svc.DeleteRelyingPartyByRealmIfExists(realm.AbsoluteUri);
            svc.DeleteServiceIdentityIfExists(serviceIdentity.UserName);
            svc.DeleteRuleGroupByNameIfExists(ruleGroupName);

            svc.SaveChanges(SaveChangesOptions.Batch);
        }
예제 #5
0
        public static void Init(string fileName)
        {
            Contract.Requires(!string.IsNullOrWhiteSpace(fileName));
            Contract.Requires(File.Exists(fileName));

            var doc = XDocument.Load(fileName);

            var root = doc.Element("settings");

            AcsNamespace = root.Element("acsNamespace").Value;
            TokenLifetime = (int)root.Element("tokenLifetime");

            var keyLifetime = (int)root.Element("keyLifetime");
            var servicePassword = root.Element("servicePassword").Value;
            var signingPassword = root.Element("signingPassword").Value;
            var namePrefix = root.Element("namePrefix").Value;
            var authority = new Uri(root.Element("authority").Value);

            Contract.Assert(AcsNamespace.IsAcsNamespace());
            Contract.Assert(TokenLifetime >= 1);
            Contract.Assert(keyLifetime >= 1);
            Contract.Assert(!string.IsNullOrWhiteSpace(servicePassword));
            Contract.Assert(!string.IsNullOrWhiteSpace(signingPassword));
            Contract.Assert(!string.IsNullOrWhiteSpace(namePrefix));
            Contract.Assert(authority.IsAbsoluteUri);
            Contract.Assert(authority.AbsolutePath == "/");

            Realm = new Uri(authority.AbsoluteUri + "Users/");

            RelyingParty = namePrefix + " Relying Party";
            RuleGroup = namePrefix + " Rule Group";

            KeyStartDate = DateTime.UtcNow.Date;
            KeyEndDate = KeyStartDate.AddMonths(keyLifetime);

            ServiceIdentity = new Credentials(
                 namePrefix + " Service Identity", servicePassword);

            TokenSigningKey = Encoding.UTF8.GetBytes(signingPassword);
        }