public bool Create(ServerDto serverDto, string tenantName, CertificateDto certificate, Token token)
{
tenantName = Uri.EscapeDataString(tenantName);
var url = string.Format(ServiceConfigManager.CertificatesEndPoint, serverDto.Protocol, serverDto.ServerName, serverDto.Port, tenantName);
var json = JsonConvert.Serialize(certificate);
json = SerializationJsonHelper.Cleanup (json);
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
var requestConfig = new RequestSettings
{
Method = HttpMethod.Post,
};
var headers = ServiceHelper.AddHeaders(ServiceConfigManager.JsonContentType);
json = "access_token=" + token.AccessToken + "&token_type=" + token.TokenType.ToString().ToLower() + "&" + json;
var response = _webRequestManager.GetResponse(url, requestConfig, headers, null, json);
return string.IsNullOrEmpty(response);
}
public override void AwakeFromNib ()
{
base.AwakeFromNib ();
_certificates = new List<CertificateDto> ();
_currentStep = WizardSteps.One;
SetWizardStep ();
ReloadCertificates ();
//Events
this.BtnTestConnection.Activated += TestConnection;
this.BtnNext.Activated += OnClickNextButton;
this.BtnBack.Activated += OnClickBackButton;
this.BtnAddCertificate.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
var cert = new X509Certificate2 ();
ActionHelper.Execute (delegate() {
cert.Import (filePath);
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(), Chain = cert.GetFormattedThumbPrint()};
_certificates.Add(certfificateDto);
ReloadCertificates();
});
}
};
this.RdoIdentitySource.Activated += (object sender, EventArgs e) =>
{
SetSpnControls();
};
this.RdoDomainController.Activated += (object sender, EventArgs e) =>
{
var anyDc = RdoDomainController.SelectedTag == 1;
if(anyDc)
{
SetConnectionString();
}
else
{
TxtLdapConnection.StringValue = (NSString) string.Empty;
}
ChkProtect.Enabled = anyDc;
EnableDisableConnectionString(!anyDc);
};
this.BtnRemoveCertificate.Activated += (object sender, EventArgs e) => {
if (LstCertificates.SelectedRows.Count > 0) {
foreach (var row in LstCertificates.SelectedRows) {
_certificates.RemoveAt ((int)row);
}
ReloadCertificates();
}
};
this.BtnPrimaryImport.Activated += (object sender, EventArgs e) => {
};
this.BtnSecondaryImport.Activated += (object sender, EventArgs e) => {
};
this.TxtDomainName.Changed += (object sender, EventArgs e) => {
SetConnectionString();
};
this.ChkProtect.Activated += (object sender, EventArgs e) => {
SetConnectionString();
};
this.RdoSpn.Activated += (object sender, EventArgs e) => {
SetSpnControls();
};
BtnPrimaryImport.Enabled = false;
BtnSecondaryImport.Enabled = false;
this.TxtPrimaryUrl.Activated += (object sender, EventArgs e) =>
{
BtnPrimaryImport.Enabled = this.TxtPrimaryUrl.StringValue!= null && this.TxtPrimaryUrl.StringValue.StartsWith("ldaps://");
};
this.TxtSecondaryConnection.Activated += (object sender, EventArgs e) =>
{
BtnSecondaryImport.Enabled = this.TxtSecondaryConnection.StringValue!= null && this.TxtSecondaryConnection.StringValue.StartsWith("ldaps://");
};
BtnPrimaryImport.Activated += (object sender, EventArgs e) =>
{
ImportCertificates(TxtPrimaryUrl.StringValue);
};
BtnSecondaryImport.Activated += (object sender, EventArgs e) =>
{
ImportCertificates(TxtSecondaryConnection.StringValue);
};
if (IdentityProviderDto != null)
DtoToView ();
else
IdentityProviderDto = new IdentityProviderDto ();
this.BtnAdvanced.Activated += (object sender, EventArgs e) =>
{
var form = new ExternalDomainAdvancedSettingsController ()
{
IdentityProviderDto = new IdentityProviderDto
{
Schema = IdentityProviderDto.Schema == null ? new Dictionary<string, SchemaObjectMappingDto>() :new Dictionary<string, SchemaObjectMappingDto>(IdentityProviderDto.Schema),
AttributesMap = IdentityProviderDto.AttributesMap == null ? new Dictionary<string, string>() : new Dictionary<string, string>(IdentityProviderDto.AttributesMap),
BaseDnForNestedGroupsEnabled = IdentityProviderDto.BaseDnForNestedGroupsEnabled,
MatchingRuleInChainEnabled = IdentityProviderDto.MatchingRuleInChainEnabled,
DirectGroupsSearchEnabled = IdentityProviderDto.DirectGroupsSearchEnabled
}
};
var result = NSApplication.SharedApplication.RunModalForWindow (form.Window);
if(result == 1)
{
IdentityProviderDto.Schema = GetSchema(form.IdentityProviderDto.Schema);
IdentityProviderDto.AttributesMap = new Dictionary<string, string>(form.IdentityProviderDto.AttributesMap);
IdentityProviderDto.BaseDnForNestedGroupsEnabled = form.IdentityProviderDto.BaseDnForNestedGroupsEnabled;
IdentityProviderDto.MatchingRuleInChainEnabled = form.IdentityProviderDto.MatchingRuleInChainEnabled;
IdentityProviderDto.DirectGroupsSearchEnabled = form.IdentityProviderDto.DirectGroupsSearchEnabled;
}
};
SetSpnControls ();
}
void ImportCertificates(string connection)
{
try
{
var xcert = LdapSecureConnectionCertificateFetcher.FetchServerCertificate(connection);
var cert = new X509Certificate2(xcert);
var thumbprint = cert.GetFormattedThumbPrint();
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(),Chain = thumbprint };
var exists = _certificates.Exists(x=>x.Chain == thumbprint);
if(exists)
{
UIErrorHelper.ShowAlert("Certificate with the same fingerprint already exists", "Error");
return;
}
_certificates.Add(certfificateDto);
ReloadCertificates ();
UIErrorHelper.ShowAlert(string.Format("Certificate with subject {0} imported successfully", cert.Subject), "Information");
}
catch (Exception exception)
{
UIErrorHelper.ShowAlert (exception.Message, "Error");
}
}
public override void AwakeFromNib ()
{
base.AwakeFromNib ();
_certs = new List<string> ();
TxtTenantName.Enabled = !UpdateCredentials;
txtUsername.Enabled = !UpdateCredentials;
TxtPassword.Enabled = !UpdateCredentials;
if (UpdateCredentials)
TxtTenantName.StringValue = TenantDto.Name;
else
TenantDto = new TenantDto ();
TenantDto.Credentials = new TenantCredentialsDto(){Certificates = new List<CertificateDto>()};
BtnAddCertificate.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
var cert = new X509Certificate2 ();
ActionHelper.Execute (delegate() {
cert.Import (filePath);
_certs.Add(filePath);
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(), };
TenantDto.Credentials.Certificates.Add(certfificateDto);
ReloadCertificates();
});
}
};
BtnRemoveCertificate.Activated += (object sender, EventArgs e) => {
if (CertificateChainTableView.SelectedRows.Count > 0) {
foreach (var row in CertificateChainTableView.SelectedRows) {
_certs.RemoveAt ((int)row);
TenantDto.Credentials.Certificates.RemoveAt ((int)row);
}
ReloadCertificates();
}
};
BtnBrowsePrivateKey.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
ActionHelper.Execute (delegate() {
var text = System.IO.File.ReadAllText(filePath);
var privateKey = PrivateKeyHelper.ExtractBase64EncodedPayload(text);
TxtPrivateKeyPath.StringValue = filePath;
TenantDto.Credentials.PrivateKey = new PrivateKeyDto(){ Algorithm = EncrptionAlgorithm.RSA, Encoded = privateKey };
});
}
};
BtnClose.Activated += (object sender, EventArgs e) => {
TenantDto = null;
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (0);
};
this.BtnSave.Activated += (object sender, EventArgs e) => {
if (!UpdateCredentials && string.IsNullOrEmpty (TxtTenantName.StringValue)) {
UIErrorHelper.ShowAlert ("Please enter valid tenant name", "Alert");
} else if (!UpdateCredentials && string.IsNullOrEmpty (txtUsername.StringValue)) {
UIErrorHelper.ShowAlert ("Please enter valid username", "Alert");
} else if (!UpdateCredentials && string.IsNullOrEmpty (TxtPassword.StringValue)) {
UIErrorHelper.ShowAlert ("Please enter valid password", "Alert");
} else if (string.IsNullOrEmpty (TxtPrivateKeyPath.StringValue)) {
UIErrorHelper.ShowAlert ("Please enter valid private key", "Alert");
} else if (_certs.Count < 2) {
UIErrorHelper.ShowAlert ("Please enter atleast 2 valid Certificates", "Alert");
} else {
TenantDto.Name = TxtTenantName.StringValue;
TenantDto.Username = txtUsername.StringValue;
TenantDto.Password = TxtPassword.StringValue;
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (1);
}
};
}
public void DeleteCertficateChain(CertificateDto dto)
{
ActionHelper.Execute (delegate() {
var serverDto = GetServerDto ();
var tenant = GetTenant ();
var auth = SnapInContext.Instance.AuthTokenManager.GetAuthToken (serverDto.ServerName);
var fingerprint = new X509Certificate2 (Encoding.ASCII.GetBytes(dto.Encoded)).GetFormattedThumbPrint ();
var success = SnapInContext.Instance.ServiceGateway.Certificate.Delete (serverDto, tenant, fingerprint, auth.Token);
if (success) {
UIErrorHelper.ShowAlert ("Certificate chain " + dto.Chain + " deleted successfully", "Information");
} else {
UIErrorHelper.ShowAlert ("Failed to delete certificate chain" + dto.Chain, "Information");
}
Refresh (this, EventArgs.Empty);
});
}
public override void AwakeFromNib ()
{
base.AwakeFromNib ();
ExternalIdentityProviderDto = new ExternalIdentityProviderDto () {
NameIDFormats = new List<string>(),
SubjectFormats = new Dictionary<string, string>(),
SsoServices = new List<ServiceEndpointDto>(),
SloServices = new List<ServiceEndpointDto>(),
SigningCertificates = new CertificateChainDto{
Certificates = new List<CertificateDto>()
}
};
// Name Id formats
BtnAddNameIdFormat.Activated += (object sender, EventArgs e) => {
if(string.IsNullOrEmpty(TxtNameIdFormat.StringValue))
{
UIErrorHelper.ShowAlert ("Name Id format cannot be empty", "Alert");
return;
}
ExternalIdentityProviderDto.NameIDFormats.Add(TxtNameIdFormat.StringValue);
ReloadTableView(LstNameIdFormat, ExternalIdentityProviderDto.NameIDFormats);
TxtNameIdFormat.StringValue = (NSString)string.Empty;
};
BtnRemoveNameIdFormat.Activated += (object sender, EventArgs e) => {
if (LstNameIdFormat.SelectedRows.Count > 0) {
foreach (var row in LstNameIdFormat.SelectedRows) {
ExternalIdentityProviderDto.NameIDFormats.RemoveAt((int)row);
}
ReloadTableView(LstNameIdFormat, ExternalIdentityProviderDto.NameIDFormats);
}
};
ReloadTableView(LstNameIdFormat, ExternalIdentityProviderDto.NameIDFormats);
// Subject formats
BtnAddSubjectFormat.Activated += (object sender, EventArgs e) => {
if(string.IsNullOrEmpty(TxtSubjectFormatName.StringValue))
{
UIErrorHelper.ShowAlert ("Subject format name cannot be empty", "Alert");
return;
}
if(string.IsNullOrEmpty(TxtSubjectFormatValue.StringValue))
{
UIErrorHelper.ShowAlert ("Subject format value cannot be empty", "Alert");
return;
}
if(ExternalIdentityProviderDto.SubjectFormats.ContainsKey(TxtSubjectFormatName.StringValue))
{
UIErrorHelper.ShowAlert ("Subject format name already exists", "Alert");
return;
}
ExternalIdentityProviderDto.SubjectFormats.Add(TxtSubjectFormatName.StringValue, TxtSubjectFormatValue.StringValue);
ReloadTableView(LstSubjectFormat, ExternalIdentityProviderDto.SubjectFormats);
TxtSubjectFormatName.StringValue = (NSString)string.Empty;
TxtSubjectFormatValue.StringValue = (NSString)string.Empty;
};
BtnRemoveSubjectFormat.Activated += (object sender, EventArgs e) => {
if (LstSubjectFormat.SelectedRows.Count > 0) {
foreach (var row in LstSubjectFormat.SelectedRows) {
var source = LstSubjectFormat.DataSource as DictionaryDataSource;
var name = source.Entries[(int)row];
ExternalIdentityProviderDto.SubjectFormats.Remove(name);
}
ReloadTableView(LstSubjectFormat, ExternalIdentityProviderDto.SubjectFormats);
}
};
ReloadTableView(LstSubjectFormat, ExternalIdentityProviderDto.SubjectFormats);
// Certificates
BtnAddCertificate.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
var cert = new X509Certificate2 ();
ActionHelper.Execute (delegate() {
cert.Import (filePath);
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(), };
ExternalIdentityProviderDto.SigningCertificates.Certificates.Add(certfificateDto);
ReloadCertificates();
});
}
};
BtnRemoveCertificate.Activated += (object sender, EventArgs e) => {
if (LstCertificates.SelectedRows.Count > 0) {
foreach (var row in LstCertificates.SelectedRows) {
ExternalIdentityProviderDto.SigningCertificates.Certificates.RemoveAt ((int)row);
}
ReloadCertificates();
}
};
ReloadCertificates ();
// Sso Services
BtnAddSso.Activated += OnAddSsoServices;
BtnRemoveSso.Activated += OnRemoveSsoServices;
InitializeSsoServices ();
// Slo Services
BtnAddSlo.Activated += OnAddSloServices;
BtnRemoveSlo.Activated += OnRemoveSloServices;
InitializeSloServices ();
this.BtnSave.Activated += (object sender, EventArgs e) => {
if (string.IsNullOrEmpty (TxtUniqueId.StringValue)) {
UIErrorHelper.ShowAlert ("Please choose a Unique Id", "Alert");
} else if (ExternalIdentityProviderDto.NameIDFormats.Count() < 1) {
UIErrorHelper.ShowAlert ("Please choose a Name Id format", "Alert");
} else if (ExternalIdentityProviderDto.SubjectFormats.Count() < 1) {
UIErrorHelper.ShowAlert ("Please choose a Subject Id format", "Alert");
} else if (ExternalIdentityProviderDto.SsoServices.Count() < 1) {
UIErrorHelper.ShowAlert ("Please choose a Sso Service", "Alert");
} else if (ExternalIdentityProviderDto.SloServices.Count() < 1) {
UIErrorHelper.ShowAlert ("Please choose a Slo service", "Alert");
} else if (ExternalIdentityProviderDto.SigningCertificates.Certificates.Count() < 1) {
UIErrorHelper.ShowAlert ("Please choose a certificate", "Alert");
} else {
ExternalIdentityProviderDto.EntityID = TxtUniqueId.StringValue;
ExternalIdentityProviderDto.JitEnabled = ChkJit.StringValue == "1";
ActionHelper.Execute(delegate {
var auth = SnapInContext.Instance.AuthTokenManager.GetAuthToken(ServerDto.ServerName);
SnapInContext.Instance.ServiceGateway.ExternalIdentityProvider.Create(ServerDto,TenantName,ExternalIdentityProviderDto,auth.Token);
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (1);
});
}
};
BtnClose.Activated += (object sender, EventArgs e) => {
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (0);
};
BtnViewCertificate.Activated += (object sender, EventArgs e) =>
{
if (LstCertificates.SelectedRows.Count > 0) {
var row = LstCertificates.SelectedRows.First();
var encoded = ExternalIdentityProviderDto.SigningCertificates.Certificates[(int)row].Encoded;
var bytes = System.Text.Encoding.ASCII.GetBytes (encoded);
var certificate = new X509Certificate2(bytes);
CertificateService.DisplayX509Certificate2(this, certificate);
}
};
}
public override void AwakeFromNib ()
{
base.AwakeFromNib ();
DtoToView ();
this.BtnAuthenticationAddCertificate.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
var cert = new X509Certificate2 ();
ActionHelper.Execute (delegate() {
cert.Import (filePath);
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(), };
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.TrustedCACertificates.Add(certfificateDto);
ReloadCertificates();
});
}
};
this.BtnAuthenticationRemoveCertificate.Activated += (object sender, EventArgs e) => {
if (CertificateTableView.SelectedRows.Count > 0) {
foreach (var row in CertificateTableView.SelectedRows) {
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.TrustedCACertificates.RemoveAt ((int)row);
}
ReloadCertificates();
}
};
BtnAuthenticationPolicyAddPolicyOid.Activated += (object sender, EventArgs e) => {
if(string.IsNullOrEmpty(TxtAuthenticationPolicyOid.StringValue))
{
UIErrorHelper.ShowAlert ("Policy OID cannot be empty", "Alert");
return;
}
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs.Add(TxtAuthenticationPolicyOid.StringValue);
ReloadTableView(AuthenticationPolicyOidTableView, TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs);
TxtAuthenticationPolicyOid.StringValue = (NSString)string.Empty;
BtnAuthenticationRemovePolicyOid.Enabled = TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs != null &&
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs.Count > 0;
};
BtnAuthenticationRemovePolicyOid.Activated += (object sender, EventArgs e) => {
if (AuthenticationPolicyOidTableView.SelectedRows.Count > 0) {
foreach (var row in AuthenticationPolicyOidTableView.SelectedRows) {
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs.RemoveAt((int)row);
}
ReloadTableView(AuthenticationPolicyOidTableView, TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs);
BtnAuthenticationRemovePolicyOid.Enabled = TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs != null &&
TenantConfigurationDto.AuthenticationPolicy.ClientCertificatePolicy.CertPolicyOIDs.Count > 0;
}
};
BtnClose.Activated += (object sender, EventArgs e) => {
TenantConfigurationDto = null;
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (0);
};
this.BtnSave.Activated += (object sender, EventArgs e) => {
ActionHelper.Execute (delegate() {
ViewToDto();
var auth = SnapInContext.Instance.AuthTokenManager.GetAuthToken(ServerDto.ServerName);
SnapInContext.Instance.ServiceGateway.Tenant.UpdateConfig(ServerDto,TenantName,TenantConfigurationDto,auth.Token);
this.Close ();
NSApplication.SharedApplication.StopModalWithCode (1);
});
};
this.ChkDisableLogonBanner.Activated += (object sender, EventArgs e) => {
CheckLogonBanner();
};
this.BtnUploadContent.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
ActionHelper.Execute (delegate() {
var text = System.IO.File.ReadAllText(filePath);
if(!string.IsNullOrEmpty(text))
TxtBrandLogonBanner.StringValue = text;
});
}
};
CheckLogonBanner ();
}
