public UsersAndGroupsNode (ServerDto dto, string tenantName, IdentityProviderDto provider, bool systemDomain)
{
_tenantName = tenantName;
_domainName = provider.Name;
_systemDomain = systemDomain;
_serverDto = dto;
DisplayName = "Users and Groups";
Refresh (this, EventArgs.Empty);
}
public IdentitySourceNode (IdentityProviderDto provider, string tenantName, bool systemDomain, string displayName, TenantConfigurationDto tenantConfigDto)
{
_provider = provider;
_tenantName = tenantName;
_systemDomain = systemDomain;
_tenantConfigDto = tenantConfigDto;
var isDefault = _tenantConfigDto.ProviderPolicy != null && _tenantConfigDto.ProviderPolicy.DefaultProvider == provider.Name;
DisplayName = isDefault ? displayName + " (Default)" : displayName;
IsDefaultDomain = isDefault;
}
public bool IsSameAs(IdentityProviderDto _provider)
{
return(DomainType == this.DomainType &&
Name == this.Name &&
Alias == this.Alias &&
Type == this.Type &&
AuthenticationType == this.AuthenticationType &&
FriendlyName == this.FriendlyName &&
SearchTimeOutInSeconds == this.SearchTimeOutInSeconds &&
Username == this.Username &&
Password == this.Password &&
UserMachineAccount == this.UserMachineAccount &&
UserBaseDN == this.UserBaseDN &&
GroupBaseDN == this.GroupBaseDN &&
ConnectionStrings[0] == this.ConnectionStrings[0] &&
IsSame(AttributesMap, this.AttributesMap) &&
IsSame(Schema, this.Schema) &&
ServicePrincipalName == this.ServicePrincipalName &&
SiteAffinityEnabled == this.SiteAffinityEnabled &&
BaseDnForNestedGroupsEnabled == this.BaseDnForNestedGroupsEnabled &&
DirectGroupsSearchEnabled == this.DirectGroupsSearchEnabled &&
MatchingRuleInChainEnabled == this.MatchingRuleInChainEnabled &&
IsSame(Certificates, this.Certificates));
}
public override void AwakeFromNib ()
{
base.AwakeFromNib ();
_certificates = new List<CertificateDto> ();
_currentStep = WizardSteps.One;
SetWizardStep ();
ReloadCertificates ();
//Events
this.BtnTestConnection.Activated += TestConnection;
this.BtnNext.Activated += OnClickNextButton;
this.BtnBack.Activated += OnClickBackButton;
this.BtnAddCertificate.Activated += (object sender, EventArgs e) => {
var openPanel = new NSOpenPanel();
openPanel.ReleasedWhenClosed = true;
openPanel.Prompt = "Select file";
var result = openPanel.RunModal();
if (result == 1)
{
var filePath = openPanel.Url.AbsoluteString.Replace("file://",string.Empty);
var cert = new X509Certificate2 ();
ActionHelper.Execute (delegate() {
cert.Import (filePath);
var certfificateDto = new CertificateDto { Encoded = cert.ToPem(), Chain = cert.GetFormattedThumbPrint()};
_certificates.Add(certfificateDto);
ReloadCertificates();
});
}
};
this.RdoIdentitySource.Activated += (object sender, EventArgs e) =>
{
SetSpnControls();
};
this.RdoDomainController.Activated += (object sender, EventArgs e) =>
{
var anyDc = RdoDomainController.SelectedTag == 1;
if(anyDc)
{
SetConnectionString();
}
else
{
TxtLdapConnection.StringValue = (NSString) string.Empty;
}
ChkProtect.Enabled = anyDc;
EnableDisableConnectionString(!anyDc);
};
this.BtnRemoveCertificate.Activated += (object sender, EventArgs e) => {
if (LstCertificates.SelectedRows.Count > 0) {
foreach (var row in LstCertificates.SelectedRows) {
_certificates.RemoveAt ((int)row);
}
ReloadCertificates();
}
};
this.BtnPrimaryImport.Activated += (object sender, EventArgs e) => {
};
this.BtnSecondaryImport.Activated += (object sender, EventArgs e) => {
};
this.TxtDomainName.Changed += (object sender, EventArgs e) => {
SetConnectionString();
};
this.ChkProtect.Activated += (object sender, EventArgs e) => {
SetConnectionString();
};
this.RdoSpn.Activated += (object sender, EventArgs e) => {
SetSpnControls();
};
BtnPrimaryImport.Enabled = false;
BtnSecondaryImport.Enabled = false;
this.TxtPrimaryUrl.Activated += (object sender, EventArgs e) =>
{
BtnPrimaryImport.Enabled = this.TxtPrimaryUrl.StringValue!= null && this.TxtPrimaryUrl.StringValue.StartsWith("ldaps://");
};
this.TxtSecondaryConnection.Activated += (object sender, EventArgs e) =>
{
BtnSecondaryImport.Enabled = this.TxtSecondaryConnection.StringValue!= null && this.TxtSecondaryConnection.StringValue.StartsWith("ldaps://");
};
BtnPrimaryImport.Activated += (object sender, EventArgs e) =>
{
ImportCertificates(TxtPrimaryUrl.StringValue);
};
BtnSecondaryImport.Activated += (object sender, EventArgs e) =>
{
ImportCertificates(TxtSecondaryConnection.StringValue);
};
if (IdentityProviderDto != null)
DtoToView ();
else
IdentityProviderDto = new IdentityProviderDto ();
this.BtnAdvanced.Activated += (object sender, EventArgs e) =>
{
var form = new ExternalDomainAdvancedSettingsController ()
{
IdentityProviderDto = new IdentityProviderDto
{
Schema = IdentityProviderDto.Schema == null ? new Dictionary<string, SchemaObjectMappingDto>() :new Dictionary<string, SchemaObjectMappingDto>(IdentityProviderDto.Schema),
AttributesMap = IdentityProviderDto.AttributesMap == null ? new Dictionary<string, string>() : new Dictionary<string, string>(IdentityProviderDto.AttributesMap),
BaseDnForNestedGroupsEnabled = IdentityProviderDto.BaseDnForNestedGroupsEnabled,
MatchingRuleInChainEnabled = IdentityProviderDto.MatchingRuleInChainEnabled,
DirectGroupsSearchEnabled = IdentityProviderDto.DirectGroupsSearchEnabled
}
};
var result = NSApplication.SharedApplication.RunModalForWindow (form.Window);
if(result == 1)
{
IdentityProviderDto.Schema = GetSchema(form.IdentityProviderDto.Schema);
IdentityProviderDto.AttributesMap = new Dictionary<string, string>(form.IdentityProviderDto.AttributesMap);
IdentityProviderDto.BaseDnForNestedGroupsEnabled = form.IdentityProviderDto.BaseDnForNestedGroupsEnabled;
IdentityProviderDto.MatchingRuleInChainEnabled = form.IdentityProviderDto.MatchingRuleInChainEnabled;
IdentityProviderDto.DirectGroupsSearchEnabled = form.IdentityProviderDto.DirectGroupsSearchEnabled;
}
};
SetSpnControls ();
}
private IdentityProviderDto ViewToDto()
{
var isAd = IsAdWinSelected();
var useMachineAccount = (isAd && RdoSpn.SelectedRow != 1);
//var useSpn = (isAd && RdoSpn.SelectedRow == 1);
var providerDto = new IdentityProviderDto
{
DomainType = DomainType.EXTERNAL_DOMAIN.ToString(),
Type = GetIdentitySourceType(RdoIdentitySource.SelectedTag),
Name = isAd ? _domainName : TxtDomainName.StringValue,
Alias = isAd ? null : TxtDomainAlias.StringValue,
FriendlyName = isAd ? null : TxtFriendlyName.StringValue,
UserBaseDN = isAd ? null : TxtBaseDnUser.StringValue,
GroupBaseDN = isAd ? null : TxtBaseDnGroups.StringValue,
ConnectionStrings = isAd ? null : GetConnectionStrings(),
SiteAffinityEnabled = RdoDomainController.SelectedTag == 1 && ChkProtect.StringValue == "1",
Certificates = _certificates,
MachineAccount = useMachineAccount,
Username = useMachineAccount ? null : TxtUpn.StringValue,
Password = useMachineAccount ? null : TxtPassword.StringValue,
ServicePrincipalName = useMachineAccount ? null : TxtSpn.StringValue,
AuthenticationType = isAd ? "USE_KERBEROS" : "PASSWORD",
BaseDnForNestedGroupsEnabled = IdentityProviderDto.BaseDnForNestedGroupsEnabled,
DirectGroupsSearchEnabled = IdentityProviderDto.DirectGroupsSearchEnabled,
MatchingRuleInChainEnabled = IdentityProviderDto.MatchingRuleInChainEnabled,
AttributesMap = IdentityProviderDto.AttributesMap != null && IdentityProviderDto.AttributesMap.Count > 0 ? IdentityProviderDto.AttributesMap : null,
Schema = IdentityProviderDto.Schema // != null && IdentityProviderDto.Schema.Count > 0 ? GetSchema(IdentityProviderDto.Schema) : null
};
return providerDto;
}
public IdentityProviderDto Probe(ServerDto server, string tenant, IdentityProviderDto provider, Token token)
{
var schemaSerialized = SerializeSchema(provider.Schema);
var attributeSerailized = SerializeAttributes (provider.AttributesMap, "attributesMap");
provider.Schema = null;
provider.AttributesMap = null;
tenant = Uri.EscapeDataString(tenant);
var url = string.Format(ServiceConfigManager.IdentityProvidersEndPoint, server.Protocol, server.ServerName, server.Port, tenant);
url += "?probe=true";
var dto = typeof(IdentityProviderDto).Assembly;
var json = JsonConvert.Serialize(provider,"root", dto.GetTypes(), true);
json = SerializationJsonHelper.Cleanup (json);
json = json.Substring (0, json.Length - 1);
var attributeString = "\"attributesMap\":null,";
if (json.Contains (attributeString))
json = json.Replace (attributeString, attributeSerailized + (string.IsNullOrEmpty(attributeSerailized)? string.Empty : ","));
else
json += attributeSerailized;
var schemaString = "\"schema\":null,";
if (json.Contains (schemaString))
json = json.Replace (schemaString, schemaSerialized + (string.IsNullOrEmpty(schemaSerialized)? string.Empty : ","));
else
json += schemaSerialized;
json += "}";
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
var requestConfig = new RequestSettings
{
Method = HttpMethod.Post
};
var headers = ServiceHelper.AddHeaders(ServiceConfigManager.JsonContentType);
json = "access_token=" + token.AccessToken + "&token_type=" + token.TokenType.ToString().ToLower() + "&" + json;
var response = _webRequestManager.GetResponse(url, requestConfig, headers, null, json);
response = SerializationJsonHelper.JsonToDictionary("attributesMap",response);
response = CleanupSchemaJson (response);
return JsonConvert.Deserialize<IdentityProviderDto>(response,"root", dto.GetTypes(), true);
}
public bool IsSameAs(IdentityProviderDto _provider)
{
return DomainType == this.DomainType &&
Name == this.Name &&
Alias == this.Alias &&
Type == this.Type &&
AuthenticationType == this.AuthenticationType &&
FriendlyName == this.FriendlyName &&
SearchTimeOutInSeconds == this.SearchTimeOutInSeconds &&
Username == this.Username &&
Password == this.Password &&
MachineAccount == this.MachineAccount &&
UserBaseDN == this.UserBaseDN &&
GroupBaseDN == this.GroupBaseDN &&
ConnectionStrings[0] == this.ConnectionStrings[0] &&
IsSame(AttributesMap, this.AttributesMap) &&
IsSame(Schema, this.Schema) &&
ServicePrincipalName == this.ServicePrincipalName &&
SiteAffinityEnabled == this.SiteAffinityEnabled &&
BaseDnForNestedGroupsEnabled == this.BaseDnForNestedGroupsEnabled &&
DirectGroupsSearchEnabled == this.DirectGroupsSearchEnabled &&
MatchingRuleInChainEnabled == this.MatchingRuleInChainEnabled &&
IsSame(Certificates, this.Certificates);
}
public ExternalDomainNode (string tenantName, IdentityProviderDto provider)
{
_tenantName = tenantName;
_provider = provider;
this.DisplayName = _provider.Name;
}
