public async Task <AccessControlResponse> CreateUser(string userIdentifier, string password, string location, string createdBy)
{
var ip = GetIdentityProvider();
var ipResult = await ip.CreateUser(userIdentifier, password, location, createdBy);
var response = new AccessControlResponse();
switch (ipResult.Result)
{
case CreateUserResult.CREATE_SUCCESS:
return(new AccessControlResponse());
case CreateUserResult.CREATE_NOT_SUPPORTED:
response.Result = false;
if (ipResult.IsException)
{
response.ErroneousProperty = "Exception";
}
response.ErroneousPropertyValue = ipResult.ExceptionInformation;
return(new AccessControlResponse(AccessControlResponseErrorInfo.IdentityProviderUnsupportedAction));
case CreateUserResult.CREATE_DATABASE_FAILURE:
response.Result = false;
if (ipResult.IsException)
{
response.ErroneousProperty = "Exception";
}
response.ErroneousPropertyValue = ipResult.ExceptionInformation;
return(new AccessControlResponse(AccessControlResponseErrorInfo.IdentityProbviderDatabaseError));
case CreateUserResult.CREATE_OTHER_FAILURE:
response.Result = false;
if (ipResult.IsException)
{
response.ErroneousProperty = "Exception";
}
response.ErroneousPropertyValue = ipResult.ExceptionInformation;
return(new AccessControlResponse(AccessControlResponseErrorInfo.IdentityProviderGeneralError));
default:
response.Result = false;
if (ipResult.IsException)
{
response.ErroneousProperty = "Exception";
}
response.ErroneousPropertyValue = ipResult.ExceptionInformation;
return(new AccessControlResponse(AccessControlResponseErrorInfo.Unknown));
}
}
/// <summary>
/// Attempt to verify the validity of a user's provided credentials
/// </summary>
/// <param name="userIdentifier">username</param>
/// <param name="password">password, in plain text</param>
/// <returns></returns>
public async Task <AccessControlResponse> GetUserLogin(string userIdentifier, string password, string location)
{
var ip = GetIdentityProvider();
var loginResult = await ip.GetUserLogin(userIdentifier, password, location);
if (loginResult.IsValid)
{
return(new AccessControlResponse());
}
else
{
var errorResponse = new AccessControlResponse();
errorResponse.Result = false;
switch (loginResult.LoginResult)
{
case LoginResult.LOGIN_SUCCESS:
return(new AccessControlResponse(AccessControlResponseErrorInfo.Unknown));
case LoginResult.LOGIN_AUTHENTICATION_FAILURE:
return(new AccessControlResponse(AccessControlResponseErrorInfo.UserOrPasswordInvalid));
case LoginResult.LOGIN_DATABASE_FAILURE:
if (loginResult.IsException)
{
errorResponse.ErroneousProperty = "Exception";
}
errorResponse.ErroneousPropertyValue = loginResult.ExceptionInformation;
errorResponse.ErrorInfo = AccessControlResponseErrorInfo.IdentityProbviderDatabaseError;
return(errorResponse);
default:
if (loginResult.IsException)
{
errorResponse.ErroneousProperty = "Exception";
}
errorResponse.ErroneousPropertyValue = loginResult.ExceptionInformation;
errorResponse.ErrorInfo = AccessControlResponseErrorInfo.IdentityProviderLoginError;
return(new AccessControlResponse(AccessControlResponseErrorInfo.IdentityProviderLoginError));
}
}
}
private async Task <bool> ProcessKpuPermissionRequest(string kpuId, KpuPermissionRequest request, KpuPermissionRequest parentPermissionRequest = null)
{
logger.Trace(LM($"kputId={kpuId},requestIdentifier={request.PermissionIdentifier}, parentRequestIdentifier={parentPermissionRequest?.PermissionIdentifier ?? "null"}"));
var permissionId = kpuId + '.' + request.PermissionIdentifier;
AccessControlResponse result = null;
if (parentPermissionRequest == null)
{
result = await RegisterPermission(permissionId, null);
}
else
{
var parentPermissionId = kpuId + '.' + parentPermissionRequest.PermissionIdentifier;
result = await RegisterPermission(permissionId, parentPermissionId);
}
if (request.ChildPermissionRequests != null && request.ChildPermissionRequests.Length > 0)
{
foreach (var childRequest in request.ChildPermissionRequests)
{
await ProcessKpuPermissionRequest(kpuId, childRequest, request);
}
}
return(result.Result);
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "post")]
HttpRequest req,
[Queue("access-registration-queue", Connection = "QueueConnection")]
ICollector <AccessRegistrationQueueItem> outputQueueItem,
ILogger log)
{
string direction;
log.LogInformation("Adgang registreret");
// Validering
if (!req.Form.Files.Any())
{
const string error = "Der er ikke vedhæftet en fil";
log.LogError(error);
return(new BadRequestObjectResult(error));
}
if (req.Form.TryGetValue("direction", out var directionValues))
{
direction = directionValues[0].ToLowerInvariant() == "enter" ? "Kommet" : "Gået";
log.LogInformation($"Adgangsretning: {direction}");
}
else
{
const string error = "Der er ikke information om adgangsretning";
log.LogError(error);
return(new BadRequestObjectResult(error));
}
// Image fra request
var file = req.Form.Files[0];
// Undersøg om ansigt kan genkendes
log.LogInformation("Undersøg om ansigt kan genkendes");
var similarFaces = await new FaceRecognition().FaceAccessControl(file);
var accessConfirmed = similarFaces.Any() && similarFaces[0].Confidence > 0.9;
log.LogInformation(string.Format("Ansigt er {0}genkendt", accessConfirmed ? "" : "ikke "));
// Gem billede på Blob storage
log.LogInformation("Gem billede på Blob storage");
var imageUrl = await new ImageStorage().Save(file);
log.LogInformation("Billedet er gemt på Blob storage");
// Læg registrering på kø
log.LogInformation("Læg registrering på kø");
var queueItem = new AccessRegistrationQueueItem
{
EntranceStatus = accessConfirmed ? "Godkendt" : "Afvist",
Direction = direction,
ImageUrl = imageUrl,
AccessTimeStamp = DateTime.Now.ToUniversalTime().AddHours(1)
};
outputQueueItem.Add(queueItem);
log.LogInformation("Registrering er på kø");
// Response
var response = new AccessControlResponse
{
AccessConfirmed = accessConfirmed,
SimilarFaces = similarFaces
};
return(new OkObjectResult(response));
}
