public static async Task RemoveClaim(AuthClaim authClaim) { if (HttpContext.User.Claims.FirstOrDefault(x => x.Type.Equals(authClaim.ClaimName, StringComparison.OrdinalIgnoreCase)) != null) { ClaimsIdentity claimsIdentity = new ClaimsIdentity(HttpContext.User.Identity); claimsIdentity.RemoveClaim(claimsIdentity.FindFirst(authClaim.ClaimName)); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), new AuthenticationProperties { IsPersistent = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent) == null ? false : bool.Parse(claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent).Value) }); } }
/// <summary> /// Saves the authentication claim. /// </summary> /// <param name="authClaimId">The authentication claim identifier.</param> private void SaveAuthClaim(int authClaimId) { var isNew = authClaimId.Equals(0); var authScopeId = AuthScopeId; if (authScopeId == null) { DisplayErrorMessage("The auth scope id is required to create a auth claim."); return; } var authClaim = new AuthClaim(); var editAllowed = authClaim.IsAuthorized(Authorization.EDIT, CurrentPerson); if (!editAllowed) { DisplayErrorMessage("The current user is not authorized to make changes."); return; } using (var rockContext = new RockContext()) { var authClaimService = new AuthClaimService(rockContext); if (isNew) { authClaim.ScopeId = authScopeId.Value; authClaimService.Add(authClaim); } else { authClaim = authClaimService.Get(authClaimId); } if (authClaim == null) { DisplayErrorMessage("The Auth Claim with the specified Id was found."); return; } if (!authClaim.IsSystem) { authClaim.Name = tbClaimName.Text; authClaim.Value = tbClaimValue.Text; authClaim.IsActive = cbClaimActive.Checked; } authClaim.PublicName = tbClaimPublicName.Text; rockContext.SaveChanges(); } dlgClaimDetails.Hide(); BindGrid(); }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log) { try { // check postId and trackId provided if (!Tools.IsValidGuid(trackId)) { return(new UnauthorizedResult()); } string authToken = req.Headers["Authorization"]; if (authToken == null) { return(new UnauthorizedResult()); } // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // get the track TrackAuth track = await TrackRepository.GetTrack(trackId); if (track == null || (track.is_private && track.PartitionKey != authClaim.user_id)) { return(new UnauthorizedResult()); } // trackFollow body string requestBody = new StreamReader(req.Body).ReadToEnd(); TrackFollowDTO dto = JsonConvert.DeserializeObject <TrackFollowDTO>(requestBody); // insert or update the follow TrackFollow trackFollow = new TrackFollow(); trackFollow.feed_follow_type = dto.feed?.ToLower() == "all" || dto.feed?.ToLower() == "none" ? dto.feed.ToLower() : null; trackFollow.notifications_follow_type = dto.notifications?.ToLower() == "all" || dto.notifications?.ToLower() == "none" ? dto.notifications.ToLower() : null; trackFollow.criteria = dto.criteria; trackFollow.user_id = authClaim.user_id; trackFollow.track_id = track.RowKey; FollowRepository.InsertOrReplaceTrackFollow(trackFollow); return(new OkResult()); } catch (Exception e) { log.Error(e.Message); return(new UnauthorizedResult()); } }
/// <summary> /// Shows the detail. /// </summary> /// <param name="authClaimId">The authentication claim identifier.</param> public void ShowDetail(int authClaimId) { AuthClaim authClaim = null; var isNew = authClaimId.Equals(0); if (!isNew) { dlgClaimDetails.Title = ActionTitle.Edit("Claim").FormatAsHtmlTitle(); using (var rockContext = new RockContext()) { authClaim = new AuthClaimService(rockContext).Get(authClaimId); } } else { dlgClaimDetails.Title = ActionTitle.Add("Claim").FormatAsHtmlTitle(); } if (authClaim == null) { if (!isNew) { DisplayErrorMessage("The Auth Claim with the specified Id was found."); return; } authClaim = new AuthClaim { Id = 0, IsActive = true }; } hfAuthClaimId.Value = authClaim.Id.ToString(); tbClaimName.Text = authClaim.Name; tbClaimPublicName.Text = authClaim.PublicName; tbClaimValue.Text = authClaim.Value; cbClaimActive.Checked = authClaim.IsActive; nbEditModeMessage.Text = string.Empty; if (authClaim.IsSystem) { tbClaimName.Enabled = false; tbClaimValue.Visible = false; cbClaimActive.Enabled = false; nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthClaim.FriendlyTypeName); } dlgClaimDetails.Show(); }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log) { try { // check postId and trackId provided if (!Tools.IsValidGuid(trackId)) { return(new UnauthorizedResult()); } string authToken = req.Headers["Authorization"]; if (authToken == null) { return(new UnauthorizedResult()); } // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // get the track TrackAuth track = await TrackRepository.GetTrack(trackId); if (track == null || track.is_private) { return(new UnauthorizedResult()); } // insert or update the follow var result = await FollowRepository.DeleteTrackFollow(authClaim.user_id, track.RowKey); if (!result) { return(new BadRequestResult()); } return(new OkResult()); } catch (Exception e) { log.Error(e.Message); return(new UnauthorizedResult()); } }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "feed")] HttpRequest req, TraceWriter log) { try { string authToken = req.Headers["Authorization"]; if (authToken == null) { return(new UnauthorizedResult()); } // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // get optional params GetFeedDTO feedDTO = new GetFeedDTO() { from = Convert.ToInt64(req.Query["from"]), continuation = Convert.ToInt64(req.Query["continuation"]) }; List <PostQueryDTO> feed = await FeedRepository.GetFeed(authClaim.user_id, feedDTO.from, feedDTO.continuation); return(new OkObjectResult(new ReturnFeedDTO() { count = feed.Count, from = feed.Count > 0 ? feed[0].date_created : 0, continuation = feed.Count >= 30 ? feed[feed.Count - 1].date_created : 0, data = feed })); } catch (Exception e) { return(new BadRequestResult()); } }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "tracks")] HttpRequest req, TraceWriter log) { try { string authToken = req.Headers["Authorization"]; // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } List <TrackDTO> tracks = await FollowRepository.GetUserFollows(authClaim.user_id); return(new OkObjectResult(new { count = tracks.Count, data = tracks })); } catch (Exception e) { log.Error(e.Message); return(new UnauthorizedResult()); } }
public static string GetClaim(this ClaimsPrincipal principal, AuthClaim claim) { return(principal.FindFirstValue(claim.ToString())); }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/posts")] HttpRequest req, string trackId, TraceWriter log) { try { // check valid trackId provided if (!Tools.IsValidGuid(trackId)) { return(new UnauthorizedResult()); } // get the track TrackAuth track = await TrackRepository.GetTrack(trackId); if (track == null) { return(new UnauthorizedResult()); } // private track so check keys if (track.is_private) { string trackKeyHeader = req.Headers["X-Track-Key"]; string authToken = req.Headers["Authorization"]; if (authToken != null) { // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // check track userID matches authClaim userId if (track.PartitionKey != authClaim.user_id) { return(new UnauthorizedResult()); } } else if (trackKeyHeader != null) { KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader); // validate authKey if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret)) { return(new UnauthorizedResult()); } // validate track key if (track.track_key != keySecret.Key) { return(new UnauthorizedResult()); } } else { return(new UnauthorizedResult()); } } // get query object from query params PostQuery query = Tools.GetQueryFromQueryParams(trackId, req.Query["tags"], req.Query["continuation"]); PostReturnObject posts = query.tags.Count > 0 ? await PostRepository.QueryPosts(query) : await PostRepository.GetPosts(query); return(new OkObjectResult(posts)); } catch (Exception e) { log.Info(e.Message); return(new BadRequestObjectResult(e.Message)); } }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}")] HttpRequest req, string trackId, TraceWriter log) { try { // check postId and trackId provided if (!Tools.IsValidGuid(trackId)) { return(new UnauthorizedResult()); } // get the track TrackAuth track = await TrackRepository.GetTrack(trackId); if (track == null) { return(new UnauthorizedResult()); } // is private if (track.is_private) { string trackKeyHeader = req.Headers["X-Track-Key"]; string authToken = req.Headers["Authorization"]; if (authToken != null) { // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // check track userID matches authClaim userId if (track.PartitionKey != authClaim.user_id) { return(new UnauthorizedResult()); } } else if (trackKeyHeader != null) { KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader); // validate authKey if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret)) { return(new UnauthorizedResult()); } // validate track key if (track.track_key != keySecret.Key) { return(new UnauthorizedResult()); } } else { return(new UnauthorizedResult()); } } return(new OkObjectResult(new Track(track))); } catch (Exception e) { log.Error(e.Message); return(new UnauthorizedResult()); } }
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/post/{postId}")] HttpRequest req, string trackId, string postId, TraceWriter log) { try { // check postId and trackId provided if (!Tools.IsValidGuid(trackId)) { return(new UnauthorizedResult()); } // get the track TrackAuth track = await TrackRepository.GetTrack(trackId); if (track == null) { return(new UnauthorizedResult()); } if (track.is_private) { string trackKeyHeader = req.Headers["X-Track-Key"]; string authToken = req.Headers["Authorization"]; if (authToken != null) { // validate authKey AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken); if (authClaim == null) { return(new UnauthorizedResult()); } // check track userID matches authClaim userId if (track.PartitionKey != authClaim.user_id) { return(new UnauthorizedResult()); } } else if (trackKeyHeader != null) { KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader); // validate authKey if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret)) { return(new UnauthorizedResult()); } // validate track key if (track.track_key != keySecret.Key) { return(new UnauthorizedResult()); } } else { return(new UnauthorizedResult()); } } // get the post Post post = await PostRepository.GetPost(trackId, postId); if (post == null) { return(new UnauthorizedResult()); } // convert to post DTO return(new OkObjectResult(new PostDTO() { body = post.body, date_created = post.date_created, id = post.RowKey, summary = post.summary, tags = post.tags.Split(',').ToList(), title = post.title, track_id = post.PartitionKey, track_name = post.track_name, type = post.type, url = post.url })); } catch (Exception e) { log.Info(e.Message); return(new UnauthorizedResult()); } }