Exemplo n.º 1
0
        public static async Task RemoveClaim(AuthClaim authClaim)
        {
            if (HttpContext.User.Claims.FirstOrDefault(x => x.Type.Equals(authClaim.ClaimName, StringComparison.OrdinalIgnoreCase)) != null)
            {
                ClaimsIdentity claimsIdentity = new ClaimsIdentity(HttpContext.User.Identity);

                claimsIdentity.RemoveClaim(claimsIdentity.FindFirst(authClaim.ClaimName));

                await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), new AuthenticationProperties { IsPersistent = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent) == null ? false : bool.Parse(claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent).Value) });
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Saves the authentication claim.
        /// </summary>
        /// <param name="authClaimId">The authentication claim identifier.</param>
        private void SaveAuthClaim(int authClaimId)
        {
            var isNew       = authClaimId.Equals(0);
            var authScopeId = AuthScopeId;

            if (authScopeId == null)
            {
                DisplayErrorMessage("The auth scope id is required to create a auth claim.");
                return;
            }

            var authClaim = new AuthClaim();

            var editAllowed = authClaim.IsAuthorized(Authorization.EDIT, CurrentPerson);

            if (!editAllowed)
            {
                DisplayErrorMessage("The current user is not authorized to make changes.");
                return;
            }

            using (var rockContext = new RockContext())
            {
                var authClaimService = new AuthClaimService(rockContext);
                if (isNew)
                {
                    authClaim.ScopeId = authScopeId.Value;
                    authClaimService.Add(authClaim);
                }
                else
                {
                    authClaim = authClaimService.Get(authClaimId);
                }

                if (authClaim == null)
                {
                    DisplayErrorMessage("The Auth Claim with the specified Id was found.");
                    return;
                }

                if (!authClaim.IsSystem)
                {
                    authClaim.Name     = tbClaimName.Text;
                    authClaim.Value    = tbClaimValue.Text;
                    authClaim.IsActive = cbClaimActive.Checked;
                }

                authClaim.PublicName = tbClaimPublicName.Text;

                rockContext.SaveChanges();
            }
            dlgClaimDetails.Hide();
            BindGrid();
        }
Exemplo n.º 3
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log)
        {
            try
            {
                // check postId and trackId provided
                if (!Tools.IsValidGuid(trackId))
                {
                    return(new UnauthorizedResult());
                }

                string authToken = req.Headers["Authorization"];

                if (authToken == null)
                {
                    return(new UnauthorizedResult());
                }

                // validate authKey
                AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                if (authClaim == null)
                {
                    return(new UnauthorizedResult());
                }

                // get the track
                TrackAuth track = await TrackRepository.GetTrack(trackId);

                if (track == null || (track.is_private && track.PartitionKey != authClaim.user_id))
                {
                    return(new UnauthorizedResult());
                }

                // trackFollow body
                string         requestBody = new StreamReader(req.Body).ReadToEnd();
                TrackFollowDTO dto         = JsonConvert.DeserializeObject <TrackFollowDTO>(requestBody);

                // insert or update the follow
                TrackFollow trackFollow = new TrackFollow();
                trackFollow.feed_follow_type          = dto.feed?.ToLower() == "all" || dto.feed?.ToLower() == "none" ? dto.feed.ToLower() : null;
                trackFollow.notifications_follow_type = dto.notifications?.ToLower() == "all" || dto.notifications?.ToLower() == "none" ? dto.notifications.ToLower() : null;
                trackFollow.criteria = dto.criteria;
                trackFollow.user_id  = authClaim.user_id;
                trackFollow.track_id = track.RowKey;

                FollowRepository.InsertOrReplaceTrackFollow(trackFollow);

                return(new OkResult());
            }
            catch (Exception e)
            {
                log.Error(e.Message);
                return(new UnauthorizedResult());
            }
        }
Exemplo n.º 4
0
        /// <summary>
        /// Shows the detail.
        /// </summary>
        /// <param name="authClaimId">The authentication claim identifier.</param>
        public void ShowDetail(int authClaimId)
        {
            AuthClaim authClaim = null;
            var       isNew     = authClaimId.Equals(0);

            if (!isNew)
            {
                dlgClaimDetails.Title = ActionTitle.Edit("Claim").FormatAsHtmlTitle();
                using (var rockContext = new RockContext())
                {
                    authClaim = new AuthClaimService(rockContext).Get(authClaimId);
                }
            }
            else
            {
                dlgClaimDetails.Title = ActionTitle.Add("Claim").FormatAsHtmlTitle();
            }

            if (authClaim == null)
            {
                if (!isNew)
                {
                    DisplayErrorMessage("The Auth Claim with the specified Id was found.");
                    return;
                }

                authClaim = new AuthClaim {
                    Id = 0, IsActive = true
                };
            }

            hfAuthClaimId.Value = authClaim.Id.ToString();

            tbClaimName.Text       = authClaim.Name;
            tbClaimPublicName.Text = authClaim.PublicName;
            tbClaimValue.Text      = authClaim.Value;
            cbClaimActive.Checked  = authClaim.IsActive;

            nbEditModeMessage.Text = string.Empty;
            if (authClaim.IsSystem)
            {
                tbClaimName.Enabled    = false;
                tbClaimValue.Visible   = false;
                cbClaimActive.Enabled  = false;
                nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthClaim.FriendlyTypeName);
            }

            dlgClaimDetails.Show();
        }
Exemplo n.º 5
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log)
        {
            try
            {
                // check postId and trackId provided
                if (!Tools.IsValidGuid(trackId))
                {
                    return(new UnauthorizedResult());
                }

                string authToken = req.Headers["Authorization"];

                if (authToken == null)
                {
                    return(new UnauthorizedResult());
                }

                // validate authKey
                AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                if (authClaim == null)
                {
                    return(new UnauthorizedResult());
                }

                // get the track
                TrackAuth track = await TrackRepository.GetTrack(trackId);

                if (track == null || track.is_private)
                {
                    return(new UnauthorizedResult());
                }

                // insert or update the follow
                var result = await FollowRepository.DeleteTrackFollow(authClaim.user_id, track.RowKey);

                if (!result)
                {
                    return(new BadRequestResult());
                }

                return(new OkResult());
            }
            catch (Exception e)
            {
                log.Error(e.Message);
                return(new UnauthorizedResult());
            }
        }
Exemplo n.º 6
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "feed")] HttpRequest req, TraceWriter log)
        {
            try
            {
                string authToken = req.Headers["Authorization"];

                if (authToken == null)
                {
                    return(new UnauthorizedResult());
                }

                // validate authKey
                AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                if (authClaim == null)
                {
                    return(new UnauthorizedResult());
                }

                // get optional params
                GetFeedDTO feedDTO = new GetFeedDTO()
                {
                    from         = Convert.ToInt64(req.Query["from"]),
                    continuation = Convert.ToInt64(req.Query["continuation"])
                };

                List <PostQueryDTO> feed = await FeedRepository.GetFeed(authClaim.user_id, feedDTO.from, feedDTO.continuation);

                return(new OkObjectResult(new ReturnFeedDTO()
                {
                    count = feed.Count,
                    from = feed.Count > 0 ? feed[0].date_created : 0,
                    continuation = feed.Count >= 30 ? feed[feed.Count - 1].date_created : 0,
                    data = feed
                }));
            }
            catch (Exception e)
            {
                return(new BadRequestResult());
            }
        }
Exemplo n.º 7
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "tracks")] HttpRequest req, TraceWriter log)
        {
            try
            {
                string authToken = req.Headers["Authorization"];

                // validate authKey
                AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                if (authClaim == null)
                {
                    return(new UnauthorizedResult());
                }

                List <TrackDTO> tracks = await FollowRepository.GetUserFollows(authClaim.user_id);

                return(new OkObjectResult(new { count = tracks.Count, data = tracks }));
            }
            catch (Exception e)
            {
                log.Error(e.Message);
                return(new UnauthorizedResult());
            }
        }
Exemplo n.º 8
0
 public static string GetClaim(this ClaimsPrincipal principal, AuthClaim claim)
 {
     return(principal.FindFirstValue(claim.ToString()));
 }
Exemplo n.º 9
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/posts")] HttpRequest req, string trackId, TraceWriter log)
        {
            try
            {
                // check valid trackId provided
                if (!Tools.IsValidGuid(trackId))
                {
                    return(new UnauthorizedResult());
                }

                // get the track
                TrackAuth track = await TrackRepository.GetTrack(trackId);

                if (track == null)
                {
                    return(new UnauthorizedResult());
                }

                // private track so check keys
                if (track.is_private)
                {
                    string trackKeyHeader = req.Headers["X-Track-Key"];
                    string authToken      = req.Headers["Authorization"];

                    if (authToken != null)
                    {
                        // validate authKey
                        AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                        if (authClaim == null)
                        {
                            return(new UnauthorizedResult());
                        }

                        // check track userID matches authClaim userId
                        if (track.PartitionKey != authClaim.user_id)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else if (trackKeyHeader != null)
                    {
                        KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);

                        // validate authKey
                        if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
                        {
                            return(new UnauthorizedResult());
                        }

                        // validate track key
                        if (track.track_key != keySecret.Key)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else
                    {
                        return(new UnauthorizedResult());
                    }
                }

                // get query object from query params
                PostQuery query = Tools.GetQueryFromQueryParams(trackId, req.Query["tags"], req.Query["continuation"]);

                PostReturnObject posts = query.tags.Count > 0 ? await PostRepository.QueryPosts(query) : await PostRepository.GetPosts(query);

                return(new OkObjectResult(posts));
            }
            catch (Exception e)
            {
                log.Info(e.Message);
                return(new BadRequestObjectResult(e.Message));
            }
        }
Exemplo n.º 10
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}")] HttpRequest req, string trackId, TraceWriter log)
        {
            try
            {
                // check postId and trackId provided
                if (!Tools.IsValidGuid(trackId))
                {
                    return(new UnauthorizedResult());
                }

                // get the track
                TrackAuth track = await TrackRepository.GetTrack(trackId);

                if (track == null)
                {
                    return(new UnauthorizedResult());
                }

                // is private
                if (track.is_private)
                {
                    string trackKeyHeader = req.Headers["X-Track-Key"];
                    string authToken      = req.Headers["Authorization"];

                    if (authToken != null)
                    {
                        // validate authKey
                        AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                        if (authClaim == null)
                        {
                            return(new UnauthorizedResult());
                        }

                        // check track userID matches authClaim userId
                        if (track.PartitionKey != authClaim.user_id)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else if (trackKeyHeader != null)
                    {
                        KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);

                        // validate authKey
                        if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
                        {
                            return(new UnauthorizedResult());
                        }

                        // validate track key
                        if (track.track_key != keySecret.Key)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else
                    {
                        return(new UnauthorizedResult());
                    }
                }

                return(new OkObjectResult(new Track(track)));
            }
            catch (Exception e)
            {
                log.Error(e.Message);
                return(new UnauthorizedResult());
            }
        }
Exemplo n.º 11
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/post/{postId}")] HttpRequest req, string trackId, string postId, TraceWriter log)
        {
            try
            {
                // check postId and trackId provided
                if (!Tools.IsValidGuid(trackId))
                {
                    return(new UnauthorizedResult());
                }

                // get the track
                TrackAuth track = await TrackRepository.GetTrack(trackId);

                if (track == null)
                {
                    return(new UnauthorizedResult());
                }

                if (track.is_private)
                {
                    string trackKeyHeader = req.Headers["X-Track-Key"];
                    string authToken      = req.Headers["Authorization"];

                    if (authToken != null)
                    {
                        // validate authKey
                        AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
                        if (authClaim == null)
                        {
                            return(new UnauthorizedResult());
                        }

                        // check track userID matches authClaim userId
                        if (track.PartitionKey != authClaim.user_id)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else if (trackKeyHeader != null)
                    {
                        KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);

                        // validate authKey
                        if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
                        {
                            return(new UnauthorizedResult());
                        }

                        // validate track key
                        if (track.track_key != keySecret.Key)
                        {
                            return(new UnauthorizedResult());
                        }
                    }
                    else
                    {
                        return(new UnauthorizedResult());
                    }
                }

                // get the post
                Post post = await PostRepository.GetPost(trackId, postId);

                if (post == null)
                {
                    return(new UnauthorizedResult());
                }

                // convert to post DTO
                return(new OkObjectResult(new PostDTO()
                {
                    body = post.body,
                    date_created = post.date_created,
                    id = post.RowKey,
                    summary = post.summary,
                    tags = post.tags.Split(',').ToList(),
                    title = post.title,
                    track_id = post.PartitionKey,
                    track_name = post.track_name,
                    type = post.type,
                    url = post.url
                }));
            }
            catch (Exception e)
            {
                log.Info(e.Message);
                return(new UnauthorizedResult());
            }
        }