public static async Task RemoveClaim(AuthClaim authClaim)
{
if (HttpContext.User.Claims.FirstOrDefault(x => x.Type.Equals(authClaim.ClaimName, StringComparison.OrdinalIgnoreCase)) != null)
{
ClaimsIdentity claimsIdentity = new ClaimsIdentity(HttpContext.User.Identity);
claimsIdentity.RemoveClaim(claimsIdentity.FindFirst(authClaim.ClaimName));
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), new AuthenticationProperties { IsPersistent = claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent) == null ? false : bool.Parse(claimsIdentity.Claims.FirstOrDefault(x => x.Type == ClaimTypes.IsPersistent).Value) });
}
}
/// <summary>
/// Saves the authentication claim.
/// </summary>
/// <param name="authClaimId">The authentication claim identifier.</param>
private void SaveAuthClaim(int authClaimId)
{
var isNew = authClaimId.Equals(0);
var authScopeId = AuthScopeId;
if (authScopeId == null)
{
DisplayErrorMessage("The auth scope id is required to create a auth claim.");
return;
}
var authClaim = new AuthClaim();
var editAllowed = authClaim.IsAuthorized(Authorization.EDIT, CurrentPerson);
if (!editAllowed)
{
DisplayErrorMessage("The current user is not authorized to make changes.");
return;
}
using (var rockContext = new RockContext())
{
var authClaimService = new AuthClaimService(rockContext);
if (isNew)
{
authClaim.ScopeId = authScopeId.Value;
authClaimService.Add(authClaim);
}
else
{
authClaim = authClaimService.Get(authClaimId);
}
if (authClaim == null)
{
DisplayErrorMessage("The Auth Claim with the specified Id was found.");
return;
}
if (!authClaim.IsSystem)
{
authClaim.Name = tbClaimName.Text;
authClaim.Value = tbClaimValue.Text;
authClaim.IsActive = cbClaimActive.Checked;
}
authClaim.PublicName = tbClaimPublicName.Text;
rockContext.SaveChanges();
}
dlgClaimDetails.Hide();
BindGrid();
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log)
{
try
{
// check postId and trackId provided
if (!Tools.IsValidGuid(trackId))
{
return(new UnauthorizedResult());
}
string authToken = req.Headers["Authorization"];
if (authToken == null)
{
return(new UnauthorizedResult());
}
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// get the track
TrackAuth track = await TrackRepository.GetTrack(trackId);
if (track == null || (track.is_private && track.PartitionKey != authClaim.user_id))
{
return(new UnauthorizedResult());
}
// trackFollow body
string requestBody = new StreamReader(req.Body).ReadToEnd();
TrackFollowDTO dto = JsonConvert.DeserializeObject <TrackFollowDTO>(requestBody);
// insert or update the follow
TrackFollow trackFollow = new TrackFollow();
trackFollow.feed_follow_type = dto.feed?.ToLower() == "all" || dto.feed?.ToLower() == "none" ? dto.feed.ToLower() : null;
trackFollow.notifications_follow_type = dto.notifications?.ToLower() == "all" || dto.notifications?.ToLower() == "none" ? dto.notifications.ToLower() : null;
trackFollow.criteria = dto.criteria;
trackFollow.user_id = authClaim.user_id;
trackFollow.track_id = track.RowKey;
FollowRepository.InsertOrReplaceTrackFollow(trackFollow);
return(new OkResult());
}
catch (Exception e)
{
log.Error(e.Message);
return(new UnauthorizedResult());
}
}
/// <summary>
/// Shows the detail.
/// </summary>
/// <param name="authClaimId">The authentication claim identifier.</param>
public void ShowDetail(int authClaimId)
{
AuthClaim authClaim = null;
var isNew = authClaimId.Equals(0);
if (!isNew)
{
dlgClaimDetails.Title = ActionTitle.Edit("Claim").FormatAsHtmlTitle();
using (var rockContext = new RockContext())
{
authClaim = new AuthClaimService(rockContext).Get(authClaimId);
}
}
else
{
dlgClaimDetails.Title = ActionTitle.Add("Claim").FormatAsHtmlTitle();
}
if (authClaim == null)
{
if (!isNew)
{
DisplayErrorMessage("The Auth Claim with the specified Id was found.");
return;
}
authClaim = new AuthClaim {
Id = 0, IsActive = true
};
}
hfAuthClaimId.Value = authClaim.Id.ToString();
tbClaimName.Text = authClaim.Name;
tbClaimPublicName.Text = authClaim.PublicName;
tbClaimValue.Text = authClaim.Value;
cbClaimActive.Checked = authClaim.IsActive;
nbEditModeMessage.Text = string.Empty;
if (authClaim.IsSystem)
{
tbClaimName.Enabled = false;
tbClaimValue.Visible = false;
cbClaimActive.Enabled = false;
nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthClaim.FriendlyTypeName);
}
dlgClaimDetails.Show();
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "track/{trackId}/follow")] HttpRequest req, string trackId, TraceWriter log)
{
try
{
// check postId and trackId provided
if (!Tools.IsValidGuid(trackId))
{
return(new UnauthorizedResult());
}
string authToken = req.Headers["Authorization"];
if (authToken == null)
{
return(new UnauthorizedResult());
}
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// get the track
TrackAuth track = await TrackRepository.GetTrack(trackId);
if (track == null || track.is_private)
{
return(new UnauthorizedResult());
}
// insert or update the follow
var result = await FollowRepository.DeleteTrackFollow(authClaim.user_id, track.RowKey);
if (!result)
{
return(new BadRequestResult());
}
return(new OkResult());
}
catch (Exception e)
{
log.Error(e.Message);
return(new UnauthorizedResult());
}
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "feed")] HttpRequest req, TraceWriter log)
{
try
{
string authToken = req.Headers["Authorization"];
if (authToken == null)
{
return(new UnauthorizedResult());
}
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// get optional params
GetFeedDTO feedDTO = new GetFeedDTO()
{
from = Convert.ToInt64(req.Query["from"]),
continuation = Convert.ToInt64(req.Query["continuation"])
};
List <PostQueryDTO> feed = await FeedRepository.GetFeed(authClaim.user_id, feedDTO.from, feedDTO.continuation);
return(new OkObjectResult(new ReturnFeedDTO()
{
count = feed.Count,
from = feed.Count > 0 ? feed[0].date_created : 0,
continuation = feed.Count >= 30 ? feed[feed.Count - 1].date_created : 0,
data = feed
}));
}
catch (Exception e)
{
return(new BadRequestResult());
}
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "tracks")] HttpRequest req, TraceWriter log)
{
try
{
string authToken = req.Headers["Authorization"];
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
List <TrackDTO> tracks = await FollowRepository.GetUserFollows(authClaim.user_id);
return(new OkObjectResult(new { count = tracks.Count, data = tracks }));
}
catch (Exception e)
{
log.Error(e.Message);
return(new UnauthorizedResult());
}
}
public static string GetClaim(this ClaimsPrincipal principal, AuthClaim claim)
{
return(principal.FindFirstValue(claim.ToString()));
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/posts")] HttpRequest req, string trackId, TraceWriter log)
{
try
{
// check valid trackId provided
if (!Tools.IsValidGuid(trackId))
{
return(new UnauthorizedResult());
}
// get the track
TrackAuth track = await TrackRepository.GetTrack(trackId);
if (track == null)
{
return(new UnauthorizedResult());
}
// private track so check keys
if (track.is_private)
{
string trackKeyHeader = req.Headers["X-Track-Key"];
string authToken = req.Headers["Authorization"];
if (authToken != null)
{
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// check track userID matches authClaim userId
if (track.PartitionKey != authClaim.user_id)
{
return(new UnauthorizedResult());
}
}
else if (trackKeyHeader != null)
{
KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);
// validate authKey
if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
{
return(new UnauthorizedResult());
}
// validate track key
if (track.track_key != keySecret.Key)
{
return(new UnauthorizedResult());
}
}
else
{
return(new UnauthorizedResult());
}
}
// get query object from query params
PostQuery query = Tools.GetQueryFromQueryParams(trackId, req.Query["tags"], req.Query["continuation"]);
PostReturnObject posts = query.tags.Count > 0 ? await PostRepository.QueryPosts(query) : await PostRepository.GetPosts(query);
return(new OkObjectResult(posts));
}
catch (Exception e)
{
log.Info(e.Message);
return(new BadRequestObjectResult(e.Message));
}
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}")] HttpRequest req, string trackId, TraceWriter log)
{
try
{
// check postId and trackId provided
if (!Tools.IsValidGuid(trackId))
{
return(new UnauthorizedResult());
}
// get the track
TrackAuth track = await TrackRepository.GetTrack(trackId);
if (track == null)
{
return(new UnauthorizedResult());
}
// is private
if (track.is_private)
{
string trackKeyHeader = req.Headers["X-Track-Key"];
string authToken = req.Headers["Authorization"];
if (authToken != null)
{
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// check track userID matches authClaim userId
if (track.PartitionKey != authClaim.user_id)
{
return(new UnauthorizedResult());
}
}
else if (trackKeyHeader != null)
{
KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);
// validate authKey
if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
{
return(new UnauthorizedResult());
}
// validate track key
if (track.track_key != keySecret.Key)
{
return(new UnauthorizedResult());
}
}
else
{
return(new UnauthorizedResult());
}
}
return(new OkObjectResult(new Track(track)));
}
catch (Exception e)
{
log.Error(e.Message);
return(new UnauthorizedResult());
}
}
public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "track/{trackId}/post/{postId}")] HttpRequest req, string trackId, string postId, TraceWriter log)
{
try
{
// check postId and trackId provided
if (!Tools.IsValidGuid(trackId))
{
return(new UnauthorizedResult());
}
// get the track
TrackAuth track = await TrackRepository.GetTrack(trackId);
if (track == null)
{
return(new UnauthorizedResult());
}
if (track.is_private)
{
string trackKeyHeader = req.Headers["X-Track-Key"];
string authToken = req.Headers["Authorization"];
if (authToken != null)
{
// validate authKey
AuthClaim authClaim = AuthRepository.ValidateAuthClaim(authToken);
if (authClaim == null)
{
return(new UnauthorizedResult());
}
// check track userID matches authClaim userId
if (track.PartitionKey != authClaim.user_id)
{
return(new UnauthorizedResult());
}
}
else if (trackKeyHeader != null)
{
KeySecret keySecret = AuthRepository.DecodeKeyAndSecret(trackKeyHeader);
// validate authKey
if (!AuthRepository.ValidateSHA256(trackId + keySecret.Key, keySecret.Secret))
{
return(new UnauthorizedResult());
}
// validate track key
if (track.track_key != keySecret.Key)
{
return(new UnauthorizedResult());
}
}
else
{
return(new UnauthorizedResult());
}
}
// get the post
Post post = await PostRepository.GetPost(trackId, postId);
if (post == null)
{
return(new UnauthorizedResult());
}
// convert to post DTO
return(new OkObjectResult(new PostDTO()
{
body = post.body,
date_created = post.date_created,
id = post.RowKey,
summary = post.summary,
tags = post.tags.Split(',').ToList(),
title = post.title,
track_id = post.PartitionKey,
track_name = post.track_name,
type = post.type,
url = post.url
}));
}
catch (Exception e)
{
log.Info(e.Message);
return(new UnauthorizedResult());
}
}
