Exemplo n.º 1
0
        public async Task <IActionResult> Update(string id, [FromBody] JObject jObj, CancellationToken cancellationToken)
        {
            if (!await IsPATAuthorized())
            {
                return(new UnauthorizedResult());
            }

            try
            {
                var receivedUmaResource = BuildUMAResource(jObj);
                var actualUmaResource   = await _umaResourceQueryRepository.FindByIdentifier(id);

                if (actualUmaResource == null)
                {
                    return(this.BuildError(HttpStatusCode.NotFound, UMAErrorCodes.NOT_FOUND));
                }

                actualUmaResource.IconUri      = receivedUmaResource.IconUri;
                actualUmaResource.Names        = receivedUmaResource.Names;
                actualUmaResource.Descriptions = receivedUmaResource.Descriptions;
                actualUmaResource.Scopes       = receivedUmaResource.Scopes;
                actualUmaResource.Type         = receivedUmaResource.Type;
                await _umaResourceCommandRepository.Update(actualUmaResource, cancellationToken);

                await _umaResourceCommandRepository.SaveChanges(cancellationToken);

                var result = new JObject
                {
                    { UMAResourceNames.Id, actualUmaResource.Id }
                };
                return(new ContentResult
                {
                    ContentType = "application/json",
                    Content = result.ToString(),
                    StatusCode = (int)HttpStatusCode.OK
                });
            }
            catch (UMAInvalidRequestException ex)
            {
                return(this.BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_REQUEST, ex.Message));
            }
        }
        public Task <IActionResult> Confirm(string id)
        {
            return(CallOperationWithAuthenticatedUser(async(sub, payload) =>
            {
                var pendingRequest = await _umaPendingRequestQueryRepository.FindByTicketIdentifierAndOwner(id, sub);
                if (pendingRequest == null)
                {
                    return this.BuildError(HttpStatusCode.Unauthorized, UMAErrorCodes.REQUEST_DENIED);
                }

                if (pendingRequest.Status != UMAPendingRequestStatus.TOBECONFIRMED)
                {
                    return this.BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_REQUEST, UMAErrorMessages.REQUEST_CANNOT_BE_CONFIRMED);
                }

                var resource = await _umaResourceQueryRepository.FindByIdentifier(pendingRequest.Resource.Id);
                foreach (var claimTokenFormat in _claimTokenFormats)
                {
                    resource.Permissions.Add(new UMAResourcePermission(Guid.NewGuid().ToString(), DateTime.UtcNow)
                    {
                        Claims = new List <UMAResourcePermissionClaim>
                        {
                            new UMAResourcePermissionClaim
                            {
                                Name = claimTokenFormat.GetSubjectName(),
                                Value = pendingRequest.Requester
                            }
                        },
                        Scopes = pendingRequest.Scopes.ToList()
                    });
                }

                pendingRequest.Confirm();
                _umaPendingRequestCommandRepository.Update(pendingRequest);
                _umaResourceCommandRepository.Update(resource);
                await _umaResourceCommandRepository.SaveChanges();
                await _umaPendingRequestCommandRepository.SaveChanges();
                return new NoContentResult();
            }));
        }