Exemplo n.º 1
0
        public HttpResponseMessage DeleteUser([FromBody] SSOUserRequest request)
        {
            UserManager userMan  = new UserManager();
            var         response = userMan.DeleteUserUsingSSO(request);

            return(response);
        }
Exemplo n.º 2
0
        public HttpResponseMessage DeleteUserUsingSSO(SSOUserRequest request)
        {
            try
            {
                var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
                if (!isSignatureValid)
                {
                    var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
                    {
                        Content = new StringContent("Invalid Session")
                    };
                    return(httpResponse);
                }

                var response = DeleteUser(request.email);

                return(response);
            }
            catch (Exception e)
            {
                var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
                {
                    Content = new StringContent(e.ToString())
                };
                return(httpResponse);
            }
        }
Exemplo n.º 3
0
        public HttpResponseMessage Login([FromBody] SSOUserRequest request)
        {
            SessionManager sessionMan = new SessionManager();
            var            response   = sessionMan.Login(this, request);

            return(response);
        }
Exemplo n.º 4
0
        public HttpResponseMessage Logout([FromBody] SSOUserRequest request)
        {
            SessionManager sessionMan = new SessionManager();
            var            response   = sessionMan.Logout(request.email);

            return(response);
        }
Exemplo n.º 5
0
        public HttpResponseMessage LogoutUsingSSO(SSOUserRequest request)
        {
            try
            {
                // Check if signature is valid
                var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
                if (!isSignatureValid)
                {
                    var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
                    {
                        Content = new StringContent("Invalid Session")
                    };
                    return(httpResponse);
                }

                return(Logout(request.email));
            }
            catch (Exception)
            {
                var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
                {
                    Content = new StringContent("Unable to log out at this time")
                };
                return(httpResponse);
            }
        }
Exemplo n.º 6
0
        public HttpResponseMessage Login(ApiController controller, SSOUserRequest request)
        {
            try
            {
                // Check if signature is valid
                var isSignatureValid = _signatureService.IsValidClientRequest(request.ssoUserId, request.email, request.timestamp, request.signature);
                if (!isSignatureValid)
                {
                    var httpResponse = new HttpResponseMessage(HttpStatusCode.BadRequest)
                    {
                        Content = new StringContent("Invalid Session")
                    };
                    return(httpResponse);
                }
                // Check if user exists
                if (_userService.IsUsernameFound(request.email))
                {
                    var generatedToken = _jwtService.CreateToken(request.email, _userService.GetUserUid(request.email));
                    var redirectURL    = baseRedirectURL + generatedToken;
                    var redirect       = controller.Request.CreateResponse(HttpStatusCode.SeeOther);
                    redirect.Content          = new StringContent(redirectURL);
                    redirect.Headers.Location = new Uri(redirectURL);

                    return(redirect);
                }
                else
                {
                    // If user doesn't have account in greetngroup, create account
                    User createdUser = new User
                    {
                        UserId   = _userService.GetNextUserID(),
                        UserName = request.email
                    };
                    _userService.InsertUser(createdUser);
                    _userClaimService.AddDefaultClaims(createdUser);
                    var generatedToken = _jwtService.CreateToken(request.email, _userService.GetUserUid(request.email));
                    var redirectURL    = baseRedirectURL + generatedToken;
                    var redirect       = controller.Request.CreateResponse(HttpStatusCode.SeeOther);
                    redirect.Content          = new StringContent(redirectURL);
                    redirect.Headers.Location = new Uri(redirectURL);

                    return(redirect);
                }
            }
            catch (Exception e)
            {
                var httpResponse = new HttpResponseMessage(HttpStatusCode.InternalServerError)
                {
                    Content = new StringContent("Unable to login at this time")
                };
                return(httpResponse);
            }
        }
Exemplo n.º 7
0
        public void Logout_Fail_InvalidRequest()
        {
            // Arrange
            SSOUserRequest request = new SSOUserRequest
            {
                ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
                email     = "*****@*****.**",
                timestamp = "1556421373491",
                signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU"
            };
            var expected = new HttpResponseMessage(HttpStatusCode.BadRequest);

            // Act
            var actual = sessionMan.Logout(request.email);

            // Assert
            Assert.AreEqual(expected.StatusCode, actual.StatusCode);
        }
Exemplo n.º 8
0
        public void Logout_Pass()
        {
            // Arrange
            SSOUserRequest request = new SSOUserRequest
            {
                ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
                email     = "*****@*****.**",
                timestamp = "1556421373491",
                signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU="
            };
            var expected = new HttpResponseMessage(HttpStatusCode.OK)
            {
                Content = new StringContent("User has logged out of GreetNGroup")
            };

            // Act
            var actual = sessionMan.Logout(request.email);

            // Assert
            Assert.AreEqual(expected.StatusCode, actual.StatusCode);
        }
Exemplo n.º 9
0
        public void Logout_Fail_UserNotInDB()
        {
            // Arrange
            SSOUserRequest request = new SSOUserRequest
            {
                ssoUserId = "b33ae8eb-9cfa-4c7d-91cc-b0e2ecc74792",
                email     = "*****@*****.**",
                timestamp = "1556421373491",
                signature = "2d+xE3d0PegywQ812+BBn8TjA4FS/GC/06yMci4OVNU"
            };

            userMan.DeleteUser("*****@*****.**");

            var expected = new HttpResponseMessage(HttpStatusCode.NotFound)
            {
                Content = new StringContent("User Does Not Exist")
            };

            // Act
            var actual = sessionMan.Logout(request.email);

            // Assert
            Assert.AreEqual(expected.StatusCode, actual.StatusCode);
        }