private static string ConvertDataType(XacmlJsonAttribute jsonAttribute)
{
if (string.IsNullOrEmpty(jsonAttribute.DataType))
{
return(XacmlConstants.DataTypes.XMLString);
}
switch (jsonAttribute.DataType)
{
case "string":
return(XacmlConstants.DataTypes.XMLString);
case XacmlConstants.DataTypes.XMLString:
return(XacmlConstants.DataTypes.XMLString);
case "anyURI":
case XacmlConstants.DataTypes.XMLAnyURI:
return(XacmlConstants.DataTypes.XMLAnyURI);
case XacmlConstants.DataTypes.XMLInteger:
return(XacmlConstants.DataTypes.XMLInteger);
default:
throw new Exception("Not supported");
}
}
private static void AssertEqual(XacmlJsonAttribute expected, XacmlJsonAttribute actual)
{
Assert.Equal(expected.AttributeId, actual.AttributeId);
Assert.Equal(expected.DataType, actual.DataType);
Assert.Equal(expected.IncludeInResult, actual.IncludeInResult);
Assert.Equal(expected.Issuer, actual.Issuer);
Assert.Equal(expected.Value, actual.Value, true);
}
private static XacmlJsonAttribute CreateXacmlJsonAttribute(string attributeId, string value, string dataType, string issuer)
{
XacmlJsonAttribute xacmlJsonAttribute = new XacmlJsonAttribute();
xacmlJsonAttribute.AttributeId = attributeId;
xacmlJsonAttribute.Value = value;
xacmlJsonAttribute.DataType = dataType;
xacmlJsonAttribute.Issuer = issuer;
return(xacmlJsonAttribute);
}
public static XacmlJsonAttribute CreateXacmlJsonAttribute(string attributeId, string value, string dataType, string issuer, bool includeResult = false)
{
XacmlJsonAttribute xacmlJsonAttribute = new XacmlJsonAttribute();
xacmlJsonAttribute.AttributeId = attributeId;
xacmlJsonAttribute.Value = value;
xacmlJsonAttribute.DataType = dataType;
xacmlJsonAttribute.Issuer = issuer;
xacmlJsonAttribute.IncludeInResult = includeResult;
return(xacmlJsonAttribute);
}
private static List <XacmlJsonAttribute> ConvertAttribute(ICollection <XacmlAttribute> attributes)
{
List <XacmlJsonAttribute> jsonAttributes = new List <XacmlJsonAttribute>();
foreach (XacmlAttribute attribute in attributes)
{
foreach (XacmlAttributeValue attributeValue in attribute.AttributeValues)
{
XacmlJsonAttribute jsonAttribute = new XacmlJsonAttribute();
jsonAttribute.AttributeId = attribute.AttributeId.OriginalString;
jsonAttribute.Value = attributeValue.Value;
jsonAttribute.DataType = attributeValue.DataType.OriginalString;
jsonAttributes.Add(jsonAttribute);
}
}
return(jsonAttributes);
}
public Task <XacmlJsonResponse> GetDecisionForRequest(XacmlJsonRequestRoot xacmlJsonRequest)
{
List <XacmlJsonCategory> resources = xacmlJsonRequest.Request.Resource;
XacmlJsonAttribute attribute = resources.Select(r => r.Attribute.Find(a => a.Value.Equals("endring-av-navn"))).FirstOrDefault();
// Create response and result
XacmlJsonResponse response = new XacmlJsonResponse();
response.Response = new List <XacmlJsonResult>();
XacmlJsonResult result = new XacmlJsonResult();
if (attribute != null)
{
// Set decision to permit
result.Decision = XacmlContextDecision.Permit.ToString();
response.Response.Add(result);
return(Task.FromResult(response));
}
XacmlJsonAttribute attribute2 = resources.Select(r => r.Attribute.Find(a => a.Value.Equals("multiple-results"))).FirstOrDefault();
if (attribute2 != null)
{
// Set decision to permit
result.Decision = XacmlContextDecision.Permit.ToString();
response.Response.Add(result);
response.Response.Add(new XacmlJsonResult());
return(Task.FromResult(response));
}
XacmlJsonAttribute attribute3 = resources.Select(r => r.Attribute.Find(a => a.Value.Equals("auth-level-2"))).FirstOrDefault();
if (attribute3 != null)
{
// Set decision to permit
result.Decision = XacmlContextDecision.Permit.ToString();
response.Response.Add(result);
// Add obligation to result with a minimum authentication level attribute
XacmlJsonObligationOrAdvice obligation = new XacmlJsonObligationOrAdvice();
obligation.AttributeAssignment = new List <XacmlJsonAttributeAssignment>();
XacmlJsonAttributeAssignment authenticationAttribute = new XacmlJsonAttributeAssignment()
{
Category = "urn:altinn:minimum-authenticationlevel",
Value = "2"
};
obligation.AttributeAssignment.Add(authenticationAttribute);
result.Obligations = new List <XacmlJsonObligationOrAdvice>();
result.Obligations.Add(obligation);
return(Task.FromResult(response));
}
XacmlJsonAttribute attribute4 = resources.Select(r => r.Attribute.Find(a => a.Value.Equals("auth-level-3"))).FirstOrDefault();
if (attribute4 != null)
{
// Set decision to permit
result.Decision = XacmlContextDecision.Permit.ToString();
response.Response.Add(result);
// Add obligation to result with a minimum authentication level attribute
XacmlJsonObligationOrAdvice obligation = new XacmlJsonObligationOrAdvice();
obligation.AttributeAssignment = new List <XacmlJsonAttributeAssignment>();
XacmlJsonAttributeAssignment authenticationAttribute = new XacmlJsonAttributeAssignment()
{
Category = "urn:altinn:minimum-authenticationlevel",
Value = "3"
};
obligation.AttributeAssignment.Add(authenticationAttribute);
result.Obligations = new List <XacmlJsonObligationOrAdvice>();
result.Obligations.Add(obligation);
return(Task.FromResult(response));
}
// Set decision to deny
result.Decision = XacmlContextDecision.Deny.ToString();
response.Response.Add(result);
return(Task.FromResult(response));
}
