Exemplo n.º 1
0
        public IHttpActionResult Migrate()
        {
            string input = Request.Content.ReadAsStringAsync().Result;

            // If not data came in, then return
            if (this.Request.Content == null)
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
            }

            //// Read the input claims from the request body
            //using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
            //{
            //    input = await reader.ReadToEndAsync();
            //}

            // Check input content value
            if (string.IsNullOrEmpty(input))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
            }

            // Convert the input string into InputClaimsModel object
            InputClaimsModel inputClaims = InputClaimsModel.Parse(input);

            if (inputClaims == null)
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.signInName))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict)));
            }

            //if (string.IsNullOrEmpty(inputClaims.password))
            //{
            //    return Content(HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict));
            //}


            AzureADGraphClient azureADGraphClient = new AzureADGraphClient(ConfigurationManager.AppSettings["Tenant"],
                                                                           ConfigurationManager.AppSettings["ClientId"],
                                                                           ConfigurationManager.AppSettings["ClientSecret"]);

            GraphAccountModel account = azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName).Result;

            // User already exists, no need to migrate.
            if (account != null)
            {
                return(Ok());
            }

            B2CResponseModel outputClaimsCol = new B2CResponseModel("", HttpStatusCode.OK);

            Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
            outputClaimsCol.isMigrated = false;
            outputClaimsCol.email      = inputClaims.signInName;

            //Only migrate account that is not migrated already, and verified successfully within the local LDAP store.
            if (account == null && tmp.VerifyCredentials(inputClaims.signInName, inputClaims.password))
            {
                inputClaims.sn        = "EID";
                inputClaims.givenName = inputClaims.signInName;
                inputClaims.email     = string.Format("{0}@noreply.com", inputClaims.signInName);

                bool result = MigrateUser(azureADGraphClient, inputClaims);
                if (result)
                {
                    outputClaimsCol.displayName = inputClaims.sn;
                    outputClaimsCol.givenName   = inputClaims.givenName;
                    outputClaimsCol.surName     = inputClaims.email;
                    outputClaimsCol.password    = inputClaims.password;
                    outputClaimsCol.isMigrated  = true;
                }
            }
            return(Ok(outputClaimsCol));

            //// Initiate the output claim object
            //B2CResponseModel outputClaims = new B2CResponseModel("", HttpStatusCode.OK);
            //outputClaims.newPassword = inputClaims.password;
            //outputClaims.email = inputClaims.signInName;
            //outputClaims.needToMigrate = "null";

            //Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
            //if (tmp.VerifyCredentials(inputClaims.signInName, inputClaims.password))
            //{

            //    outputClaims.givenName = "Test " + DateTime.UtcNow.ToLongTimeString();
            //    outputClaims.surName = "User " + DateTime.UtcNow.ToLongDateString();
            //    outputClaims.needToMigrate = "local";
            //}



            //outputClaims.displayName = userMigrationEntity.DisplayName;
            //outputClaims.surName = userMigrationEntity.LastName;
            //outputClaims.givenName = userMigrationEntity.FirstName;

            // Create a retrieve operation that takes a customer entity.
            // Note: Azure Blob Table query is case sensitive, always set the input email to lower case
            //var retrieveOperation = TableOperation.Retrieve<UserTableEntity>(Consts.MigrationTablePartition, inputClaims.signInName.ToLower());

            //CloudTable table = await GetSignUpTable(this.AppSettings.BlobStorageConnectionString);

            // Execute the retrieve operation.
            //TableResult tableEntity = await table.ExecuteAsync(retrieveOperation);

            //TableResult tableEntity = null;

            //if (tableEntity != null && tableEntity.Result != null)
            //{
            //    UserTableEntity userMigrationEntity = ((UserTableEntity)tableEntity.Result);
            //    try
            //    {
            //        outputClaims.needToMigrate = "local";

            //        // Compare the password entered by the user and the one in the migration table.
            //        // Don't compare in password reset flow (useInputPassword is true)
            //        if (inputClaims.useInputPassword || (inputClaims.password == userMigrationEntity.Password))
            //        {
            //            outputClaims.newPassword = inputClaims.password;
            //            outputClaims.email = inputClaims.signInName;
            //            outputClaims.displayName = userMigrationEntity.DisplayName;
            //            outputClaims.surName = userMigrationEntity.LastName;
            //            outputClaims.givenName = userMigrationEntity.FirstName;

            //            // Remove the user entity from migration table
            //            TableOperation deleteOperation = TableOperation.Delete((UserTableEntity)tableEntity.Result);
            //            //await table.ExecuteAsync(deleteOperation);
            //        }
            //        else
            //        {
            //            return Content(HttpStatusCode.Conflict, new B2CResponseModel("Your password is incorrect (migration API)", HttpStatusCode.Conflict));
            //        }
            //    }
            //    catch (Exception ex)
            //    {
            //        return Content(HttpStatusCode.Conflict, new B2CResponseModel($"User migration error: {ex.Message}", HttpStatusCode.Conflict));
            //    }
            //}

            //return Ok(outputClaims);
        }
Exemplo n.º 2
0
        public async Task <ActionResult> LoalAccountPasswordReset()
        {
            string input = null;

            // If not data came in, then return
            if (this.Request.Body == null)
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
            }

            // Read the input claims from the request body
            using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
            {
                input = await reader.ReadToEndAsync();
            }

            // Check input content value
            if (string.IsNullOrEmpty(input))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
            }

            // Convert the input string into InputClaimsModel object
            InputClaimsModel inputClaims = InputClaimsModel.Parse(input);

            if (inputClaims == null)
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.signInName))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.signInName))
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict)));
            }

            // Create a retrieve operation that takes a customer entity.
            // Note: Azure Blob Table query is case sensitive, always set the input email to lower case
            var retrieveOperation = TableOperation.Retrieve <UserTableEntity>(Consts.MigrationTablePartition, inputClaims.signInName.ToLower());

            CloudTable table = await GetSignUpTable(this.AppSettings.BlobStorageConnectionString);

            // Execute the retrieve operation.
            TableResult userMigrationEntity = await table.ExecuteAsync(retrieveOperation);

            if (userMigrationEntity != null && userMigrationEntity.Result != null)
            {
                try
                {
                    try
                    {
                        await MigrateUser(inputClaims, table, userMigrationEntity);

                        // Wait until user is created
                        await Task.Delay(3000);
                    }
                    catch (Exception ex)
                    {
                        return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not migrate user", HttpStatusCode.Conflict)));
                    }
                }
                catch (Exception ex)
                {
                    return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"User migration error: {ex.Message}", HttpStatusCode.Conflict)));
                }
            }

            AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);

            GraphAccountModel account = await azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName);

            if (account == null)
            {
                return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"An account could not be found for the provided user ID. (user migration)", HttpStatusCode.Conflict)));
            }

            OutputClaimsModel output = new OutputClaimsModel();

            output.objectId = account.objectId;

            return(Ok(output));
        }
Exemplo n.º 3
0
        private IHttpActionResult ProcessRequest()
        {
            string input = Request.Content.ReadAsStringAsync().Result;

            // If not data came in, then return
            if (this.Request.Content == null)
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
            }

            //// Read the input claims from the request body
            //using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
            //{
            //    input = await reader.ReadToEndAsync();
            //}

            // Check input content value
            if (string.IsNullOrEmpty(input))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
            }

            // Convert the input string into InputClaimsModel object
            PeopleSoftInputClaimsModel inputClaims = PeopleSoftInputClaimsModel.Parse(input);

            if (inputClaims == null)
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.uid))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("User 'uid' is null or empty", HttpStatusCode.Conflict)));
            }

            if (string.IsNullOrEmpty(inputClaims.password))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict)));
            }

            //bool isEmail = Regex.IsMatch(emailString, @"\A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)\Z", RegexOptions.IgnoreCase);

            if (string.IsNullOrEmpty(inputClaims.email) ||
                !Regex.IsMatch(inputClaims.email, @"\A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)\Z", RegexOptions.IgnoreCase))
            {
                return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Email is empty or not in the correct format", HttpStatusCode.Conflict)));
            }

            AzureADGraphClient azureADGraphClient = new AzureADGraphClient(ConfigurationManager.AppSettings["Tenant"],
                                                                           ConfigurationManager.AppSettings["ClientId"],
                                                                           ConfigurationManager.AppSettings["ClientSecret"]);

            GraphAccountModel          account         = azureADGraphClient.SearcUserBySignInNames(inputClaims.uid).Result;
            B2CPeopleSoftResponseModel outputClaimsCol = new B2CPeopleSoftResponseModel("", HttpStatusCode.OK);

            Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
            outputClaimsCol.isMigrated = false;
            outputClaimsCol.username   = inputClaims.uid;


            //Only migrate account that is not migrated already, and verified successfully within the local LDAP store.
            if (account == null)
            {
                inputClaims.givenname = GetClaimValue(inputClaims.givenname);
                inputClaims.sn        = GetClaimValue(inputClaims.sn);

                bool result = CreateUser(azureADGraphClient, inputClaims);
                if (result)
                {
                    outputClaimsCol.password    = GetClaimValue(inputClaims.password);
                    outputClaimsCol.displayName = GetClaimValue(inputClaims.sn);
                    outputClaimsCol.email       = inputClaims.email;
                    outputClaimsCol.givenName   = inputClaims.givenname;
                    outputClaimsCol.surName     = inputClaims.givenname;
                    outputClaimsCol.isMigrated  = false;
                }
            }
            //Update user
            else
            {
                //TODO: Check for pasword as may want to stop update to it.
                inputClaims.givenname   = inputClaims.givenname == null ? account.surname : inputClaims.givenname;
                inputClaims.sn          = inputClaims.sn == null ? account.displayName : inputClaims.sn;
                inputClaims.email       = inputClaims.email == null ? account.givenName : inputClaims.email;
                inputClaims.isActivated = inputClaims.isActivated == null ? account.accountEnabled : inputClaims.isActivated;


                bool result = UpdateUser(azureADGraphClient, inputClaims, account.objectId);
                if (result)
                {
                    outputClaimsCol.password    = GetClaimValue(inputClaims.password);
                    outputClaimsCol.displayName = GetClaimValue(inputClaims.sn);
                    outputClaimsCol.email       = inputClaims.email;
                    outputClaimsCol.givenName   = inputClaims.givenname;
                    outputClaimsCol.surName     = inputClaims.givenname;
                    outputClaimsCol.isActivated = (bool)inputClaims.isActivated;
                    //outputClaimsCol.isMigrated = false;
                }
                //return Content(HttpStatusCode.Conflict, new B2CResponseModel($"User already exists {inputClaims.uid}", HttpStatusCode.Conflict));
            }
            return(Ok(outputClaimsCol));
        }