Пример #1
0
        public async Task <InvokeResult> SendConfirmationEmailAsync(EntityHeader orgHeader, EntityHeader userHeader)
        {
            var appUser = await _userManager.FindByIdAsync(userHeader.Id);

            if (appUser == null)
            {
                _adminLogger.AddCustomEvent(Core.PlatformSupport.LogLevel.Error, "UserVerifyController_SendConfirmationEmailAsync", "Could not get current user.");
                return(InvokeResult.FromErrors(UserAdminErrorCodes.AuthCouldNotFindUserAccount.ToErrorMessage()));
            }

            try
            {
                var token = await _userManager.GenerateEmailConfirmationTokenAsync(appUser);

                var encodedToken = System.Net.WebUtility.UrlEncode(token);



                var callbackUrl       = $"{GetWebURI()}/Account/Verify?userId={appUser.Id}&code={encodedToken}";
                var mobileCallbackUrl = $"nuviot:confirmemail/?userId={appUser.Id}&code={encodedToken}";

#if DEBUG
                _adminLogger.AddCustomEvent(Core.PlatformSupport.LogLevel.Message, "UserVerifyController_SendConfirmationEmailAsync", "SentToken",
                                            token.ToKVP("token"),
                                            appUser.Id.ToKVP("appUserId"),
                                            encodedToken.ToKVP("encodedToken"),
                                            appUser.Email.ToKVP("toEmailAddress"));
#endif

                var subject = UserAdminResources.Email_Verification_Subject.Replace("[APP_NAME]", _appConfig.AppName);
                var body    = UserAdminResources.Email_Verification_Body.Replace("[CALLBACK_URL]", callbackUrl).Replace("[MOBILE_CALLBACK_URL]", mobileCallbackUrl);
                var result  = await _emailSender.SendAsync(appUser.Email, subject, body);

                _adminLogger.LogInvokeResult("UserVerficationManager_SendConfirmationEmailAsync", result,
                                             new KeyValuePair <string, string>("token", token),
                                             new KeyValuePair <string, string>("toUserId", appUser.Id),
                                             new KeyValuePair <string, string>("toEmail", appUser.Email));
                return(result);
            }
            catch (Exception ex)
            {
                _adminLogger.AddException("UserVerficationManager_SendConfirmationEmailAsync", ex,
                                          new KeyValuePair <string, string>("toUserId", appUser.Id),
                                          new KeyValuePair <string, string>("toEmail", appUser.Email));

                return(InvokeResult.FromErrors(UserAdminErrorCodes.RegErrorSendingEmail.ToErrorMessage(), new ErrorMessage()
                {
                    Message = ex.Message
                }));
            }
        }
Пример #2
0
        public async Task <InvokeResult <AuthResponse> > RefreshTokenGrantAsync(AuthRequest authRequest)
        {
            var requestValidationResult = _authRequestValidators.ValidateAuthRequest(authRequest);

            if (!requestValidationResult.Successful)
            {
                return(InvokeResult <AuthResponse> .FromInvokeResult(requestValidationResult));
            }

            var refreshTokenRequestValidationResult = _authRequestValidators.ValidateRefreshTokenGrant(authRequest);

            if (!refreshTokenRequestValidationResult.Successful)
            {
                return(InvokeResult <AuthResponse> .FromInvokeResult(refreshTokenRequestValidationResult));
            }

            var appUser = await _userManager.FindByNameAsync(authRequest.UserName);

            if (appUser == null)
            {
                _adminLogger.AddCustomEvent(Core.PlatformSupport.LogLevel.Error, "AuthTokenManager_RefreshTokenGrantAsync", UserAdminErrorCodes.AuthCouldNotFindUserAccount.Message, new KeyValuePair <string, string>("id", authRequest.UserName));
                return(InvokeResult <AuthResponse> .FromErrors(UserAdminErrorCodes.AuthCouldNotFindUserAccount.ToErrorMessage()));
            }

            if (!String.IsNullOrEmpty(authRequest.OrgId) && (appUser.CurrentOrganization == null || authRequest.OrgId != appUser.CurrentOrganization.Id))
            {
                var changeOrgResult = await _orgHelper.SetUserOrgAsync(authRequest, appUser);

                if (!changeOrgResult.Successful)
                {
                    return(InvokeResult <AuthResponse> .FromInvokeResult(changeOrgResult));
                }
            }

            var updateLastRefreshTokenResult = (await _appInstanceManager.UpdateLastAccessTokenRefreshAsync(appUser.Id, authRequest));

            if (updateLastRefreshTokenResult.Successful)
            {
                authRequest.AppInstanceId = updateLastRefreshTokenResult.Result.RowKey;
                var refreshTokenResponse = await _refreshTokenManager.RenewRefreshTokenAsync(authRequest.RefreshToken, appUser.Id);

                _adminLogger.LogInvokeResult("AuthTokenManager_RefreshTokenGrantAsync", refreshTokenResponse);
                return(_tokenHelper.GenerateAuthResponse(appUser, authRequest, refreshTokenResponse));
            }
            else
            {
                return(InvokeResult <AuthResponse> .FromInvokeResult(updateLastRefreshTokenResult.ToInvokeResult()));
            }
        }
Пример #3
0
        public async Task <InvokeResult> SetUserOrgAsync(AuthRequest authRequest, AppUser appUser)
        {
            // Synthesize the org and user from request and app user
            var org = new EntityHeader()
            {
                Id = authRequest.OrgId, Text = authRequest.OrgName
            };
            var user = new EntityHeader()
            {
                Id = appUser.Id, Text = $"{appUser.FirstName} {appUser.LastName}"
            };

            authRequest.OrgId   = org.Id;
            authRequest.OrgName = org.Text;

            // 1) Ensure user has access to the requested org.
            var orgs = await _orgManager.GetOrganizationsForUserAsync(appUser.Id, org, user);

            var switchToOrg = orgs.Where(o => o.OrgId == authRequest.OrgId).FirstOrDefault();

            if (switchToOrg == null)
            {
                _adminLogger.AddCustomEvent(Core.PlatformSupport.LogLevel.Error, "AuthTokenManager_SetOrg", UserAdminErrorCodes.AuthOrgNotAuthorized.Message,
                                            new KeyValuePair <string, string>("userid", appUser.Id),
                                            new KeyValuePair <string, string>("requestedOrgId", authRequest.OrgId));
                return(InvokeResult.FromErrors(UserAdminErrorCodes.AuthOrgNotAuthorized.ToErrorMessage()));
            }

            var oldOrgId   = EntityHeader.IsNullOrEmpty(appUser.CurrentOrganization) ? "none" : appUser.CurrentOrganization.Id;
            var oldOrgName = EntityHeader.IsNullOrEmpty(appUser.CurrentOrganization) ? "none" : appUser.CurrentOrganization.Text;

            // 2) Change the org on the user object
            appUser.CurrentOrganization = new EntityHeader()
            {
                Id   = authRequest.OrgId,
                Text = switchToOrg.OrganizationName,
            };

            appUser.IsOrgAdmin = switchToOrg.IsOrgAdmin;

            // 3) Add the roles to the user for the org.
            var orgRoles = await _orgManager.GetUsersRolesInOrgAsync(authRequest.OrgId, appUser.Id, appUser.CurrentOrganization, appUser.ToEntityHeader());

            appUser.CurrentOrganizationRoles = new List <EntityHeader>();
            foreach (var orgRole in orgRoles)
            {
                appUser.CurrentOrganizationRoles.Add(orgRole.ToEntityHeader());
            }

            // 4) Write the updated user back to storage.
            var updateResult = await _userManager.UpdateAsync(appUser);

            if (!updateResult.Successful)
            {
                var invokeResult = updateResult.ToInvokeResult();

                _adminLogger.LogInvokeResult("OrgHelper_SetUserOrgAsync", invokeResult,
                                             new KeyValuePair <string, string>("userId", appUser.Id),
                                             new KeyValuePair <string, string>("userName", appUser.UserName));

                return(invokeResult);
            }

            // 5) Write this change to logger.
            _adminLogger.AddCustomEvent(Core.PlatformSupport.LogLevel.Message, "AuthTokenManager_SetOrg", "UserSwitchedOrg",
                                        new KeyValuePair <string, string>("userId", appUser.Id),
                                        new KeyValuePair <string, string>("userName", appUser.UserName),
                                        new KeyValuePair <string, string>("oldOrgId", oldOrgId),
                                        new KeyValuePair <string, string>("oldOrgName", oldOrgName),
                                        new KeyValuePair <string, string>("newOrgId", appUser.CurrentOrganization.Id),
                                        new KeyValuePair <string, string>("newOrgName", appUser.CurrentOrganization.Text));

            // 6) Return success, no response data necessary, app user is by reference so it should already be updated.
            return(InvokeResult.Success);
        }