/// <summary>
/// Checks if the given subject is allowed access to the tenant.
/// </summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="tenantId">The tenant id to check against.</param>
/// <param name="subjectId">The subject that requires ACL checks permissions.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <Result <bool> > IsAllowedAccessToTenantResultAsync(this IIamClient iamClient, Guid tenantId, string subjectId, System.Threading.CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <AclCheckResponse> response = await iamClient.IsAllowedAccessToTenantResultAsync(
new AclCheckRequest
{
SubjectIds =
{
subjectId,
},
},
tenantId,
cancellationToken).ConfigureAwait(false);
if (response.IsFail)
{
return(ErrorResult <bool>(response.Error));
}
return(response.Value.SubjectIds.Any(s => string.Equals(s, subjectId, StringComparison.OrdinalIgnoreCase)));
}
public async Task ValidateRequest_Default_Success()
{
string tenantName = Guid.NewGuid().ToString();
string tenantId = Guid.NewGuid().ToString();
var mockHttp = new MockHttpMessageHandler();
MockedRequest request = mockHttp
.When(HttpMethod.Get, "*/tenants")
.Respond("application/json", $"[{{'tenantId': '{tenantId}', 'name': '{tenantName}'}}]");
IServiceProvider services = ConfigureServices(mockHttp);
IIamClient iamClient = services.GetRequiredService <IIamClient>();
ICollection <Tenant> tenants = await iamClient.ListTenantsAsync().ConfigureAwait(false);
mockHttp.GetMatchCount(request).Should().Be(1);
tenants.Should().NotBeNullOrEmpty();
tenants.Should().HaveCount(1);
Tenant tenant = tenants.Single();
tenant.Should().NotBeNull();
tenant.TenantId.Should().Be(tenantId);
tenant.Name.Should().Be(tenantName);
}
/// <summary>
/// Revokes a given subject access rights to the tenant.
/// </summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="tenantId">The tenant id to revoke access.</param>
/// <param name="subjectId">The subject that requires revoked permissions.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task RemoveAccessToTenantAsync(this IIamClient iamClient, Guid tenantId, string subjectId, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result result = await iamClient.RemoveAccessToTenantResultAsync(tenantId, subjectId, cancellationToken).ConfigureAwait(false);
if (result.IsFail)
{
throw ApiException.Create(result.Error);
}
}
/// <summary>List Accounts.</summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <object> ListAccountsAsync(this IIamClient iamClient, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <object> result = await iamClient.ListAccountsResultAsync(cancellationToken).ConfigureAwait(false);
if (result.IsSuccess)
{
return(result.Value);
}
throw ApiException.Create(result.Error);
}
/// <summary>Get Tenant.</summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="tenantId">The ID of the requested tenant.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <Tenant> GetTenantAsync(this IIamClient iamClient, Guid tenantId, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <Tenant> result = await iamClient.GetTenantResultAsync(tenantId, cancellationToken).ConfigureAwait(false);
if (result.IsSuccess)
{
return(result.Value);
}
throw ApiException.Create(result.Error);
}
/// <summary>List Tenants.</summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="subjectId">The ID of the subject (e.g. user ID).</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <ICollection <Tenant> > ListTenantsAsync(this IIamClient iamClient, string subjectId = null, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <ICollection <Tenant> > result = await iamClient.ListTenantsResultAsync(subjectId, cancellationToken).ConfigureAwait(false);
if (result.IsSuccess)
{
return(result.Value);
}
throw ApiException.Create(result.Error);
}
/// <summary>
/// Get information about the currently logged in user.
/// </summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="subjectId">Optional user id.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <UserInfoResponse> GetMyDetailsAsync(this IIamClient iamClient, string subjectId, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <UserInfoResponse> result = await iamClient.GetMyDetailsResultAsync(subjectId, cancellationToken).ConfigureAwait(false);
if (result.IsSuccess)
{
return(result.Value);
}
throw ApiException.Create(result.Error);
}
/// <summary>
/// Checks if the given subject is allowed access to the tenant.
/// </summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="request">The subject that requires a permission check.</param>
/// <param name="tenantId">The tenant id to check against.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <AclCheckResponse> IsAllowedAccessToTenantAsync(this IIamClient iamClient, AclCheckRequest request, Guid tenantId, CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
Result <AclCheckResponse> result = await iamClient.IsAllowedAccessToTenantResultAsync(request, tenantId, cancellationToken).ConfigureAwait(false);
if (result.IsSuccess)
{
return(result.Value);
}
throw ApiException.Create(result.Error);
}
public async Task ValidateRequest_CustomVersion_Success()
{
(string accessToken, ITokenClientFactory tokenClientFactory) = MockTokenClientFactory();
string apiVersion = Guid.NewGuid().ToString();
var mockHttp = new MockHttpMessageHandler();
MockedRequest request = mockHttp
.When("*")
.WithHeaders("Authorization", $"Bearer {accessToken}")
.WithQueryString("api-version", apiVersion)
.With(r => r.Headers.Contains("Subscription-Key") == false)
.Respond(HttpStatusCode.OK);
var serviceCollection = new ServiceCollection();
serviceCollection.AddSingleton(tokenClientFactory);
serviceCollection.AddHttpClient(IamClientOptions.IamHttpClientName)
.ConfigurePrimaryHttpMessageHandler(() => mockHttp);
serviceCollection.AddIamClient(new IamClientOptions
{
TokenClientOptions = new ClientCredentialsTokenClientOptions
{
Authority = string.Empty,
ClientId = string.Empty,
ClientSecret = string.Empty,
},
IamApiUri = new Uri("http://localhost"),
ApiVersion = apiVersion,
});
ServiceProvider services = serviceCollection.BuildServiceProvider();
IIamClient iamClient = services.GetRequiredService <IIamClient>();
_ = await iamClient.ListTenantsAsync().ConfigureAwait(false);
mockHttp.GetMatchCount(request).Should().Be(1);
}
/// <summary>Create Tenant.</summary>
/// <param name="iamClient">The IamClient to use.</param>
/// <param name="request">The request body.</param>
/// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
/// <returns>The raw HttpResponseMessage.</returns>
public static async Task <Result <Tenant> > CreateTenantResultAsync(this IIamClient iamClient, CreateTenantRequest request, System.Threading.CancellationToken cancellationToken = default)
{
if (iamClient is null)
{
throw new ArgumentNullException(nameof(iamClient));
}
HttpResponseMessage response = await iamClient.CreateTenantHttpResponseAsync(request, cancellationToken).ConfigureAwait(false);
using (response)
{
switch (response.StatusCode)
{
case HttpStatusCode.OK:
return(await response.DeserializeJsonContentAsync <Tenant>().ConfigureAwait(false));
case HttpStatusCode.NoContent:
return(default);
case HttpStatusCode.BadRequest:
case HttpStatusCode.InternalServerError:
{
ErrorResponse errorResponse = await response.DeserializeJsonContentAsync <ErrorResponse>().ConfigureAwait(false);
return(ErrorResult <Tenant>(errorResponse.Error));
}
default:
{
UnexpectedStatusCodeError error = await UnexpectedStatusCodeError.CreateAsync(response, $"{nameof(IIamClient)}.{nameof(CreateTenantResultAsync)}").ConfigureAwait(false);
return(ErrorResult <Tenant>(error));
}
}
}
}
