public static async Task <IHttpResponse> Get( [OptionalQueryParameter(Name = ProvideLoginMock.extraParamState)] IRefOptional <Authorization> authorizationRef, [QueryParameter(Name = ProvideLoginMock.extraParamToken)] string token, IAzureApplication application, IProvideUrl urlHelper, IHttpRequest request, RedirectResponse redirectResponse, ServiceUnavailableResponse onNoServiceResponse, BadRequestResponse onBadCredentials, GeneralConflictResponse onFailure) { var authentication = EastFive.Azure.Auth.Method.ByMethodName( ProvideLoginMock.IntegrationName, application); var parameters = new Dictionary <string, string>() { { ProvideLoginMock.extraParamToken, token }, }; if (authorizationRef.HasValue) { parameters.Add(ProvideLoginMock.extraParamState, authorizationRef.id.ToString()); } return(await Redirection.ProcessRequestAsync(authentication, parameters, application, request, urlHelper, (redirect) => { var response = redirectResponse(redirect); return response; }, (why) => onBadCredentials().AddReason($"Bad credentials:{why}"), (why) => onNoServiceResponse().AddReason(why), (why) => onFailure(why))); }
private static async Task <TResult> GetClaimsAsync <TResult>( Api.Azure.AzureApplication application, IRefOptional <Authorization> authorizationRefMaybe, Func <IDictionary <string, string>, Guid?, bool, TResult> onClaims, Func <string, TResult> onFailure) { if (!authorizationRefMaybe.HasValue) { return(onClaims(new Dictionary <string, string>(), default(Guid?), false)); } var authorizationRef = authorizationRefMaybe.Ref; return(await Api.AppSettings.ActorIdClaimType.ConfigurationString( (accountIdClaimType) => { return GetSessionAcountAsync(authorizationRef, application, (accountId, authorized) => { var claims = new Dictionary <string, string>() { { accountIdClaimType, accountId.ToString() } }; return onClaims(claims, accountId, authorized); }, (why, authorized) => onClaims(new Dictionary <string, string>(), default(Guid?), authorized)); }, (why) => onClaims(new Dictionary <string, string>(), default(Guid?), false).AsTask())); }
public static bool HasValueNotNull <T>(this IRefOptional <T> refOptional) where T : IReferenceable { if (refOptional.IsDefaultOrNull()) { return(false); } return(refOptional.HasValue && !refOptional.Ref.id.IsDefault()); }
public static async Task <IHttpResponse> GetAsync( //[WorkflowNewId] //[WorkflowVariable( // Workflows.PasswordLoginCreateAccount.Variables.State, // AuthorizationPropertyName)] [OptionalQueryParameter(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefOptional, [WorkflowParameter( Value = "d989b604-1e25-4d77-b79e-fe1c7d36f833", Description = "Unique and static to each client (i.e. iOS or Web)")] [QueryParameter(Name = ClientPropertyName)] IRef <Client> clientRef, [WorkflowNewId(Description = "No idea what this does.")] [OptionalQueryParameter(Name = ValidationPropertyName)] string validation, IAuthApplication application, IProvideUrl urlHelper, //ContentTypeResponse<Authentication> onFound, [WorkflowVariable( Workflows.PasswordLoginCreateAccount.Variables.Authorization, Authentication.AuthenticationPropertyName)] [WorkflowVariableRedirectUrl( VariableName = Workflows.PasswordLoginCreateAccount.Variables.AuthorizationRedirect)] RedirectResponse onFound, ReferencedDocumentNotFoundResponse <Client> onInvalidClient) { return(await await clientRef.StorageGetAsync( (client) => { var authentication = new Authentication { authenticationRef = SecureGuid.Generate().AsRef <Authentication>(), authorizationMaybe = authorizationRefOptional, client = clientRef, }; return authentication.StorageCreateAsync( (entity) => { var location = urlHelper.GetLocation <Authentication>( auth => auth.authenticationRef.AssignQueryValue(authentication.authenticationRef), application); return onFound(location); }); }, () => onInvalidClient().AsTask())); }
public static Task <IHttpResponse> FindByFirstStepByActorAndTypeAsync( [QueryParameter(Name = Resources.ProcessStage.OwnerPropertyName)] Guid ownerId, [QueryParameter(Name = Resources.ProcessStage.TypePropertyName)] Type resourceType, [QueryParameter(Name = "processstage." + Resources.ProcessStage.ConfirmablePropertyName + "." + Resources.ProcessStage.ConfirmableResource.ProcessStageNextPropertyName)] IRefOptional <IReferenceable> nextStage, EastFive.Api.Security security, IProvideUrl url, MultipartAcceptArrayResponse onMultipart, ReferencedDocumentNotFoundResponse onResourceNotFound, UnauthorizedResponse onUnauthorized) { return(EastFive.Azure.ProcessStages.FindStartByActorAndResourceTypeAsync(ownerId, resourceType, security, (processStages) => onMultipart(processStages.Select(ps => GetResource(ps, url))), () => onResourceNotFound(), () => onUnauthorized())); }
[HttpPost] //(MatchAllBodyParameters = false)] public async static Task <HttpResponseMessage> CreateAsync( [Property(Name = SessionIdPropertyName)] IRef <Session> sessionId, [PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe, [Resource] Session session, Api.Azure.AzureApplication application, CreatedBodyResponse <Session> onCreated, AlreadyExistsResponse onAlreadyExists, ForbiddenResponse forbidden, ConfigurationFailureResponse onConfigurationFailure, GeneralConflictResponse onFailure) { session.refreshToken = Security.SecureGuid.Generate().ToString("N"); return(await Security.AppSettings.TokenScope.ConfigurationUri( scope => { return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble( async(tokenExpirationInMinutes) => { return await await GetClaimsAsync(application, authorizationRefMaybe, (claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return session.StorageCreateAsync( (sessionIdCreated) => { return BlackBarLabs.Security.Tokens.JwtTools.CreateToken(sessionId.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onCreated(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); }, () => onAlreadyExists()); }, (why) => onFailure(why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask())); }
public static Task <HttpResponseMessage> UpdateBodyAsync( [UpdateId(Name = SessionIdPropertyName)] IRef <Session> sessionRef, [PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe, Api.Azure.AzureApplication application, ContentTypeResponse <Session> onUpdated, NotFoundResponse onNotFound, ForbiddenResponse forbidden, ConfigurationFailureResponse onConfigurationFailure, GeneralConflictResponse onFailure) { return(sessionRef.StorageUpdateAsync( (sessionStorage, saveSessionAsync) => { return Security.AppSettings.TokenScope.ConfigurationUri( scope => { return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble( async(tokenExpirationInMinutes) => { return await await GetClaimsAsync(application, authorizationRefMaybe, async(claims, accountIdMaybe, authorized) => { sessionStorage.authorization = authorizationRefMaybe; sessionStorage.authorized = authorized; sessionStorage.account = accountIdMaybe; return await BlackBarLabs.Security.Tokens.JwtTools.CreateToken(sessionRef.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, async(tokenNew) => { sessionStorage.token = tokenNew; await saveSessionAsync(sessionStorage); return onUpdated(sessionStorage); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig).AsTask(), (configName, issue) => onConfigurationFailure(configName, issue).AsTask()); }, why => onFailure(why).AsTask()); }, why => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, onNotFound: () => onNotFound())); }
public async static Task <IHttpResponse> CreateAsync( [Property(Name = AccountPropertyName)] Guid accountId, [PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe, [Resource] XIntegration integration, IAuthApplication application, EastFive.Api.SessionToken security, CreatedResponse onCreated, AlreadyExistsResponse onAlreadyExists, ForbiddenResponse onForbidden, ReferencedDocumentDoesNotExistsResponse <Authorization> onAuthorizationDoesNotExist, GeneralConflictResponse onFailure) { if (!await application.CanAdministerCredentialAsync(accountId, security)) { return(onForbidden()); } return(await await authorizationRefMaybe.StorageGetAsync( async authorization => { if (!await application.ShouldAuthorizeIntegrationAsync(integration, authorization)) { return onFailure("Authorization is not accessable to this account."); } return await CreateWithAuthorization(integration, authorization, () => onCreated(), () => onAlreadyExists(), (why) => onFailure(why)); }, async() => { if (authorizationRefMaybe.HasValue) { return onAuthorizationDoesNotExist(); } return await integration.StorageCreateAsync( (discard) => onCreated(), () => onAlreadyExists()); })); }
[Api.HttpPost] //(MatchAllBodyParameters = false)] public async static Task <IHttpResponse> CreateAsync( [Property(Name = AccountPropertyName)] Guid accountId, [PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe, [Resource] Integration integration, Api.Azure.AzureApplication application, EastFive.Api.SessionToken security, CreatedResponse onCreated, AlreadyExistsResponse onAlreadyExists, ForbiddenResponse forbidden, ReferencedDocumentDoesNotExistsResponse <Authorization> onAuthenticationDoesNotExist, GeneralConflictResponse onFailure) { if (!await application.CanAdministerCredentialAsync(accountId, security)) { return(forbidden()); } return(await await authorizationRefMaybe.StorageGetAsync( authorization => { // TODO? This // var accountIdDidMatch = await await authorization.ParseCredentailParameters( return CreateWithAuthorization(integration, authorization, accountId, () => onCreated(), () => onAlreadyExists(), (why) => onFailure(why)); }, async() => { return await await integration.StorageCreateAsync( discard => { return SaveAccountLookupAsync(accountId, integration, () => onCreated()); }, () => onAlreadyExists().AsTask()); })); }
private static async Task <TResult> GetClaimsAsync <TResult>( IAuthApplication application, IRefOptional <Authorization> authorizationRefMaybe, Func <IDictionary <string, string>, Guid?, bool, TResult> onClaims, Func <string, TResult> onFailure) { if (!authorizationRefMaybe.HasValueNotNull()) { return(onClaims(new Dictionary <string, string>(), default(Guid?), false)); } var authorizationRef = authorizationRefMaybe.Ref; return(await Api.AppSettings.ActorIdClaimType.ConfigurationString( (accountIdClaimType) => { return GetSessionAcountAsync(authorizationRef, application, (accountId, claims, authorized) => { var claimsWithAccountId = claims .Append(accountIdClaimType.PairWithValue(accountId.ToString())) .ToDictionary(); return onClaims(claimsWithAccountId, accountId, authorized); }, (why, authorized) => onClaims(new Dictionary <string, string>(), default(Guid?), authorized)); }, (why) => { return GetSessionAcountAsync(authorizationRef, application, (accountId, claims, authorized) => { var claimsDictionary = claims .NullToEmpty() .ToDictionary(); return onClaims(claimsDictionary, accountId, authorized); }, (why, authorized) => onClaims(new Dictionary <string, string>(), default(Guid?), authorized)); })); }
public static Guid?GetIdMaybeNullSafe <T>(this IRefOptional <T> refOptional) where T : IReferenceable { if (refOptional.IsDefaultOrNull()) { return(default);
public static IQueryable <TResource> ById <TResource>(this IQueryable <TResource> query, IRefOptional <TResource> resourceRef) where TResource : IReferenceable { if (!resourceRef.HasValue) { return(query); } return(query.ById(resourceRef.Ref)); }
public async static Task <TResult> AuthenticationAsync <TResult>( EastFive.Azure.Auth.Method authentication, IDictionary <string, string> values, IAzureApplication application, IHttpRequest request, IInvokeApplication endpoints, Uri baseUri, IRefOptional <Authorization> authorizationRefToCreate, Func <Uri, Guid?, Func <IHttpResponse, IHttpResponse>, TResult> onRedirect, Func <TResult> onAuthorizationNotFound, Func <string, TResult> onCouldNotConnect, Func <string, TResult> onGeneralFailure) { var telemetry = application.Telemetry; return(await await authentication.RedeemTokenAsync(values, application, async (externalAccountKey, authorizationRefMaybe, loginProvider, extraParams) => { #region Handle case where there was a direct link or a POST if (!authorizationRefMaybe.HasValue) { var authorization = new Authorization { authorizationRef = authorizationRefToCreate.HasValue? authorizationRefToCreate.Ref : new Ref <Authorization>(Security.SecureGuid.Generate()), Method = authentication.authenticationId, parameters = extraParams, authorized = true, }; return await ProcessAsync(authorization, async(authorizationUpdated) => { bool created = await authorizationUpdated.StorageCreateAsync( authIdDiscard => { return true; }, () => { //if(authorizationRefToCreate.HasValueNotNull()) // throw new Exception("Authorization to create already exists."); //throw new Exception("Duplicated update from ProcessAsync."); return false; }); }, authentication, externalAccountKey, extraParams, application, request, endpoints, loginProvider, baseUri, onRedirect, onGeneralFailure, telemetry); } #endregion var authorizationRef = authorizationRefMaybe.Ref; return await authorizationRef.StorageUpdateAsync( async(authorization, saveAsync) => { return await ProcessAsync(authorization, saveAsync, authentication, externalAccountKey, extraParams, application, request, endpoints, loginProvider, baseUri, onRedirect, onGeneralFailure, telemetry); }, () => { return onAuthorizationNotFound(); }); }, (authorizationRef, extraparams) => onGeneralFailure("Cannot use logout to authenticate").AsTask(), (why) => onCouldNotConnect(why).AsTask(), (why) => onGeneralFailure(why).AsTask())); }
public async static Task <Session> CreateAsync( IAuthApplication application, IRefOptional <Authorization> authorizationRefMaybe, IRefOptional <Session> sessionToCreateMaybe = default) { var sessionId = sessionToCreateMaybe.HasValueNotNull() ? sessionToCreateMaybe.Ref : Ref <Session> .SecureRef(); var session = new Session() { sessionId = sessionId, refreshToken = Security.SecureGuid.Generate().ToString("N"), authorization = authorizationRefMaybe, }; return(await Security.AppSettings.TokenScope.ConfigurationUri( scope => { return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble( async(tokenExpirationInMinutes) => { return await await GetClaimsAsync(application, authorizationRefMaybe, async(claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return await await session.StorageCreateAsync( (sessionIdCreated) => { return Api.Auth.JwtTools.CreateToken(session.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return session; }, (missingConfig) => throw new Exception(missingConfig), (configName, issue) => throw new Exception(issue)).AsTask(); }, onAlreadyExists: () => { return sessionId.StorageUpdateAsync( async(sessionToUpdate, saveAsync) => { sessionToUpdate.authorization = authorizationRefMaybe; sessionToUpdate.account = accountIdMaybe; sessionToUpdate.authorized = authorized; await saveAsync(sessionToUpdate); return Api.Auth.JwtTools.CreateToken(sessionToUpdate.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { sessionToUpdate.token = tokenNew; return sessionToUpdate; }, (missingConfig) => throw new Exception(missingConfig), (configName, issue) => throw new Exception(issue)); }); }); }, (why) => throw new Exception(why)); }, (why) => throw new Exception(why)); }, (why) => throw new Exception(why))); }
public async static Task <IHttpResponse> CreateAsync( [Api.Meta.Flows.WorkflowNewId] [Property(Name = SessionIdPropertyName)] IRef <Session> sessionId, [Api.Meta.Flows.WorkflowParameter(Value = "{{XAuthorization}}")] [PropertyOptional(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefMaybe, [Resource] Session session, IAuthApplication application, [Api.Meta.Flows.WorkflowVariable2(Workflows.AuthorizationFlow.Variables.AuthHeaderName, HeaderNamePropertyName)] [Api.Meta.Flows.WorkflowVariable(Workflows.AuthorizationFlow.Variables.TokenName, TokenPropertyName)] CreatedBodyResponse <Session> onCreated, AlreadyExistsResponse onAlreadyExists, ForbiddenResponse forbidden, ConfigurationFailureResponse onConfigurationFailure, GeneralConflictResponse onFailure) { session.refreshToken = Security.SecureGuid.Generate().ToString("N"); return(await Security.AppSettings.TokenScope.ConfigurationUri( scope => { return Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes.ConfigurationDouble( async(tokenExpirationInMinutes) => { return await await GetClaimsAsync(application, authorizationRefMaybe, (claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return session.StorageCreateAsync( (sessionIdCreated) => { return Api.Auth.JwtTools.CreateToken(sessionId.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onCreated(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); }, () => { return Api.Auth.JwtTools.CreateToken(sessionId.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onCreated(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); // onAlreadyExists() }); }, (why) => onFailure(why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask())); }