/// <summary> /// Obtains a SWT token from ACSv2. /// </summary> /// <returns>A token from ACS.</returns> static string GetManagementToken(AccessControlSettings settings) { try { // // Request a token from ACS // WebClient client = new WebClient(); client.BaseAddress = string.Format(CultureInfo.CurrentCulture, "https://{0}.{1}", settings.ServiceNamespace, settings.AccessControlServiceAddress); Uri scopeUri = new Uri(client.BaseAddress + settings.AccessControlManagementPath); NameValueCollection values = new NameValueCollection(); values.Add("grant_type", "client_credentials"); values.Add("client_id", settings.ManagementServiceIdentityName); values.Add("client_secret", settings.ManagementServiceIdentityKey); values.Add("scope", scopeUri.ToString()); byte[] responseBytes = client.UploadValues("/v2/OAuth2-13", "POST", values); // // Extract the access token and return it. // using (MemoryStream responseStream = new MemoryStream(responseBytes)) { OAuth2TokenResponse tokenResponse = (OAuth2TokenResponse) new DataContractJsonSerializer(typeof(OAuth2TokenResponse)).ReadObject(responseStream); return(tokenResponse.access_token); } } catch (Exception) { return(null); } }
public static AccessControlServiceIdentity Create(AccessControlSettings accessControlSettings, string name) { AccessControlServiceIdentity identity = new AccessControlServiceIdentity(accessControlSettings); identity.RegenerateKey(); identity.Name = name; return(identity); }
/// <summary> /// Creates and returns a ManagementService object. This is the only 'interface' used by other classes. /// </summary> /// <returns>An instance of the ManagementService.</returns> public static ManagementService CreateManagementServiceClient(AccessControlSettings settings) { string managementServiceEndpoint = String.Format(CultureInfo.InvariantCulture, "https://{0}.{1}/{2}", settings.ServiceNamespace, settings.AccessControlServiceAddress, settings.AccessControlManagementPath); ManagementService managementService = new ManagementService(new Uri(managementServiceEndpoint)); managementService.SendingRequest += (o, e) => AddManagementTokenWithWritePermission((HttpWebRequest)e.Request, settings); return(managementService); }
public static void ResetNamespace(Uri rpAddress, AccessControlSettings settings) { rpAddress = new UriBuilder(rpAddress) { Scheme = "http", Port = -1 }.Uri; var serviceClient = ManagementServiceHelper.CreateManagementServiceClient(settings); foreach (var g1 in from g in serviceClient.RuleGroups where g.Name.StartsWith(rpAddress.AbsoluteUri) select g) { serviceClient.DeleteRuleGroupByNameIfExists(g1.Name); } serviceClient.SaveChanges(); }
public static AccessControlList GetAccessControlList(Uri relyingPartyUri, AccessControlSettings settings) { var localPath = relyingPartyUri.LocalPath; relyingPartyUri = new UriBuilder(relyingPartyUri) { Scheme = "http", Port = -1, Path = localPath.Substring(0, localPath.EndsWith("/") ? localPath.Length - 1 : localPath.Length) }.Uri; var relyingPartyAddress = relyingPartyUri.AbsoluteUri; var serviceClient = ManagementServiceHelper.CreateManagementServiceClient(settings); var longestPrefixRpAddress = GetLongestPrefixRelyingPartyAddress(serviceClient, relyingPartyAddress); if (longestPrefixRpAddress != null) { var relyingParty = GetRelyingPartyByAddress(serviceClient, longestPrefixRpAddress); if (relyingParty != null) { return(new AccessControlList(relyingPartyUri, relyingParty, serviceClient)); } } throw new InvalidOperationException(); }
/// <summary> /// Helper function for the event handler above, adding the SWT token to the HTTP 'Authorization' header. /// The SWT token is cached so that we don't need to obtain a token on every request. /// </summary> /// <param name = "args">Event arguments.</param> public static void AddManagementTokenWithWritePermission(HttpWebRequest args, AccessControlSettings settings) { if (cachedSwtToken == null) { cachedSwtToken = GetManagementToken(settings); } args.Headers.Add(HttpRequestHeader.Authorization, "Bearer " + cachedSwtToken); }
AccessControlServiceIdentity(AccessControlSettings settings) { this.settings = settings; }