public ActionResult AddPermission(string groupid, string email, int accessType) { if (email == null) { return(Ok(new { Data = "User not found..." })); } string userid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.'); QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid); if (user != null) { QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", "")); } if (group == null) { group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); } group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType); return(Ok(new { Data = "ok" })); } return(Ok(new { Data = "User not found..." })); }
public ActionResult RemovePermission(string pid, string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid); if (permissible == null) { permissible = QuantApp.Kernel.User.FindUserBySecret(pid); } if (permissible == null) { permissible = FileRepository.File(pid); } QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (permissible != null) { group.Remove(permissible); return(Ok(new { Data = "ok" })); } return(BadRequest(new { Data = "Permissible ID not found" })); }
public ActionResult SubGroups(string groupid, bool aggregated) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if (role == null) { return(BadRequest(new { Data = "Group not found" })); } List <Group> sgroups = role.SubGroups(aggregated); List <object> jres = new List <object>(); foreach (Group group in sgroups) { jres.Add(new { ID = group.ID, Name = group.Name, Description = group.Description, ParentID = group.Parent == null ? null : group.Parent.ID }); } return(Ok(jres)); }
public ActionResult SubGroupsApp(string groupid, bool aggregated) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); List <Group> sgroups = role.SubGroups(aggregated); List <object> jres = new List <object>(); foreach (Group group in sgroups) { AccessType ac = group.Permission(null, user); if (ac != AccessType.Denied) { jres.Add(new { ID = group.ID, Name = group.Name, Description = group.Description, Permission = ac.ToString(), }); } } return(Ok(jres)); }
public IActionResult Group(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { return(BadRequest(new { Data = "Group not found" })); } AccessType ac = group.Permission(null, user); if (ac != AccessType.Denied) { return(Ok(new { ID = group.ID, Name = group.Name, ParentID = group.Parent == null ? null : group.Parent.ID, Description = group.Description })); } return(BadRequest(new { Data = "Group access denied" })); }
public ActionResult SetPermission(string userid, string groupid, int accessType) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (group == null) { group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); } group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType); return(Ok(new { Data = "ok" })); }
public async Task<IActionResult> Files(string groupid) { string userId = this.User.QID(); if (userId == null) return Unauthorized(); QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if(role == null) return BadRequest(new { Data = "Group not found "}); List<object> jres = new List<object>(); List<IPermissible> files = role.List(user, typeof(FilePermission), false); foreach (FilePermission file_mem in files) { FilePermission file = FileRepository.File(file_mem.ID); if (file != null) jres.Add(new { ID = file.ID, Name = file.Name, Owner = file.Owner.FirstName + " " + file.Owner.LastName, Size = file.Size, Date = (file.Timestamp.ToString("yyyy/MM/dd")), Type = file.Type, Permission = (int)role.Permission(null, file_mem) }); else role.Remove(file_mem); } return Ok(jres); }
public IActionResult Users(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if (role == null) { role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (role == null) { role = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); } List <IPermissible> users = role.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false); List <object> jres = new List <object>(); foreach (QuantApp.Kernel.User user_mem in users) { QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID); if (quser != null) { var ac = role.Permission(null, user_mem); var exp = role.Expiry(null, user_mem); if (quser.ID != "System") { jres.Add(new { ID = quser.ID, FirstName = quser.FirstName, LastName = quser.LastName, Email = quser.Email, Permission = ac.ToString(), Expiry = new { year = exp.Year, month = exp.Month, day = exp.Day }, MetaData = quser.MetaData, }); } } else { role.Remove(user_mem); } } return(Ok(jres)); }
public ActionResult UserData(string id, string groupid, bool aggregated) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id); QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if (role == null) { return(null); } List <Group> sgroups = role.SubGroups(aggregated); List <object> jres = new List <object>(); var lastLogin = UserRepository.LastUserLogin(id); foreach (QuantApp.Kernel.Group group in sgroups) { if (!group.Name.StartsWith("Personal: ")) { AccessType accessType = group.Permission(null, quser); jres.Add( new { ID = group.ID, Name = group.Name, Permission = accessType.ToString() } ); } } return(Ok(new { ID = quser.ID, Email = quser.Email, Permission = role.Permission(null, quser).ToString(), MetaData = quser.MetaData, FirstName = quser.FirstName, LastName = quser.LastName, LastLogin = lastLogin, Groups = jres })); }
public ActionResult SetPermission(string pid, string groupid, int accessType, int year = 9999, int month = 12, int day = 31) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid); if (permissible == null) { permissible = QuantApp.Kernel.User.FindUserBySecret(pid); } if (permissible == null) { permissible = FileRepository.File(pid); } if (permissible == null) { return(BadRequest(new { Data = "Permissible ID was not found" })); } try { var testAccesss = (AccessType)accessType; } catch { return(BadRequest(new { Data = "accessType needs to be an integer between -2 and 2" })); } QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (group == null) { group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); } group.Add(permissible, typeof(QuantApp.Kernel.User), (AccessType)accessType, new DateTime(year, month, day)); return(Ok(new { Data = "ok" })); }
public async Task <IActionResult> UserData(string groupid, string type) { string userId = this.User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); return(Ok(Newtonsoft.Json.JsonConvert.DeserializeObject(quser.GetData(group, type)))); }
public ActionResult AddPermission(string groupid, string email, int accessType, int year = 9999, int month = 12, int day = 31) { if (email == null) { return(BadRequest(new { Data = "User not found..." })); } try { var testAccesss = (AccessType)accessType; } catch { return(BadRequest(new { Data = "accessType needs to be an integer between -2 and 2" })); } string userid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.'); QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid); if (user != null) { QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (group == null) { group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); } group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType, new DateTime(year, month, day)); return(Ok(new { Data = "ok" })); } return(BadRequest(new { Data = "User not found..." })); }
public ActionResult RemovePermission(string userid, string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", "")); } group.Remove(user); return(Ok("done")); }
public async Task <IActionResult> SaveUserData([FromBody] SaveUserDataClass data) { string userId = this.User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(data.UserID); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(data.GroupID); if (group == null) { return(BadRequest(new { Data = "Group not found" })); } quser.SaveData(group, data.Type, data.ToString()); return(Ok(new { Result = "ok" })); }
public ActionResult GetPermission(string pid, string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid); if (permissible == null) { permissible = FileRepository.File(pid); } if (permissible == null) { return(BadRequest(new { Data = "Permissible ID not found" })); } QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (group == null) { return(BadRequest(new { Data = "Group ID not found" })); } if (permissible != null) { return(Ok(new { Data = group.Permission(null, permissible) })); } return(Ok(new { Data = AccessType.Denied })); }
public ActionResult GetExpiry(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (permissible != null && group != null) { return(Ok(new { Data = group.Expiry(null, permissible) })); } return(Ok(new { Data = DateTime.MaxValue })); }
public ActionResult GetPermission(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (permissible != null && group != null) { return(Ok(new { Data = group.Permission(null, permissible) })); } return(Ok(new { Data = AccessType.Denied })); }
public IActionResult GroupDataApp(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); string profile = group.GetProperty("Profile"); string url = group.Master.GetProperty("URL"); List <object> jres_apps = new List <object>(); object jres = null; AccessType ac = group.Permission(null, user); if (ac != AccessType.Denied) { jres = new { ID = group.ID, Name = group.Name, Master = group == group.Master, Description = group.Description, Profile = profile, URL = url } } ; return(Ok(jres)); }
public ActionResult RemovePermission(string userid, string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid); if (group == null) { group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (user != null) { group.Remove(user); return(Ok(new { Data = "ok" })); } return(Ok(new { Data = "error" })); }
public static List <object> GraphGroups(string access_code) { if (!(Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null)) { return(null); } var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : ""; var defGroup = QuantApp.Kernel.Group.FindGroup(defGroupId); string res = ""; var result = new List <object>(); Task.Run(async() => { using (HttpClient httpClient = new HttpClient()){ httpClient.Timeout = Timeout.InfiniteTimeSpan; httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_code); var req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/groups"); var data = await httpClient.SendAsync(req); res = await data.Content.ReadAsStringAsync(); var groups = JObject.Parse(res); foreach (var group in groups["value"]) { var id = group["id"].ToString(); var name = group["displayName"].ToString(); req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/groups/" + id + "/members?$select=identities,surname,givenName"); data = await httpClient.SendAsync(req); res = await data.Content.ReadAsStringAsync(); var members = JObject.Parse(res); var sub_result = new List <object>(); // Create Group var qgroup = QuantApp.Kernel.Group.FindGroup(id); if (qgroup == null) { qgroup = QuantApp.Kernel.Group.CreateGroup(name, id); qgroup.Parent = defGroup; } foreach (var member in members["value"]) { var email = ""; foreach (var identity in member["identities"]) { if (identity["signInType"].ToString() == "emailAddress") { email = identity["issuerAssignedId"].ToString(); } } var firstName = member["givenName"].ToString(); var lastName = member["surname"].ToString(); sub_result.Add(new { Email = email, FirstName = firstName, LastName = lastName }); if (email != "") { var qid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.'); var quser = QuantApp.Kernel.User.FindUser(qid); if (quser == null) { var nuser = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure"); nuser.FirstName = firstName != null ? firstName : "No first name"; nuser.LastName = lastName != null ? lastName : "No last name"; nuser.Email = email.ToLower(); nuser.TenantName = qid; nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString()); nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(qid); quser = QuantApp.Kernel.User.FindUser(qid); QuantApp.Kernel.Group publicGroup = QuantApp.Kernel.Group.FindGroup("Public"); publicGroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); if (defGroup != null) { defGroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View); } } if (qgroup != null) { qgroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View); } } } List <IPermissible> users = qgroup.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false); foreach (var u in users) { var qu = u as QuantApp.Kernel.User; var emails = sub_result.Where(x => { dynamic d = x; return(d.Email == qu.Email); }); var perm = qgroup.Permission(null, qu); if (emails.Count() == 0 && perm != AccessType.Write) { qgroup.Remove(qu); } } result.Add(new { ID = id, Name = name, Members = sub_result }); } } }).Wait(); return(result); }
public async Task <ActionResult> Register([FromBody] SecureRegisterViewModel model) { if (ModelState.IsValid) { string id = "QuantAppSecure_" + model.Email.ToLower().Replace('@', '.').Replace(':', '.'); QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id); if (quser == null) { var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure"); user.FirstName = model.FirstName; user.LastName = model.LastName; user.Email = model.Email.ToLower(); string profile = model.GroupID; user.TenantName = id; user.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(model.Password); if (model.Secret != null) { if (_secrets.ContainsKey(model.Secret)) { user.Secret = _secrets[model.Secret]; } } var sessionKey = System.Guid.NewGuid().ToString(); sessionKeys.TryAdd(sessionKey, user.Secret); revSessionKeys.TryAdd(user.Secret, sessionKey); Response.Cookies.Append("coflows", sessionKey, new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); var claims = new[] { new Claim(ClaimTypes.Email, user.Email) }; var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "coflows-ce", audience: "coflows-ce", claims: claims, expires: DateTime.Now.AddDays(10), signingCredentials: creds); quser = QuantApp.Kernel.User.FindUser(id); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public"); group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); QuantApp.Kernel.Group gp = Group.FindGroup(profile); if (gp != null) { gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); } return(Ok(new { User = quser.ToUserData(), token = new JwtSecurityTokenHandler().WriteToken(token), Secret = quser.Secret, Session = sessionKey })); } else { return(BadRequest(new { Value = false, ID = "Email is already in use..." })); } } string messages = string.Join("<br\\> ", ModelState.Values .SelectMany(x => x.Errors) .Select(x => x.ErrorMessage)); return(Ok(new { Value = false, ID = messages })); }
public static string QID(this IPrincipal user) { if (user == null) { return(null); } var identity = user.Identity as ClaimsIdentity; if (identity != null) { var email = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.Email, StringComparison.OrdinalIgnoreCase)); if (email == null) { email = identity.Claims.SingleOrDefault(c => c.Type.Equals("emails", StringComparison.OrdinalIgnoreCase)); } if (email != null && !string.IsNullOrEmpty(email.Value)) { AzureAD.Sync(); var id = "QuantAppSecure_" + email.Value.ToLower().Replace('@', '.').Replace(':', '.'); var quser = QuantApp.Kernel.User.FindUser(id); if (quser == null) { var nuser = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure"); var firstName = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.GivenName, StringComparison.OrdinalIgnoreCase)); var lastName = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.Surname, StringComparison.OrdinalIgnoreCase)); nuser.FirstName = firstName != null ? firstName.Value : "No first name"; nuser.LastName = lastName != null ? lastName.Value : "No last name"; nuser.Email = email.Value.ToLower(); nuser.TenantName = id; nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString()); nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(id); quser = QuantApp.Kernel.User.FindUser(id); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public"); group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); // QuantApp.Kernel.Group gp = GroupRepository.FindByProfile(profile); var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : ""; QuantApp.Kernel.Group gp = Group.FindGroup(defGroupId); if (gp != null) { gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View); } } return(id); } else if (user.Identity.Name != null && user.Identity.Name.StartsWith("QuantAppSecure_")) { return(user.Identity.Name); } } return(null); }
public IActionResult UsersApp_contacts(string groupid, bool agreements) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); if (user == null) { return(null); } QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if (role == null) { role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", "")); } if (role == null) { return(null); } List <IPermissible> users = role.Master.List(user, typeof(QuantApp.Kernel.User), false); Dictionary <string, List <string> > lastLogin = UserRepository.LastUserLogins(role); List <object> jres = new List <object>(); foreach (QuantApp.Kernel.User user_mem in users) { QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID); if (quser != null) { List <object> jres_tracks = new List <object>(); var ac = role.Permission(null, user_mem); jres.Add(new { ID = quser.ID, first = quser.FirstName, last = quser.LastName, email = quser.Email, group = ac.ToString(), meta = quser.MetaData, LastLoginDate = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][0], LastLoginIP = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][1], }); } else { role.Remove(user_mem); } } return(Ok(new { items = jres })); }
public async void GitHub(string groupid, string code) { if (Program.config["Server"]["OAuth"] == null || Program.config["Server"]["OAuth"]["GitHub"] == null) { return; } string access_code = ""; using (HttpClient httpClient = new HttpClient()){ httpClient.Timeout = Timeout.InfiniteTimeSpan; httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); var res = httpClient.PostAsync( "https://github.com/login/oauth/access_token", new { client_id = Program.config["Server"]["OAuth"]["GitHub"]["ClientId"].ToString(), client_secret = Program.config["Server"]["OAuth"]["GitHub"]["ClientSecret"].ToString(), code = code }.AsJson()).Result; var data = res.Content.ReadAsStringAsync().Result; dynamic d = JObject.Parse(data); access_code = d.access_token; } string email = ""; string name = ""; //Name & Email try { using (HttpClient httpClient = new HttpClient()){ httpClient.Timeout = Timeout.InfiniteTimeSpan; httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("token", access_code); httpClient.DefaultRequestHeaders.Add("User-Agent", "CoFlows"); var res = httpClient.GetAsync("https://api.github.com/user").Result; var data = res.Content.ReadAsStringAsync().Result; dynamic d = JObject.Parse(data); email = d.Email; name = d.Name; } } catch { } if (string.IsNullOrEmpty(email)) { //If Email fails above... using (HttpClient httpClient = new HttpClient()){ httpClient.Timeout = Timeout.InfiniteTimeSpan; httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("token", access_code); httpClient.DefaultRequestHeaders.Add("User-Agent", "CoFlows"); var res = httpClient.GetAsync("https://api.github.com/user/emails").Result; var data = res.Content.ReadAsStringAsync().Result; var d = JArray.Parse(data); email = d[0]["email"].ToString(); } } string id = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.'); var quser = QuantApp.Kernel.User.FindUser(id); if (quser == null) { var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure"); user.FirstName = ""; user.LastName = ""; user.Email = email.ToLower(); user.TenantName = id; quser = QuantApp.Kernel.User.FindUser(id); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public"); group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); QuantApp.Kernel.Group gp = QuantApp.Kernel.Group.FindGroup(groupid); if (gp != null) { gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); } } if (String.IsNullOrEmpty(quser.Secret)) { var secret_key = QuantApp.Engine.Code.GetMd5Hash(quser.ID); quser.Secret = secret_key; } var sessionKey = System.Guid.NewGuid().ToString(); AccountController.sessionKeys.TryAdd(sessionKey, quser.Secret); Response.Cookies.Append("coflows", sessionKey, new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); var claims = new[] { new Claim(ClaimTypes.Email, quser.Email) }; var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "coflows-ce", audience: "coflows-ce", claims: claims, expires: DateTime.Now.AddDays(10), signingCredentials: creds); Response.Redirect("/authentication/token/" + new JwtSecurityTokenHandler().WriteToken(token), true); }
public async Task <ActionResult> WhoAmI() { var userId = User.QID(); if (userId == null) { userId = "anonymous"; } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); bool loggedin = false; string uid = ""; string username = ""; string firstname = ""; string lastname = ""; string email = ""; string groupID = ""; string groupName = ""; string groupDescription = ""; string groupPermission = ""; string masterGroupID = ""; string masterGroupName = ""; string masterGroupDescription = ""; string masterGroupPermission = ""; string metadata = ""; string secret = ""; if (quser != null && quser.ID != "anonymous") { List <object> groups_serialized = new List <object>(); loggedin = true; uid = quser.ID; username = quser.FirstName + " " + quser.LastName; firstname = quser.FirstName; lastname = quser.LastName; email = quser.Email; metadata = quser.MetaData; secret = quser.Secret; Response.Cookies.Append("coflows", quser.Secret, new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); var appCookie = Request.Cookies["QuantAppProfile"]; string profile = appCookie != null ? appCookie : null; QuantApp.Kernel.Group group = string.IsNullOrWhiteSpace(profile) ? null : GroupRepository.FindByProfile(profile); if (group == null) { var location = new Uri($"{Request.Scheme}://{Request.Host}{Request.Path}{Request.QueryString}"); group = GroupRepository.FindByURL(location.AbsoluteUri); } groupID = (group != null ? group.ID : "Public"); var qgroup = QuantApp.Kernel.Group.FindGroup(groupID); groupName = qgroup.Name; groupPermission = qgroup.Permission(null, quser).ToString(); masterGroupID = qgroup.Master.ID; masterGroupName = qgroup.Master.Name; masterGroupPermission = qgroup.Master.Permission(null, quser).ToString(); var groups = quser.MasterGroups(); if (groups != null) { foreach (var s_group in groups) { groups_serialized.Add(new { ID = s_group.ID, Name = (s_group.Name.StartsWith("Personal:") ? "Personal" : s_group.Name), Permission = s_group.Permission(null, quser).ToString() }); } } List <string> lastLogin = UserRepository.LastUserHistory(quser.ID); return(Ok(new { User = new { Loggedin = loggedin, ID = uid, Name = username, FirstName = firstname, LastName = lastname, Email = email, Administrator = QuantApp.Kernel.Group.FindGroup("Administrator").Permission(null, quser).ToString(), MetaData = metadata, LastLoginDate = lastLogin == null ? null : lastLogin[0], LastLoginIP = lastLogin == null ? null : lastLogin[1], Secret = secret }, Group = new { ID = groupID, Name = groupName, Description = groupDescription, Permission = groupPermission }, MasterGroup = new { ID = masterGroupID, Name = masterGroupName, Description = masterGroupDescription, Permission = masterGroupPermission }, Groups = groups_serialized, })); } else { return(Ok()); } }
public IActionResult Users(string groupid) { string userId = this.User.QID(); if (userId == null) { return(null); } QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId); if (user == null) { return(null); } QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid); if (role == null) { role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", "")); } if (role == null) { role = QuantApp.Kernel.Group.CreateGroup(groupid, groupid); // return null; } List <IPermissible> users = role.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false); // Dictionary<string, List<string>> lastLogin = UserRepository.LastUserLogins(role); List <object> jres = new List <object>(); foreach (QuantApp.Kernel.User user_mem in users) { QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID); if (quser != null) { List <object> jres_tracks = new List <object>(); var ac = role.Permission(null, user_mem); jres.Add(new { ID = quser.ID, FirstName = quser.FirstName, LastName = quser.LastName, Email = quser.Email, Permission = ac.ToString(), MetaData = quser.MetaData, // LastLoginDate = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][0], // LastLoginIP = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][1], }); } else { role.Remove(user_mem); } } return(Ok(jres)); }
public static List <object> GraphUsers(string access_code) { if (!(Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null)) { return(null); } var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : ""; string res = ""; Task.Run(async() => { using (HttpClient httpClient = new HttpClient()){ httpClient.Timeout = Timeout.InfiniteTimeSpan; // string access_code = getToken(); httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_code); var req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/users?$select=identities,surname,givenName"); var data = await httpClient.SendAsync(req); res = await data.Content.ReadAsStringAsync(); } }).Wait(); var users = JObject.Parse(res); var result = new List <object>(); foreach (var user in users["value"]) { var email = ""; foreach (var identity in user["identities"]) { if (identity["signInType"].ToString() == "emailAddress") { email = identity["issuerAssignedId"].ToString(); } } var firstName = user["givenName"].ToString(); var lastName = user["surname"].ToString(); result.Add(new { Email = email, FirstName = firstName, LastName = lastName }); //Sync to CoFlows users. if (email != "") { var qid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.'); var quser = QuantApp.Kernel.User.FindUser(qid); if (quser == null) { Console.WriteLine("--- CREATE NEW USER: "******"QuantAppSecure"); nuser.FirstName = firstName != null ? firstName : "No first name"; nuser.LastName = lastName != null ? lastName : "No last name"; nuser.Email = email.ToLower(); nuser.TenantName = qid; nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString()); nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(qid); quser = QuantApp.Kernel.User.FindUser(qid); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public"); group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); QuantApp.Kernel.Group gp = Group.FindGroup(defGroupId); if (gp != null) { gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View); } } } } return(result); }