public async Task <IActionResult> GetClustersWithAccessToken(IEnumerable <string> subscriptionIds) { var apiResponse = await _aksService.GetClustersWithAccessToken( subscriptionIds, User.FindFirstValue(Constants.AccessTokens.AzureAccessToken)); return(new ObjectResult(apiResponse) { StatusCode = (int)apiResponse.StatusCode }); }
public async Task <IActionResult> Index(UserLogin userLogin) { ViewBag.ErrorMessage = "User login details not found."; if (!userLogin.Exists()) { return(View()); } try { if (!Configuration.Application.AutoLogin) { // check username config ViewBag.ErrorMessage = "Username config missing"; if (!UsernameOk()) { return(View()); } // check password config ViewBag.ErrorMessage = "Password config missing"; if (!PasswordOk()) { return(View()); } // check username provided ViewBag.ErrorMessage = "Please enter Username"; if (string.IsNullOrWhiteSpace(userLogin.UserName)) { return(View()); } // check password provided ViewBag.ErrorMessage = "Please enter Password"; if (string.IsNullOrWhiteSpace(userLogin.Password)) { return(View()); } // check password match ViewBag.ErrorMessage = "Invalid Password entered"; if (!userLogin.Password.Equals(Configuration.Application.Password)) { return(View()); } // check Azure AD membership ViewBag.ErrorMessage = "Invalid Username entered"; if (!userLogin.UserName.Equals(Configuration.Application.Username)) { return(View()); } } else { userLogin.UserName = "******"; } // start building user claims var claims = new List <Claim> { new Claim(ClaimTypes.Name, userLogin.UserName) }; // check Azure if (AzureClientOk()) { var azureAccessToken = await AcquireAzureAccessToken(); if (!string.IsNullOrWhiteSpace(azureAccessToken)) { var subscriptions = await _portalService.GetSubscriptions(azureAccessToken); if (subscriptions.Result.value.Count > 0) { // check ACR var acrs = await _acrService.GetAcrs( subscriptions.Result.value.Select(s => s.subscriptionId).ToList(), azureAccessToken); if (acrs.Result.Values.Count > 0 && acrs.Result.Values.First().value.Count > 0) { var acrServer = acrs.Result.Values.First().value.First().properties.loginServer; if (!string.IsNullOrWhiteSpace(acrServer)) { var acrAccessToken = await AcquireAcrAccessToken( Constants.Scopes.Push, acrServer, azureAccessToken); if (!string.IsNullOrWhiteSpace(acrAccessToken)) { var imageScope = await _dockerService.CheckScope(acrServer, acrAccessToken); var chartScope = await _helmService.CheckScope(acrServer, acrAccessToken); if (imageScope.StatusCode.Equals(HttpStatusCode.Unauthorized) && chartScope.StatusCode.Equals(HttpStatusCode.Unauthorized)) { acrAccessToken = await AcquireAcrAccessToken( Constants.Scopes.Pull, acrServer, azureAccessToken); if (!string.IsNullOrWhiteSpace(acrAccessToken)) { claims.Add(new Claim(ClaimTypes.Role, Constants.Roles.AcrReader)); claims.Add(new Claim(Constants.Uri.AcrUri, acrServer)); claims.Add(new Claim(Constants.AccessTokens.AcrAccessToken, acrAccessToken)); } } else { claims.Add(new Claim(ClaimTypes.Role, Constants.Roles.AcrContributor)); claims.Add(new Claim(Constants.Uri.AcrUri, acrServer)); claims.Add(new Claim(Constants.AccessTokens.AcrAccessToken, acrAccessToken)); } } } } // check AKS var aksScope = await _aksService.GetClustersWithAccessToken( subscriptions.Result.value.Select(s => s.subscriptionId).ToList(), azureAccessToken); var hasAccessToAks = false; foreach (var subs in aksScope.Result.Values) { if (subs.value.Count > 0) { hasAccessToAks = true; } } if (hasAccessToAks) { claims.Add(new Claim(ClaimTypes.Role, Constants.Roles.AksReader)); claims.Add(new Claim(Constants.AccessTokens.AzureAccessToken, azureAccessToken)); } } } } // check DevOps //if (AzureDevOpsOk()) //{ // var hasDevopsAccess = await _projectService.CheckAccess( // Configuration.DevOps.Projects.Split('|').ToList(), // Configuration.DevOps.Organisation, // Configuration.DevOps.PatToken); // if (hasDevopsAccess.Result) // { // var build = await _buildService.Get("4.72.19023", // Configuration.DevOps.Projects.Split('|').ToList(), // Configuration.DevOps.Organisation, // Configuration.DevOps.PatToken); // claims.Add(new Claim(ClaimTypes.Role, Constants.Roles.DevOpsReader)); // claims.Add(new Claim(Constants.AccessTokens.DevOpsAccessToken, Configuration.DevOps.PatToken)); // } //} // create user principal ViewBag.ErrorMessage = null; var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme)); await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddHours(1), IsPersistent = false, AllowRefresh = false }); return(RedirectToAction("Index", "Home")); } catch { ViewBag.ErrorMessage = "Error ocurred during login process! Please try again later..."; return(View()); } }