/// <summary>
/// Initializes a new instance of the <see cref="GetEntityByKeyAuthorizationDecorator{T}"/> class.
/// </summary>
/// <param name="next">The decorated instance for which authorization is being performed.</param>
/// <param name="authorizationContextProvider">Provides access to the authorization context, such as the resource and action.</param>
/// <param name="authorizationFilteringProvider"></param>
/// <param name="authorizationFilterDefinitionProvider"></param>
/// <param name="explicitObjectValidators"></param>
/// <param name="authorizationBasisMetadataSelector"></param>
/// <param name="securityRepository"></param>
/// <param name="sessionFactory"></param>
/// <param name="apiKeyContextProvider"></param>
/// <param name="viewBasedSingleItemAuthorizationQuerySupport"></param>
public GetEntityByKeyAuthorizationDecorator(
IGetEntityByKey <T> next,
IAuthorizationContextProvider authorizationContextProvider,
IAuthorizationFilteringProvider authorizationFilteringProvider,
IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider,
IExplicitObjectValidator[] explicitObjectValidators,
IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector,
ISecurityRepository securityRepository,
ISessionFactory sessionFactory,
IApiKeyContextProvider apiKeyContextProvider,
IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport)
: base(
authorizationContextProvider,
authorizationFilteringProvider,
authorizationFilterDefinitionProvider,
explicitObjectValidators,
authorizationBasisMetadataSelector,
securityRepository,
sessionFactory,
apiKeyContextProvider,
viewBasedSingleItemAuthorizationQuerySupport)
{
_next = next;
_viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport;
}
protected RepositoryOperationAuthorizationDecoratorBase(
IAuthorizationContextProvider authorizationContextProvider,
IAuthorizationFilteringProvider authorizationFilteringProvider,
IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider,
IExplicitObjectValidator[] explicitObjectValidators,
IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector,
ISecurityRepository securityRepository,
ISessionFactory sessionFactory,
IApiKeyContextProvider apiKeyContextProvider,
IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport)
{
_authorizationContextProvider = authorizationContextProvider;
_authorizationFilteringProvider = authorizationFilteringProvider;
_authorizationFilterDefinitionProvider = authorizationFilterDefinitionProvider;
_explicitObjectValidators = explicitObjectValidators;
_authorizationBasisMetadataSelector = authorizationBasisMetadataSelector;
_sessionFactory = sessionFactory;
_apiKeyContextProvider = apiKeyContextProvider;
_viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport;
// Lazy initialization
_bitValuesByAction = new Lazy <Dictionary <string, Actions> >(
() => new Dictionary <string, Actions>
{
{ securityRepository.GetActionByName("Create").ActionUri, Actions.Create },
{ securityRepository.GetActionByName("Read").ActionUri, Actions.Read },
{ securityRepository.GetActionByName("Update").ActionUri, Actions.Update },
{ securityRepository.GetActionByName("Delete").ActionUri, Actions.Delete }
});
}
/// <summary>
/// Initializes a new instance of the <see cref="OwnershipInitializationCreateEntityDecorator{T}"/> class.
/// </summary>
/// <param name="next">The decorated instance for which authorization is being performed.</param>
/// <param name="authorizationContextProvider">Provides access to the authorization context, such as the resource and action.</param>
/// <param name="authorizationFilteringProvider">The component capable of authorizing the request, given necessary context.</param>
/// <param name="authorizationFilterDefinitionProvider"></param>
/// <param name="explicitObjectValidators"></param>
/// <param name="authorizationBasisMetadataSelector"></param>
/// <param name="securityRepository"></param>
/// <param name="sessionFactory"></param>
/// <param name="apiKeyContextProvider"></param>
/// <param name="viewBasedSingleItemAuthorizationQuerySupport"></param>
public OwnershipInitializationCreateEntityDecorator(
ICreateEntity <T> next,
IAuthorizationContextProvider authorizationContextProvider,
IAuthorizationFilteringProvider authorizationFilteringProvider,
IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider,
IExplicitObjectValidator[] explicitObjectValidators,
IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector,
ISecurityRepository securityRepository,
ISessionFactory sessionFactory,
IApiKeyContextProvider apiKeyContextProvider,
IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport)
: base(
authorizationContextProvider,
authorizationFilteringProvider,
authorizationFilterDefinitionProvider,
explicitObjectValidators,
authorizationBasisMetadataSelector,
securityRepository,
sessionFactory,
apiKeyContextProvider,
viewBasedSingleItemAuthorizationQuerySupport)
{
_next = Preconditions.ThrowIfNull(next, nameof(next));
_apiKeyContextProvider = Preconditions.ThrowIfNull(apiKeyContextProvider, nameof(apiKeyContextProvider));
}
public TokenInfoController(ITokenInfoProvider tokenInfoProvider, IApiKeyContextProvider apiKeyContextProvider,
IAccessTokenClientRepo tokenClientRepo)
{
_tokenInfoProvider = tokenInfoProvider;
_apiKeyContextProvider = apiKeyContextProvider;
_tokenClientRepo = tokenClientRepo;
}
public TokenInfoController(ITokenInfoProvider tokenInfoProvider, IApiKeyContextProvider apiKeyContextProvider,
IAccessTokenClientRepo tokenClientRepo, ApiSettings apiSettings)
{
_tokenInfoProvider = tokenInfoProvider;
_apiKeyContextProvider = apiKeyContextProvider;
_tokenClientRepo = tokenClientRepo;
_isEnabled = apiSettings.IsFeatureEnabled(ApiFeature.TokenInfo.GetConfigKeyName());
}
public ProfilesHttpConfigurator(IApiKeyContextProvider apiKeyContextProvider,
IProfileResourceNamesProvider profileResourceNamesProvider)
{
_apiKeyContextProvider = Preconditions.ThrowIfNull(apiKeyContextProvider, nameof(apiKeyContextProvider));
_profileResourceNamesProvider = Preconditions.ThrowIfNull(
profileResourceNamesProvider, nameof(profileResourceNamesProvider));
}
public RelationshipsWithStudentsOnlyThroughResponsibilityAuthorizationStrategyFilterDefinitionsFactory(
IEducationOrganizationIdNamesProvider educationOrganizationIdNamesProvider,
IApiKeyContextProvider apiKeyContextProvider,
IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport)
: base(educationOrganizationIdNamesProvider, apiKeyContextProvider, viewBasedSingleItemAuthorizationQuerySupport)
{
_viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport;
}
public RelationshipsAuthorizationStrategyFilterDefinitionsFactory(
IEducationOrganizationIdNamesProvider educationOrganizationIdNamesProvider,
IApiKeyContextProvider apiKeyContextProvider,
IViewBasedSingleItemAuthorizationQuerySupport viewBasedSingleItemAuthorizationQuerySupport)
{
_educationOrganizationIdNamesProvider = educationOrganizationIdNamesProvider;
_apiKeyContextProvider = apiKeyContextProvider;
_viewBasedSingleItemAuthorizationQuerySupport = viewBasedSingleItemAuthorizationQuerySupport;
}
/// <summary>
/// Initializes a new instance of the <see cref="OwnershipInitializationCreateEntityDecorator{T}"/> class.
/// </summary>
/// <param name="next">The decorated instance for which authorization is being performed.</param>
/// <param name="apiKeyContext"></param>
/// <param name="authorizationContextProvider">Provides access to the authorization context, such as the resource and action.</param>
/// <param name="authorizationProvider">The component capable of authorizing the request, given necessary context.</param>
public OwnershipInitializationCreateEntityDecorator(
ICreateEntity <T> next,
IApiKeyContextProvider apiKeyContext,
IAuthorizationContextProvider authorizationContextProvider,
IEdFiAuthorizationProvider authorizationProvider)
: base(authorizationContextProvider, authorizationProvider)
{
_next = Preconditions.ThrowIfNull(next, nameof(next));
_apiKeyContext = Preconditions.ThrowIfNull(apiKeyContext, nameof(apiKeyContext));
}
public OAuthAuthenticationProvider(
IOAuthTokenValidator oauthTokenValidator,
IApiKeyContextProvider apiKeyContextProvider,
IClaimsIdentityProvider claimsIdentityProvider,
IConfigValueProvider configValueProvider)
{
OAuthTokenValidator = oauthTokenValidator;
ApiKeyContextProvider = apiKeyContextProvider;
ClaimsIdentityProvider = claimsIdentityProvider;
_expectedUseSandboxValue = new Lazy <bool?>(
() => configValueProvider.GetValue(ExpectedUseSandboxValue) == null
? (bool?)null
: Convert.ToBoolean(configValueProvider.GetValue(ExpectedUseSandboxValue)));
}
public EdFiApiAuthenticationMiddleware(RequestDelegate next, IAuthenticationSchemeProvider schemes,
IApiKeyContextProvider apiKeyContextProvider)
{
if (schemes != null)
{
_next = next ?? throw new ArgumentNullException(nameof(next));
_apiKeyContextProvider = apiKeyContextProvider;
Schemes = schemes;
}
else
{
throw new ArgumentNullException(nameof(schemes));
}
}
public HqlBuilderAuthorizationDecorator(
ICompositeItemBuilder <HqlBuilderContext, CompositeQuery> next,
IAuthorizationFilteringProvider authorizationFilteringProvider,
IAuthorizationFilterDefinitionProvider authorizationFilterDefinitionProvider,
IResourceClaimUriProvider resourceClaimUriProvider,
IAuthorizationBasisMetadataSelector authorizationBasisMetadataSelector,
IApiKeyContextProvider apiKeyContextProvider)
{
_next = Preconditions.ThrowIfNull(next, nameof(next));
_authorizationFilteringProvider = Preconditions.ThrowIfNull(authorizationFilteringProvider, nameof(authorizationFilteringProvider));
_authorizationFilterDefinitionProvider = Preconditions.ThrowIfNull(authorizationFilterDefinitionProvider, nameof(authorizationFilterDefinitionProvider));
_resourceClaimUriProvider = Preconditions.ThrowIfNull(resourceClaimUriProvider, nameof(resourceClaimUriProvider));
_authorizationBasisMetadataSelector = authorizationBasisMetadataSelector;
_apiKeyContextProvider = apiKeyContextProvider;
}
public ImmunizationsStudentsController(
IImmunizationsPatientIdentificationProvider immunizationsPatientIdentificationProvider,
IImmunizationsRequestProvider immunizationsRequestProvider,
IImmunizationsResponseProvider immunizationsResponseProvider,
IImmunizationsWirClient immunizationsWirClient,
IImmunizationsWirSchoolProvider immunizationsWirSchoolProvider,
IApiKeyContextProvider apiKeyContextProvider)
{
_immunizationsPatientIdentificationProvider = immunizationsPatientIdentificationProvider;
_immunizationsRequestProvider = immunizationsRequestProvider;
_immunizationsResponseProvider = immunizationsResponseProvider;
_immunizationsWirClient = immunizationsWirClient;
_immunizationsWirSchoolProvider = immunizationsWirSchoolProvider;
_apiKeyContextProvider = apiKeyContextProvider;
}
public static void Initialize(
IOAuthTokenValidator oAuthTokenValidator = null,
IApiKeyContextProvider apiKeyContextProvider = null,
IClaimsIdentityProvider claimsIdentityProvider = null,
IConfigValueProvider configValueProvider = null)
{
_container = new WindsorContainerEx();
//arrange
var tokenValidator = oAuthTokenValidator ?? MockRepository.GenerateStub <IOAuthTokenValidator>();
var contextProvider = apiKeyContextProvider ?? MockRepository.GenerateStub <IApiKeyContextProvider>();
var identityProvider = claimsIdentityProvider ?? MockRepository.GenerateStub <IClaimsIdentityProvider>();
var configProvider = configValueProvider ?? MockRepository.GenerateStub <IConfigValueProvider>();
_container.Register(
Component.For <IOAuthTokenValidator>()
.Instance(tokenValidator));
_container.Register(
Component.For <IApiKeyContextProvider>()
.Instance(contextProvider));
_container.Register(
Component.For <IClaimsIdentityProvider>()
.Instance(identityProvider));
_container.Register(
Component.For <IConfigValueProvider>()
.Instance(configProvider));
_container.Register(
Component.For <IAuthenticationProvider>()
.ImplementedBy <OAuthAuthenticationProvider>());
// Web API Dependency Injection
_container.Register(
Component.For <IDependencyResolver>()
.Instance(new WindsorDependencyResolver(_container)));
}
protected override void Arrange()
{
// Initialize dependencies
const string suppliedClaimSetName = "claimSetName";
var apiKeyContext = new ApiKeyContext(
"apiKey",
suppliedClaimSetName,
_suppliedEducationOrganizationIds,
_suppliedNamespacePrefixes,
_suppliedProfiles,
null, null, null);
_apiKeyContextProvider = A.Fake <IApiKeyContextProvider>();
A.CallTo(() => _apiKeyContextProvider.GetApiKeyContext()).Returns(apiKeyContext);
var suppliedResourceClaims = new List <ClaimSetResourceClaimAction>
{
new ClaimSetResourceClaimAction
{
Action = new Action {
ActionUri = "actionUri-1a"
},
ResourceClaim = new ResourceClaim {
ClaimName = "resourceClaimName1"
},
AuthorizationStrategyOverrides = new List <ClaimSetResourceClaimActionAuthorizationStrategyOverrides>
{
new ClaimSetResourceClaimActionAuthorizationStrategyOverrides
{
AuthorizationStrategy = new AuthorizationStrategy {
AuthorizationStrategyName = "actionUri-1a-Strategy"
}
}
},
ValidationRuleSetNameOverride = null
},
new ClaimSetResourceClaimAction
{
Action = new Action {
ActionUri = "actionUri-1b"
},
ResourceClaim = new ResourceClaim {
ClaimName = "resourceClaimName1"
},
AuthorizationStrategyOverrides = new List <ClaimSetResourceClaimActionAuthorizationStrategyOverrides>
{
new ClaimSetResourceClaimActionAuthorizationStrategyOverrides
{
AuthorizationStrategy = new AuthorizationStrategy {
AuthorizationStrategyName = "actionUri-1b-Strategy"
}
}
},
ValidationRuleSetNameOverride = "actionUri-1b-RuleSetName"
},
new ClaimSetResourceClaimAction
{
Action = new Action {
ActionUri = "actionUri-2"
},
ResourceClaim = new ResourceClaim {
ClaimName = "resourceClaimName2"
},
AuthorizationStrategyOverrides = null,
ValidationRuleSetNameOverride = "actionUri-2-RuleSetName"
}
};
_securityRepository = A.Fake <ISecurityRepository>();
A.CallTo(() => _securityRepository.GetClaimsForClaimSet(suppliedClaimSetName)).Returns(suppliedResourceClaims);
}
public SandboxDatabaseNameReplacementTokenProvider(IApiKeyContextProvider apiKeyContextProvider)
{
this.apiKeyContextProvider = apiKeyContextProvider;
}
public DistrictSpecificDatabaseNameReplacementTokenProvider(IApiKeyContextProvider apiKeyContextProvider)
{
_apiKeyContextProvider = apiKeyContextProvider;
}
public ProfilesAuthorizationFilter(IApiKeyContextProvider apiKeyContextProvider, IProfileResourceNamesProvider profileResourceNamesProvider)
{
_apiKeyContextProvider = apiKeyContextProvider;
_profileResourceNamesProvider = profileResourceNamesProvider;
}
public SandboxDatabaseNameProvider(IApiKeyContextProvider apiKeyContextProvider)
{
this.apiKeyContextProvider = apiKeyContextProvider;
}
public ClaimsIdentityProvider(IApiKeyContextProvider apiKeyContextProvider, ISecurityRepository securityRepository)
{
_apiKeyContextProvider = apiKeyContextProvider;
_securityRepository = securityRepository;
}
