/// <inheritdoc/>
protected override async Task SetupTestDataAsync()
{
RulesetsAndClaimPermissions input = JsonConvert.DeserializeObject <RulesetsAndClaimPermissions>(
File.ReadAllText("BenchmarkClaimPermissions.json"));
ProblemDetails initializeTenantResponse = await this.ClaimsService.InitializeTenantAsync(this.ClientTenantId, new Body { AdministratorPrincipalObjectId = this.AdministratorPrincipalObjectId });
if (initializeTenantResponse != null &&
(initializeTenantResponse.Status < 200 || initializeTenantResponse.Status >= 300) &&
initializeTenantResponse.Detail != "Tenant already initialized")
{
throw new Exception(initializeTenantResponse.Detail);
}
foreach (ResourceAccessRuleSet ruleSet in input.RuleSets)
{
await this.ClaimsService.CreateResourceAccessRuleSetAsync(this.ClientTenantId, ruleSet);
}
foreach (CreateClaimPermissionsRequest claimPermissions in input.ClaimPermissions)
{
await this.ClaimsService.CreateClaimPermissionsAsync(this.ClientTenantId, claimPermissions);
}
}
private async Task <int> OnExecuteAsync(CommandLineApplication app, CancellationToken cancellationToken = default)
{
RulesetsAndClaimPermissions input = JsonConvert.DeserializeObject <RulesetsAndClaimPermissions>(
File.ReadAllText(this.FilePath));
ClaimsService claimsClient;
if (string.IsNullOrEmpty(this.MarainClaimsHeaderRoleValue))
{
var authenticationOptions = AuthenticationOptions.BuildFrom(this.UseAzCliDevAuth, this.TenantId);
ServiceClientCredentials credentials = await authenticationOptions.GetServiceClientCredentialsFromKeyVault(
this.ClaimsAppId, this.KeyVault, this.SecretName).ConfigureAwait(false);
claimsClient = new ClaimsService(new Uri(this.ClaimsServiceUrl), credentials);
}
else
{
claimsClient = new ClaimsService(new Uri(this.ClaimsServiceUrl), new BasicAuthenticationCredentials());
claimsClient.HttpClient.DefaultRequestHeaders.Add("X-MARAIN-CLAIMS", $"{{ \"roles\": [ \"{this.MarainClaimsHeaderRoleValue}\" ] }}");
}
using (claimsClient)
{
foreach (ResourceAccessRuleSet ruleSet in input.RuleSets)
{
try
{
app.Out.WriteLine($"Ruleset {ruleSet.Id} ('{ruleSet.DisplayName}')");
HttpOperationResponse <ResourceAccessRuleSet> result = await claimsClient.GetResourceAccessRuleSetWithHttpMessagesAsync(
ruleSet.Id, this.MarainTenantId, cancellationToken : cancellationToken).ConfigureAwait(false);
if (result.Response.StatusCode == HttpStatusCode.NotFound)
{
app.Error.WriteLine("Does not yet exist. Creating.");
var request = new ResourceAccessRuleSet
{
Id = ruleSet.Id,
DisplayName = ruleSet.DisplayName,
Rules = ruleSet.Rules,
};
await claimsClient.CreateResourceAccessRuleSetAsync(
this.MarainTenantId, request, cancellationToken : cancellationToken).ConfigureAwait(false);
}
else if (result.Response.IsSuccessStatusCode)
{
app.Out.WriteLine("Already exists. Updating.");
await claimsClient.SetResourceAccessRuleSetResourceAccessRulesAsync(
this.MarainTenantId, ruleSet.Id, ruleSet.Rules, cancellationToken : cancellationToken).ConfigureAwait(false);
}
else
{
app.Error.WriteLine("Error: " + result.Response.StatusCode);
string body = await result.Response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
if (!string.IsNullOrWhiteSpace(body))
{
app.Error.WriteLine(body);
}
}
}
catch (Exception x)
{
app.Error.WriteLine(x);
return(-1);
}
}
foreach (CreateClaimPermissionsRequest claimPermissions in input.ClaimPermissions)
{
try
{
app.Out.WriteLine($"Claim Permissions {claimPermissions.Id}");
HttpOperationResponse <ClaimPermissions> result = await claimsClient.GetClaimPermissionsWithHttpMessagesAsync(
claimPermissions.Id, this.MarainTenantId, cancellationToken : cancellationToken).ConfigureAwait(false);
if (result.Response.StatusCode == HttpStatusCode.NotFound)
{
app.Out.WriteLine("Does not yet exist. Creating.");
var request = new CreateClaimPermissionsRequest
{
Id = claimPermissions.Id,
ResourceAccessRules = claimPermissions.ResourceAccessRules,
ResourceAccessRuleSets = claimPermissions.ResourceAccessRuleSets,
};
await claimsClient.CreateClaimPermissionsAsync(
this.MarainTenantId, request, cancellationToken : cancellationToken).ConfigureAwait(false);
}
else if (result.Response.IsSuccessStatusCode)
{
app.Out.WriteLine("Already exists. Updating resource access rules.");
await claimsClient.SetClaimPermissionsResourceAccessRulesAsync(
this.MarainTenantId,
claimPermissions.Id,
claimPermissions.ResourceAccessRules,
cancellationToken : cancellationToken).ConfigureAwait(false);
app.Out.WriteLine("Updating resource access rule sets");
var ruleSetIds = claimPermissions
.ResourceAccessRuleSets
.Select(rs => new ResourceAccessRuleSetIdOnly(rs.Id))
.ToList();
await claimsClient.SetClaimPermissionsResourceAccessRuleSetsAsync(
this.MarainTenantId,
claimPermissions.Id,
ruleSetIds,
cancellationToken : cancellationToken).ConfigureAwait(false);
}
else
{
app.Error.WriteLine("Error: " + result.Response.StatusCode);
string body = await result.Response.Content.ReadAsStringAsync(cancellationToken).ConfigureAwait(false);
if (!string.IsNullOrWhiteSpace(body))
{
app.Error.WriteLine(body);
}
}
}
catch (Exception x)
{
app.Error.WriteLine(x);
return(-1);
}
}
}
return(0);
}
