public async Task <IActionResult> CreateWorkplaceCredentials([FromRoute] Guid departmentId, [FromBody] WorkplaceCredentialsRequestDto request)
{
var areScopesOk = WorkplaceScopesValidator.CheckRequestedDepartmentWorkplaceScopes(request);
if (!areScopesOk.Item1)
{
return(BadRequest(areScopesOk.Item2));
}
// get the department in order to extract org structure attributes
var department = await _departmentService.GetAsync(departmentId);
// TODO: add authorization check here
// build workplace descriptor
var descriptor = new WorkplaceDescriptorDto
{
Scopes = request.Scopes.Split(' '),
BranchOfficeId = department.BranchOfficeId.ToString(),
DepartmentId = departmentId.ToString(),
TenantId = department.TenantId.ToString(),
WorkplaceType = "dwp",
DisplayName = $"Department workplace ({department.Name})"
};
var credentials = await _workplaceCredentialsService.CreateWorkplaceAsync(descriptor);
return(Ok(credentials));
}
public async Task <WorkplaceCredentialsDto> CreateWorkplaceAsync(WorkplaceDescriptorDto workplaceDescriptor)
{
var credentials = CreateCredentials(workplaceDescriptor);
var permissions = new List <string>(8);
permissions.AddRange(workplaceDescriptor.Scopes.Select(s => "scp:" + s));
permissions.AddRange(new[] {
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials
});
var application = new PskApplication
{
ClientId = credentials.ClientId,
DisplayName = workplaceDescriptor.DisplayName,
Permissions = JsonConvert.SerializeObject(permissions),
TenantId = workplaceDescriptor.TenantId,
BranchOfficeId = workplaceDescriptor.BranchOfficeId,
DepartmentId = workplaceDescriptor.DepartmentId,
ApplicationType = "workplace_" + workplaceDescriptor.WorkplaceType
};
await _oidcAppManager.CreateAsync(application, credentials.ClientSecret);
return(credentials);
}
public async Task <IActionResult> CreateWorkplaceCredentials([FromRoute] Guid branchOfficeId, [FromBody] WorkplaceCredentialsRequestDto request)
{
var areScopesOk = WorkplaceScopesValidator.CheckRequestedBranchWorkplaceScopes(request);
if (!areScopesOk.Item1)
{
return(BadRequest(areScopesOk.Item2));
}
var branchOffice = await _branchOfficeService.GetAsync(branchOfficeId);
// TODO: add authorization check here
// build workplace descriptor
var descriptor = new WorkplaceDescriptorDto
{
Scopes = request.Scopes.Split(' '),
BranchOfficeId = branchOfficeId.ToString(),
DepartmentId = null,
TenantId = branchOffice.TenantId.ToString(),
WorkplaceType = "bwp",
DisplayName = $"Branch workplace ({branchOffice.Name})"
};
var credentials = await _workplaceCredentialsService.CreateWorkplaceAsync(descriptor);
return(Ok(credentials));
}
public WorkplaceCredentialsDto CreateCredentials(WorkplaceDescriptorDto descriptor)
{
var userTenant = _tenantIdProvider.GetTenantId().ToString();
if (userTenant != descriptor.TenantId)
{
throw new BadRequestException("Bad tenant id specified");
}
var clientId = descriptor.WorkplaceType + GetRandomStringInBase52Alphabeth(16);
var clientSecret = CreateSecret();
return(new WorkplaceCredentialsDto
{
ClientId = clientId,
ClientSecret = clientSecret
});
}