private bool CreateUser(AzureADGraphClient azureADGraphClient,
PeopleSoftInputClaimsModel inputClaims)
{
//AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
// Create the user using Graph API
return(azureADGraphClient.CreateAccount(
"userName",
inputClaims.uid,
null,
null,
inputClaims.email,
inputClaims.password,
inputClaims.sn,
inputClaims.email,
inputClaims.givenname).Result);
}
private bool UpdateUser(AzureADGraphClient azureADGraphClient,
PeopleSoftInputClaimsModel inputClaims, string objectId)
{
//AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
// Create the user using Graph API
return(azureADGraphClient.UpdateAccount(
objectId,
"userName",
inputClaims.uid,
null,
null,
inputClaims.email,
inputClaims.password,
inputClaims.sn,
inputClaims.email,
inputClaims.givenname,
(bool)inputClaims.isActivated).Result);
}
private async Task MigrateUser(InputClaimsModel inputClaims, CloudTable table, TableResult userMigrationEntity)
{
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
// Create the user using Graph API
await azureADGraphClient.CreateAccount(
"emailAddress",
inputClaims.signInName,
null,
null,
null,
inputClaims.password,
((UserTableEntity)userMigrationEntity.Result).DisplayName,
((UserTableEntity)userMigrationEntity.Result).FirstName,
((UserTableEntity)userMigrationEntity.Result).LastName);
// Remove the user entity from migration table
TableOperation deleteOperation = TableOperation.Delete((UserTableEntity)userMigrationEntity.Result);
await table.ExecuteAsync(deleteOperation);
}
public async Task <ActionResult> LoalAccountPasswordReset()
{
string input = null;
// If not data came in, then return
if (this.Request.Body == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
}
// Read the input claims from the request body
using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
input = await reader.ReadToEndAsync();
}
// Check input content value
if (string.IsNullOrEmpty(input))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
}
// Convert the input string into InputClaimsModel object
InputClaimsModel inputClaims = InputClaimsModel.Parse(input);
if (inputClaims == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.signInName))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.signInName))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict)));
}
// Create a retrieve operation that takes a customer entity.
// Note: Azure Blob Table query is case sensitive, always set the input email to lower case
var retrieveOperation = TableOperation.Retrieve <UserTableEntity>(Consts.MigrationTablePartition, inputClaims.signInName.ToLower());
CloudTable table = await GetSignUpTable(this.AppSettings.BlobStorageConnectionString);
// Execute the retrieve operation.
TableResult userMigrationEntity = await table.ExecuteAsync(retrieveOperation);
if (userMigrationEntity != null && userMigrationEntity.Result != null)
{
try
{
try
{
await MigrateUser(inputClaims, table, userMigrationEntity);
// Wait until user is created
await Task.Delay(3000);
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not migrate user", HttpStatusCode.Conflict)));
}
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"User migration error: {ex.Message}", HttpStatusCode.Conflict)));
}
}
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
GraphAccountModel account = await azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName);
if (account == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"An account could not be found for the provided user ID. (user migration)", HttpStatusCode.Conflict)));
}
OutputClaimsModel output = new OutputClaimsModel();
output.objectId = account.objectId;
return(Ok(output));
}
public IHttpActionResult Migrate()
{
string input = Request.Content.ReadAsStringAsync().Result;
// If not data came in, then return
if (this.Request.Content == null)
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
}
//// Read the input claims from the request body
//using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
//{
// input = await reader.ReadToEndAsync();
//}
// Check input content value
if (string.IsNullOrEmpty(input))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
}
// Convert the input string into InputClaimsModel object
InputClaimsModel inputClaims = InputClaimsModel.Parse(input);
if (inputClaims == null)
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.signInName))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict)));
}
//if (string.IsNullOrEmpty(inputClaims.password))
//{
// return Content(HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict));
//}
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(ConfigurationManager.AppSettings["Tenant"],
ConfigurationManager.AppSettings["ClientId"],
ConfigurationManager.AppSettings["ClientSecret"]);
GraphAccountModel account = azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName).Result;
// User already exists, no need to migrate.
if (account != null)
{
return(Ok());
}
B2CResponseModel outputClaimsCol = new B2CResponseModel("", HttpStatusCode.OK);
Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
outputClaimsCol.isMigrated = false;
outputClaimsCol.email = inputClaims.signInName;
//Only migrate account that is not migrated already, and verified successfully within the local LDAP store.
if (account == null && tmp.VerifyCredentials(inputClaims.signInName, inputClaims.password))
{
inputClaims.sn = "EID";
inputClaims.givenName = inputClaims.signInName;
inputClaims.email = string.Format("{0}@noreply.com", inputClaims.signInName);
bool result = MigrateUser(azureADGraphClient, inputClaims);
if (result)
{
outputClaimsCol.displayName = inputClaims.sn;
outputClaimsCol.givenName = inputClaims.givenName;
outputClaimsCol.surName = inputClaims.email;
outputClaimsCol.password = inputClaims.password;
outputClaimsCol.isMigrated = true;
}
}
return(Ok(outputClaimsCol));
//// Initiate the output claim object
//B2CResponseModel outputClaims = new B2CResponseModel("", HttpStatusCode.OK);
//outputClaims.newPassword = inputClaims.password;
//outputClaims.email = inputClaims.signInName;
//outputClaims.needToMigrate = "null";
//Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
//if (tmp.VerifyCredentials(inputClaims.signInName, inputClaims.password))
//{
// outputClaims.givenName = "Test " + DateTime.UtcNow.ToLongTimeString();
// outputClaims.surName = "User " + DateTime.UtcNow.ToLongDateString();
// outputClaims.needToMigrate = "local";
//}
//outputClaims.displayName = userMigrationEntity.DisplayName;
//outputClaims.surName = userMigrationEntity.LastName;
//outputClaims.givenName = userMigrationEntity.FirstName;
// Create a retrieve operation that takes a customer entity.
// Note: Azure Blob Table query is case sensitive, always set the input email to lower case
//var retrieveOperation = TableOperation.Retrieve<UserTableEntity>(Consts.MigrationTablePartition, inputClaims.signInName.ToLower());
//CloudTable table = await GetSignUpTable(this.AppSettings.BlobStorageConnectionString);
// Execute the retrieve operation.
//TableResult tableEntity = await table.ExecuteAsync(retrieveOperation);
//TableResult tableEntity = null;
//if (tableEntity != null && tableEntity.Result != null)
//{
// UserTableEntity userMigrationEntity = ((UserTableEntity)tableEntity.Result);
// try
// {
// outputClaims.needToMigrate = "local";
// // Compare the password entered by the user and the one in the migration table.
// // Don't compare in password reset flow (useInputPassword is true)
// if (inputClaims.useInputPassword || (inputClaims.password == userMigrationEntity.Password))
// {
// outputClaims.newPassword = inputClaims.password;
// outputClaims.email = inputClaims.signInName;
// outputClaims.displayName = userMigrationEntity.DisplayName;
// outputClaims.surName = userMigrationEntity.LastName;
// outputClaims.givenName = userMigrationEntity.FirstName;
// // Remove the user entity from migration table
// TableOperation deleteOperation = TableOperation.Delete((UserTableEntity)tableEntity.Result);
// //await table.ExecuteAsync(deleteOperation);
// }
// else
// {
// return Content(HttpStatusCode.Conflict, new B2CResponseModel("Your password is incorrect (migration API)", HttpStatusCode.Conflict));
// }
// }
// catch (Exception ex)
// {
// return Content(HttpStatusCode.Conflict, new B2CResponseModel($"User migration error: {ex.Message}", HttpStatusCode.Conflict));
// }
//}
//return Ok(outputClaims);
}
private IHttpActionResult ProcessRequest()
{
string input = Request.Content.ReadAsStringAsync().Result;
// If not data came in, then return
if (this.Request.Content == null)
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
}
//// Read the input claims from the request body
//using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
//{
// input = await reader.ReadToEndAsync();
//}
// Check input content value
if (string.IsNullOrEmpty(input))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
}
// Convert the input string into InputClaimsModel object
PeopleSoftInputClaimsModel inputClaims = PeopleSoftInputClaimsModel.Parse(input);
if (inputClaims == null)
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.uid))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("User 'uid' is null or empty", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.password))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict)));
}
//bool isEmail = Regex.IsMatch(emailString, @"\A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)\Z", RegexOptions.IgnoreCase);
if (string.IsNullOrEmpty(inputClaims.email) ||
!Regex.IsMatch(inputClaims.email, @"\A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)\Z", RegexOptions.IgnoreCase))
{
return(Content(HttpStatusCode.Conflict, new B2CResponseModel("Email is empty or not in the correct format", HttpStatusCode.Conflict)));
}
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(ConfigurationManager.AppSettings["Tenant"],
ConfigurationManager.AppSettings["ClientId"],
ConfigurationManager.AppSettings["ClientSecret"]);
GraphAccountModel account = azureADGraphClient.SearcUserBySignInNames(inputClaims.uid).Result;
B2CPeopleSoftResponseModel outputClaimsCol = new B2CPeopleSoftResponseModel("", HttpStatusCode.OK);
Ldap.Controllers.ValuesController tmp = new Ldap.Controllers.ValuesController();
outputClaimsCol.isMigrated = false;
outputClaimsCol.username = inputClaims.uid;
//Only migrate account that is not migrated already, and verified successfully within the local LDAP store.
if (account == null)
{
inputClaims.givenname = GetClaimValue(inputClaims.givenname);
inputClaims.sn = GetClaimValue(inputClaims.sn);
bool result = CreateUser(azureADGraphClient, inputClaims);
if (result)
{
outputClaimsCol.password = GetClaimValue(inputClaims.password);
outputClaimsCol.displayName = GetClaimValue(inputClaims.sn);
outputClaimsCol.email = inputClaims.email;
outputClaimsCol.givenName = inputClaims.givenname;
outputClaimsCol.surName = inputClaims.givenname;
outputClaimsCol.isMigrated = false;
}
}
//Update user
else
{
//TODO: Check for pasword as may want to stop update to it.
inputClaims.givenname = inputClaims.givenname == null ? account.surname : inputClaims.givenname;
inputClaims.sn = inputClaims.sn == null ? account.displayName : inputClaims.sn;
inputClaims.email = inputClaims.email == null ? account.givenName : inputClaims.email;
inputClaims.isActivated = inputClaims.isActivated == null ? account.accountEnabled : inputClaims.isActivated;
bool result = UpdateUser(azureADGraphClient, inputClaims, account.objectId);
if (result)
{
outputClaimsCol.password = GetClaimValue(inputClaims.password);
outputClaimsCol.displayName = GetClaimValue(inputClaims.sn);
outputClaimsCol.email = inputClaims.email;
outputClaimsCol.givenName = inputClaims.givenname;
outputClaimsCol.surName = inputClaims.givenname;
outputClaimsCol.isActivated = (bool)inputClaims.isActivated;
//outputClaimsCol.isMigrated = false;
}
//return Content(HttpStatusCode.Conflict, new B2CResponseModel($"User already exists {inputClaims.uid}", HttpStatusCode.Conflict));
}
return(Ok(outputClaimsCol));
}
