public static void AddIdentity(this ManagementService svc, Credentials serviceIdentity, DateTime startDate, DateTime endDate) { Contract.Requires(svc != null); Contract.Requires(serviceIdentity != null); Contract.Requires(startDate != default(DateTime)); Contract.Requires(endDate > startDate); var sid = new ServiceIdentity() { Name = serviceIdentity.UserName }; var key = new ServiceIdentityKey() { StartDate = startDate, EndDate = endDate, Type = "Password", Usage = "Password", Value = Encoding.UTF8.GetBytes(serviceIdentity.Password), DisplayName = string.Format(CultureInfo.InvariantCulture, "{0} key for {1}", "Password", serviceIdentity.UserName) }; svc.AddToServiceIdentities(sid); svc.AddRelatedObject(sid, "ServiceIdentityKeys", key); svc.SaveChanges(SaveChangesOptions.Batch); }
private async static Task<string> GetTokenFromACS(string acsNamespace, Credentials credentials) { var client = new HttpClient(); client.BaseAddress = new Uri(string.Format(CultureInfo.CurrentCulture, "https://{0}.{1}", acsNamespace, ACSHOSTNAME)); var content = new FormUrlEncodedContent(new[] { new KeyValuePair<string, string>("grant_type", "client_credentials"), new KeyValuePair<string, string>("client_id", credentials.UserName), new KeyValuePair<string, string>("client_secret", credentials.Password), new KeyValuePair<string, string>("scope", client.BaseAddress + ACSMANAGEMENTSERVICE) }); var response = await client.PostAsync("/v2/OAuth2-13", content); response.EnsureSuccessStatusCode(); var json = await response.Content.ReadAsStringAsync(); var data = JObject.Parse(json); return data["access_token"].ToString(); }
public static ManagementService CreateManagementServiceClient( string acsNamespace, Credentials credentials) { Contract.Requires(acsNamespace.IsAcsNamespace()); Contract.Requires(credentials != null); var endpoint = string.Format( CultureInfo.InvariantCulture, "https://{0}.{1}/{2}", acsNamespace, ACSHOSTNAME, ACSMANAGEMENTSERVICE); var managementService = new ManagementService(new Uri(endpoint)); managementService.SendingRequest += (s, e) => { if (cachedSwtToken == null) { cachedSwtToken = AsyncContext.Run<string>(() => GetTokenFromACS(acsNamespace, credentials)); } e.Request.Headers.Add( HttpRequestHeader.Authorization, "Bearer " + cachedSwtToken); }; return managementService; }
public static void DeleteExistingEntries(this ManagementService svc, Uri realm, Credentials serviceIdentity, string ruleGroupName) { Contract.Requires(svc != null); Contract.Requires(realm != null); Contract.Requires(realm.IsAbsoluteUri); Contract.Requires(realm.AbsolutePath == "/"); Contract.Requires(serviceIdentity != null); Contract.Requires(!string.IsNullOrWhiteSpace(ruleGroupName)); svc.DeleteRelyingPartyByRealmIfExists(realm.AbsoluteUri); svc.DeleteServiceIdentityIfExists(serviceIdentity.UserName); svc.DeleteRuleGroupByNameIfExists(ruleGroupName); svc.SaveChanges(SaveChangesOptions.Batch); }
public static void Init(string fileName) { Contract.Requires(!string.IsNullOrWhiteSpace(fileName)); Contract.Requires(File.Exists(fileName)); var doc = XDocument.Load(fileName); var root = doc.Element("settings"); AcsNamespace = root.Element("acsNamespace").Value; TokenLifetime = (int)root.Element("tokenLifetime"); var keyLifetime = (int)root.Element("keyLifetime"); var servicePassword = root.Element("servicePassword").Value; var signingPassword = root.Element("signingPassword").Value; var namePrefix = root.Element("namePrefix").Value; var authority = new Uri(root.Element("authority").Value); Contract.Assert(AcsNamespace.IsAcsNamespace()); Contract.Assert(TokenLifetime >= 1); Contract.Assert(keyLifetime >= 1); Contract.Assert(!string.IsNullOrWhiteSpace(servicePassword)); Contract.Assert(!string.IsNullOrWhiteSpace(signingPassword)); Contract.Assert(!string.IsNullOrWhiteSpace(namePrefix)); Contract.Assert(authority.IsAbsoluteUri); Contract.Assert(authority.AbsolutePath == "/"); Realm = new Uri(authority.AbsoluteUri + "Users/"); RelyingParty = namePrefix + " Relying Party"; RuleGroup = namePrefix + " Rule Group"; KeyStartDate = DateTime.UtcNow.Date; KeyEndDate = KeyStartDate.AddMonths(keyLifetime); ServiceIdentity = new Credentials( namePrefix + " Service Identity", servicePassword); TokenSigningKey = Encoding.UTF8.GetBytes(signingPassword); }