public async Task <IActionResult> Put(string resourceName, [FromBody] IroncladResource model) { if (string.Equals(resourceName, "auth_api", StringComparison.OrdinalIgnoreCase)) { return(this.BadRequest(new { Message = $"Cannot modify the authorization console web API" })); } using (var session = this.store.LightweightSession()) { var document = await session.Query <PostgresResource>().SingleOrDefaultAsync(item => item.Name == resourceName); if (document == null) { return(this.NotFound(new { Message = $"API resource '{resourceName}' not found" })); } // NOTE (Cameron): Because of the mapping/conversion unknowns we rely upon the Postgres integration to perform that operation which is why we do this... var resource = new IdentityServerResource { UserClaims = model.UserClaims, Scopes = model.ApiScopes.Select(scope => new Scope(scope.Name, scope.UserClaims)).ToList(), }; // NOTE (Cameron): If the secret is updated we want to add the new secret... if (!string.IsNullOrEmpty(model.ApiSecret)) { resource.ApiSecrets = new List <Secret> { new Secret(model.ApiSecret.Sha256()) }; } var entity = resource.ToEntity(); // update properties (everything supported is an optional update eg. if null is passed we will not update) document.DisplayName = model.DisplayName ?? document.DisplayName; document.UserClaims = entity.UserClaims ?? document.UserClaims; document.Scopes = entity.Scopes ?? document.Scopes; document.Enabled = model.Enabled ?? document.Enabled; if (!string.IsNullOrEmpty(model.ApiSecret)) { document.Secrets.Add(entity.Secrets.First()); } session.Update(document); await session.SaveChangesAsync(); } return(this.Ok()); }
public async Task <IActionResult> Post([FromBody] IroncladResource model) { if (string.IsNullOrEmpty(model.Name)) { return(this.BadRequest(new { Message = $"Cannot create an API resource without a name" })); } if (string.IsNullOrEmpty(model.ApiSecret)) { return(this.BadRequest(new { Message = $"Cannot create an API resource without a secret" })); } var resource = new IdentityServerResource(model.Name, model.DisplayName) { ApiSecrets = new List <Secret> { new Secret(model.ApiSecret.Sha256()) }, }; // optional properties resource.UserClaims = model.UserClaims ?? resource.UserClaims; resource.Scopes = model.ApiScopes?.Select(item => new Scope(item.Name, item.UserClaims)).ToList() ?? resource.Scopes; resource.Enabled = model.Enabled ?? resource.Enabled; using (var session = this.store.LightweightSession()) { if (session.Query <PostgresResource>().Any(document => document.Name == model.Name)) { return(this.StatusCode((int)HttpStatusCode.Conflict, new { Message = "API resource already exists" })); } session.Insert(resource.ToEntity()); await session.SaveChangesAsync(); } return(this.Created(new Uri(this.HttpContext.GetIdentityServerRelativeUrl("~/api/apiresources/" + model.Name)), null)); }