public ActionResult Create(JournalEntry journalentry) { if (ModelState.IsValid) { // TODO use an Azure Queue that will be monitored by a worker role //add the custom type for health vault ItemTypeManager.RegisterTypeHandler(HVJournalEntry.TypeId, typeof(HVJournalEntry), true); // get the authed user var authorizedUser = (User as HVPrincipal); if (authorizedUser != null) { //get the auth token var authToken = authorizedUser.AuthToken; // create the appropriate objects for health vault var appId = HealthApplicationConfiguration.Current.ApplicationId; WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // setup the user WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = HealthVaultPlatform.GetPersonInfo(connection); // before we add make sure we still have permission to add var result = personInfo.SelectedRecord.QueryPermissionsByTypes(new List<Guid>() { HVJournalEntry.TypeId }).FirstOrDefault(); if (!result.Value.OnlineAccessPermissions.HasFlag(HealthRecordItemPermissions.Create)) throw new ArgumentNullException("unable to create record as no permission is given from health vault"); //Now add to the HV system personInfo.SelectedRecord.NewItem(new HVJournalEntry(journalentry)); // redirect return RedirectToAction("Index"); } } return View(journalentry); }
public ActionResult Login(LoginModel model, string returnUrl) { // here we are getting posted from HealthVault so extract the wctoken sent string authToken = Request.Params["wctoken"]; if (authToken != null) { // create a web app cred object var appId = HealthApplicationConfiguration.Current.ApplicationId; WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // setup the user WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = HealthVaultPlatform.GetPersonInfo(connection); // check to make sure there is access to records if (personInfo.AuthorizedRecords.Count() == 0) throw new Exception("There are no authorized users for us to work with!"); // check to see if the user exists var personId = personInfo.PersonId.ToString(); // we found the user so authenticate them var username = personId; var password = personId + appId; if (Membership.ValidateUser(username, password)) { // user has authenticated var user = Membership.GetUser(personInfo.PersonId.ToString()); // save auth cookie CreateAuthCookie(personInfo, user, authToken); } else { // the user has not registered with us so create one // Attempt to register the user MembershipCreateStatus createStatus; var newUser = Membership.CreateUser(username, password, "", passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus); if (createStatus == MembershipCreateStatus.Success) { //save auth cookie CreateAuthCookie(personInfo, newUser, authToken); } else { ModelState.AddModelError("", ErrorCodeToString(createStatus)); return View(model); } } // save the user to the local table SaveUser(personInfo, authToken); // save the user avatar image to blob HVUserImageHelper.Default.SaveImageToBlobStorage(personInfo.SelectedRecord == null ? personInfo.AuthorizedRecords.FirstOrDefault().Value : personInfo.SelectedRecord); // redirect to the actionqs NameValueCollection query = HttpUtility.ParseQueryString(Request.Url.Query); var r = HttpUtility.UrlDecode(query["actionqs"]); return Redirect(new Uri(string.Format("http://{0}{1}{2}", Request.Url.Host, (Request.Url.IsDefaultPort ? "" : ":" + Request.Url.Port), r)).ToString()); } else { // no wctoken so just redirect to home ModelState.AddModelError("", "Unable to authenticate with Microsoft HealthVault."); } // If we got this far, something failed, redisplay form return View(model); }
/// <summary> /// Create a connection to the application. /// </summary> /// /// <remarks> /// The ApplicationId must be set before calling this method. /// /// This method could cause a request to the network to retrieve the /// cryptographic object identifier of the certificate used by the /// application. For example in case the hosting machine is joined to /// a domain, resolving or retrieving the cryptographic object /// identifier could result in an LDAP query. /// </remarks> /// /// <exception ref="SecurityException"> /// The required application-specific certificate is not found. /// </exception> /// /// <exception cref="ArgumentException"> /// The person Id is empty. /// </exception> /// /// <exception cref="InvalidConfigurationException"> /// The application Id or the certificate, or the healthServiceUrl /// are incorrect. /// </exception> /// /// <returns> /// An HealthClientAuthorizedConnection instance /// </returns> private HealthClientAuthorizedConnection Connect() { if (this._applicationId == Guid.Empty) { throw Validator.InvalidConfigurationException("InvalidApplicationIdConfiguration"); } if (this.Certificate == null) { throw Validator.InvalidConfigurationException("InvalidApplicationCertificate"); } if (_healthServiceUrl == null) { throw Validator.InvalidConfigurationException("InvalidRequestUrlConfiguration"); } WebApplicationCredential webApplicationCredential = new WebApplicationCredential(ApplicationId, StoreLocation.CurrentUser, this.Certificate.Subject); // create a connection based on the app-id and certificate... return new HealthClientAuthorizedConnection( webApplicationCredential, ApplicationId, _healthServiceUrl); }
/// <summary> /// Creates an authorized client connection to the application. /// </summary> /// /// <param name="personId"> /// ID of the person for the connection. /// </param> /// /// <exception ref="SecurityException"> /// The required application-specific certificate is invalid. /// </exception> /// /// <exception cref="ArgumentException"> /// The <paramref name="personId"/> parameter is empty. /// </exception> /// /// <exception cref="InvalidConfigurationException"> /// The required application-specific certificate is not found, /// the value of <see cref="HealthClientApplication.HealthServiceUrl"/> is /// <b>null</b>, or the value of <see cref="HealthClientApplication.ApplicationId"/> /// is <see cref="Guid.Empty"/>. /// </exception> /// /// <returns> /// A <see cref="HealthClientAuthorizedConnection"/> instance. /// </returns> /// public HealthClientAuthorizedConnection CreateAuthorizedConnection(Guid personId) { Validator.ThrowArgumentExceptionIf( personId == Guid.Empty, "personId", "InvalidPersonId"); if (_applicationId == Guid.Empty) { throw Validator.InvalidConfigurationException("InvalidApplicationIdConfiguration"); } if (Certificate == null) { throw Validator.InvalidConfigurationException("InvalidApplicationCertificate"); } if (_healthServiceUrl == null) { throw Validator.InvalidConfigurationException("InvalidRequestUrlConfiguration"); } WebApplicationCredential webApplicationCredential = new WebApplicationCredential(ApplicationId, StoreLocation.CurrentUser, Certificate.Subject); return new HealthClientAuthorizedConnection( webApplicationCredential, ApplicationId, _healthServiceUrl, personId); }
/// <summary> /// Get's the authenticated person's information using the specified authentication token. /// </summary> /// /// <param name="authToken"> /// The authentication token for a user. This can be retrieved by extracting the WCToken /// query string parameter from the request after the user has been redirected to the /// HealthVault AUTH page. See <see cref="RedirectToShellUrl(HttpContext, string)"/> for more information. /// </param> /// /// <param name="appId"> /// The unique identifier for the application. /// </param> /// /// <returns> /// The information about the logged in person. /// </returns> /// public static PersonInfo GetPersonInfo(string authToken, Guid appId) { WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // set up our cookie WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = HealthVaultPlatform.GetPersonInfo(connection); personInfo.ApplicationSettingsChanged += new EventHandler(OnPersonInfoChanged); personInfo.SelectedRecordChanged += new EventHandler(OnPersonInfoChanged); return personInfo; }
/// <summary> /// Instantiates a credential from type information and subsequently /// calls <see cref="ReadCookieXml"/> to initialize the object. /// </summary> /// /// <param name="credNav"></param> /// /// <returns> /// An instance of <see cref="Credential"/>. /// </returns> /// internal static Credential CreateFromCookieXml(XPathNavigator credNav) { Credential cred = null; // expected schema: // <type>object Type</type> // <[credname]>...</[credname]> XPathNavigator typeNav = credNav.SelectSingleNode("type"); if (typeNav != null) { switch (typeNav.Value) { case "Microsoft.Health.Authentication.PassportCredential": cred = new PassportCredential(); break; case "Microsoft.Health.Web.Authentication.WebApplicationCredential": cred = new WebApplicationCredential(); break; default: return null; } typeNav.MoveToFollowing(XPathNodeType.Element); XmlReader reader = typeNav.ReadSubtree(); reader.Read(); cred.ReadCookieXml(reader); } return cred; }
/// <summary> /// Creates a new instance of the <see cref="OfflineWebApplicationConnection"/> /// class with the specified credential, application, HealthVault /// service URL, and person identification. /// </summary> /// /// <param name="credential"> /// The HealthVault application credential used to authenticate the connection. /// </param> /// /// <param name="callingApplicationId"> /// The HealthVault application identifier. /// </param> /// /// <param name="healthServiceUrl"> /// The URL of the HealthVault service. If an application does not add "/wildcat.ashx" at the end of /// the URL, the constructor will add it automatically. /// </param> /// /// <param name="offlinePersonId"> /// The unique identifier of the offline person who granted permissions /// to the application to perform operations. /// </param> /// /// <exception cref="ArgumentNullException"> /// If <paramref name="healthServiceUrl"/> is <b>null</b>. /// </exception> /// public OfflineWebApplicationConnection( WebApplicationCredential credential, Guid callingApplicationId, Uri healthServiceUrl, Guid offlinePersonId) : base(callingApplicationId, healthServiceUrl) { Credential = credential; if (offlinePersonId != Guid.Empty) { _offlinePersonId = offlinePersonId; } }
/// <summary> /// Creates a new instance of the <see cref="OfflineWebApplicationConnection"/> /// class with the specified credential, application, string-formatted /// HealthVault service URL, and person identification. /// </summary> /// /// <param name="credential"> /// The HealthVault application credential used to authenticate /// the connection. /// </param> /// /// <param name="callingApplicationId"> /// The HealthVault application identifier. /// </param> /// /// <param name="healthServiceUrl"> /// The URL of the HealthVault service. If an application does not add "/wildcat.ashx" at the end of /// the URL, the constructor will add it automatically. /// </param> /// /// <param name="offlinePersonId"> /// The unique identifier of the offline person who granted permissions /// to the application to perform operations. /// </param> /// /// <exception cref="ArgumentException"> /// The <paramref name="offlinePersonId"/> parameter is Guid.Empty. /// </exception> /// /// <exception cref="ArgumentNullException"> /// The <paramref name="healthServiceUrl"/> parameter is <b>null</b>. /// </exception> /// /// <exception cref="UriFormatException"> /// The <paramref name="healthServiceUrl"/> parameter is not a properly /// formatted URL. /// </exception> /// public OfflineWebApplicationConnection( WebApplicationCredential credential, Guid callingApplicationId, string healthServiceUrl, Guid offlinePersonId) : this(credential, callingApplicationId, new Uri(healthServiceUrl), offlinePersonId) { }
/// <summary> /// Creates a new instance of the <see cref="OfflineWebApplicationConnection"/> /// class with the specified credential and person identification. /// </summary> /// /// <param name="credential"> /// The HealthVault application credential used to authenticate /// the connection. /// </param> /// /// <param name="offlinePersonId"> /// The unique identifier of the offline person who granted permissions /// to the application to perform operations. /// </param> /// /// <exception cref="InvalidConfigurationException"> /// If the web or application configuration file does not contain /// configuration entries for "ApplicationID" or "HealthServiceUrl". /// </exception> /// public OfflineWebApplicationConnection( WebApplicationCredential credential, Guid offlinePersonId) : base() { if (credential == null) { credential = new WebApplicationCredential( ApplicationId, HealthApplicationConfiguration.Current.ApplicationCertificate); } Credential = credential; if (offlinePersonId != Guid.Empty) { _offlinePersonId = offlinePersonId; } }
// // GET: /JournalEntry/Delete/5 public ActionResult Delete(string id) { // create the item key var t = id.Split(','); var key = new HealthRecordItemKey(Guid.Parse(t[0]), Guid.Parse(t[1])); // get the user var hvUser = (User as HVPrincipal); if (hvUser != null) { // get the auth token var authToken = hvUser.AuthToken; // create the appropriate objects for health vault var appId = HealthApplicationConfiguration.Current.ApplicationId; WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // setup the user WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = null; personInfo = HealthVaultPlatform.GetPersonInfo(connection); // delete the record personInfo.SelectedRecord.RemoveItem(key); } // redirect return RedirectToAction("Index"); }
// // GET: /JournalEntry/ public ActionResult Index() { // register the custom type ItemTypeManager.RegisterTypeHandler(HVJournalEntry.TypeId, typeof(HVJournalEntry), true); // get the user var hvUser = (User as HVPrincipal); if (hvUser != null) { // get the auth token var authToken = hvUser.AuthToken; // create the appropriate objects for health vault var appId = HealthApplicationConfiguration.Current.ApplicationId; WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // setup the user WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = null; personInfo = HealthVaultPlatform.GetPersonInfo(connection); // before we add make sure we still have permission to add var result = personInfo.SelectedRecord.QueryPermissionsByTypes(new List<Guid>() { HVJournalEntry.TypeId }).FirstOrDefault(); if (!result.Value.OnlineAccessPermissions.HasFlag(HealthRecordItemPermissions.Read)) throw new ArgumentNullException("unable to create record as no permission is given from health vault"); // search hv for the records HealthRecordSearcher searcher = personInfo.SelectedRecord.CreateSearcher(); HealthRecordFilter filter = new HealthRecordFilter(HVJournalEntry.TypeId); searcher.Filters.Add(filter); // get the matching items HealthRecordItemCollection entries = searcher.GetMatchingItems()[0]; // compile a list of journalEntryItems only var items = entries.Cast<HVJournalEntry>().ToList(); var ret = new List<JournalEntry>(items.Count()); foreach (var t in items) { var je = t.JournalEntry; je.HvId = t.Key.ToString(); ret.Add(je); } // return the list to the view return View(ret); } else { // if we make it here there is nothing to display return View(new List<JournalEntry>(0)); } }
public ActionResult GetUserData(int userId = -1) { // just do a basic check if (userId == -1) return Json(new { status = "error", msg = "userId not sent" }, JsonRequestBehavior.AllowGet); // try to find the user var context = new HVDbContext(); var user = (from t in context.HealthVaultUsers where t.Id == userId select t).FirstOrDefault(); // if no user is found return error if (user == null) return Json(new { status = "error", msg = "userId not found" }, JsonRequestBehavior.AllowGet); // extract the token and make the request to health vault for all the data var authToken = user.WCToken; // register the type in the HV SDK ItemTypeManager.RegisterTypeHandler(HVJournalEntry.TypeId, typeof(HVJournalEntry), true); // create the appropriate objects for health vault var appId = HealthApplicationConfiguration.Current.ApplicationId; WebApplicationCredential cred = new WebApplicationCredential( appId, authToken, HealthApplicationConfiguration.Current.ApplicationCertificate); // setup the user WebApplicationConnection connection = new WebApplicationConnection(appId, cred); PersonInfo personInfo = null; try { personInfo = HealthVaultPlatform.GetPersonInfo(connection); } catch { return Json(new { status = "error", msg = "Unable to connect to HealthVault service" }, JsonRequestBehavior.AllowGet); } // get the selected record var authRecord = personInfo.SelectedRecord; // make sure there is a record returned if (authRecord == null) return Json(new { status = "error", msg = "cannot get selected record" }, JsonRequestBehavior.AllowGet); // before we add make sure we still have permission to read var result = authRecord.QueryPermissionsByTypes(new List<Guid>() { HVJournalEntry.TypeId }).FirstOrDefault(); if (!result.Value.OnlineAccessPermissions.HasFlag(HealthRecordItemPermissions.Read)) return Json(new { status = "error", msg = "unable to create record as no permission is given from health vault" }, JsonRequestBehavior.AllowGet); // search hv for the records HealthRecordSearcher searcher = authRecord.CreateSearcher(); HealthRecordFilter filter = new HealthRecordFilter(HVJournalEntry.TypeId); searcher.Filters.Add(filter); HealthRecordItemCollection entries = searcher.GetMatchingItems()[0]; var ret = entries.Cast<HVJournalEntry>().ToList().Select(t => t.JournalEntry); return Json(new { status = "ok", data = ret }, JsonRequestBehavior.AllowGet); }
/// <summary> /// Creates a new instance of HealthClientAuthorizedConnection /// using a specified <see cref="WebApplicationCredential"/>, application ID, and health service URL. /// </summary> /// /// <param name="webApplicationCredential"> /// Credential for authenticating the application. /// </param> /// /// <param name="applicationId"> /// The ID of the client application. /// </param> /// /// <param name="healthServiceUri"> /// The URL of the HealthVault platform service. /// </param> /// /// <exception cref="ArgumentNullException"> /// The <paramref name="healthServiceUri"/> parameter is <b>null</b>. /// </exception> /// /// <exception cref="UriFormatException"> /// The <paramref name="healthServiceUri"/> parameter is not a properly /// formatted URL. /// </exception> /// public HealthClientAuthorizedConnection( WebApplicationCredential webApplicationCredential, Guid applicationId, Uri healthServiceUri) : base(webApplicationCredential, applicationId, healthServiceUri, Guid.Empty) { }
/// <summary> /// Creates an instance of HealthClientAuthorizedConnection /// using a specified <see cref="WebApplicationCredential"/> and /// connection information stored in a configuration file.. /// </summary> /// /// <param name="webApplicationCredential"> /// Credential for authenticating the application. /// </param> /// /// <exception cref="InvalidConfigurationException"> /// The web or application configuration file does not contain /// configuration entries for "ApplicationID" or "HealthServiceUrl". /// </exception> /// public HealthClientAuthorizedConnection( WebApplicationCredential webApplicationCredential) : base(webApplicationCredential, Guid.Empty) { }
/// <summary> /// Authenticate the keyset pair for the specified /// <paramref name="applicationId"/> by calling to the Microsoft Health /// Service to create a new authentication token. /// </summary> /// /// <remarks> /// In order to avoid unnecessary authentication actions, it is /// expected that the caller will first call /// <cref name="IsAuthenticationExpired"/> before calling this. /// </remarks> /// /// <param name="keySetPairs"> /// The keyset pairs collection that will contain the newly /// authenticated keyset pair. /// </param> /// /// <param name="connection"> /// The connection used to perform the authentication. /// </param> /// /// <param name="applicationId"> /// The application id of the keyset pair that will be authenticated. /// </param> /// /// <param name="certificate"> /// The application's certificate containing the application's private key. /// </param> /// private static void AuthenticateKeySetPair( AuthSessionKeySetPairs keySetPairs, HealthServiceConnection connection, Guid applicationId, X509Certificate2 certificate) { AuthenticationTokenKeySetPair pair = keySetPairs.GetPair(applicationId); if (pair == null) { pair = keySetPairs.CreatePair(applicationId); } if (!pair.IsAuthenticated()) { lock (pair) { if (!pair.IsAuthenticated()) { if (pair.IsAuthenticationResultExpired) { // the existing live pair is already authenticated // so create a new one with a fresh keyset pair.RefreshSharedSecret(); } WebApplicationCredential cred = new WebApplicationCredential(applicationId, certificate); cred.KeySet = pair.KeySet.Clone(); // create the new token // this will implicitly result in a call to // UpdateAuthenticationResults cred.CreateAuthenticatedSessionToken( connection, applicationId); } } } }