blob: 2daf3c7e610028b05372f66cc796fdf3e1c7bc01 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Authentication;
using System.Web;
using System.Web.Mvc;
using Tango.MachineService.Gateway.Filters;
using Tango.MachineService.Gateway.Messages;
using Tango.Web.Controllers;
using Tango.Web.Security;
namespace Tango.MachineService.Gateway.Controllers
{
public class AzureUtilsController : TangoController<AzureUtilsController.TokenObject>
{
public class TokenObject
{
public String Email { get; set; }
}
[HttpPost]
public LoginResponse Login(LoginRequest request)
{
var azure = AzureUtils.AzureUtilsAuthenticationFactory.AuthenticateOrGetAsync().Result;
AzureUtils.ActiveDirectory.ActiveDirectoryManager adManager = new AzureUtils.ActiveDirectory.ActiveDirectoryManager(azure);
try
{
adManager.Authenticate(request.Email, request.Password).GetAwaiter().GetResult();
}
catch (Exception ex)
{
throw new AuthenticationException("The specified email or password is incorrect.", ex);
}
try
{
adManager.IsUserMemberOf(MachineServiceGatewayConfig.AZURE_UTILS_GROUP, request.Email);
}
catch
{
throw new AuthenticationException("The specified user is not authorized to access the resource.");
}
return new LoginResponse()
{
AccessToken = WebToken<TokenObject>.CreateNew(MachineServiceGatewayConfig.JWT_TOKEN_SECRET, new TokenObject()
{
Email = request.Email,
}, DateTime.UtcNow.AddDays(1)).AccessToken,
};
}
[HttpPost]
[JwtTokenFilter]
public void DoSomethingSecret()
{
}
}
}
|
