| | | 1 | | using Elsa.Abstractions; |
| | | 2 | | using Elsa.Identity.Contracts; |
| | | 3 | | using Elsa.Identity.Entities; |
| | | 4 | | using Elsa.Workflows; |
| | | 5 | | using JetBrains.Annotations; |
| | | 6 | | |
| | | 7 | | namespace Elsa.Identity.Endpoints.Applications.Create; |
| | | 8 | | |
| | | 9 | | /// <summary> |
| | | 10 | | /// An endpoint that creates a new application. Requires the <code>SecurityRoot</code> policy. |
| | | 11 | | /// </summary> |
| | | 12 | | [PublicAPI] |
| | | 13 | | internal class Create : ElsaEndpoint<Request, Response> |
| | | 14 | | { |
| | | 15 | | private readonly IIdentityGenerator _identityGenerator; |
| | | 16 | | private readonly IClientIdGenerator _clientIdGenerator; |
| | | 17 | | private readonly ISecretGenerator _secretGenerator; |
| | | 18 | | private readonly IApiKeyGenerator _apiKeyGenerator; |
| | | 19 | | private readonly ISecretHasher _secretHasher; |
| | | 20 | | private readonly IApplicationStore _applicationStore; |
| | | 21 | | private readonly IRoleStore _roleStore; |
| | | 22 | | |
| | 1 | 23 | | public Create( |
| | 1 | 24 | | IIdentityGenerator identityGenerator, |
| | 1 | 25 | | IClientIdGenerator clientIdGenerator, |
| | 1 | 26 | | ISecretGenerator secretGenerator, |
| | 1 | 27 | | IApiKeyGenerator apiKeyGenerator, |
| | 1 | 28 | | ISecretHasher secretHasher, |
| | 1 | 29 | | IApplicationStore applicationStore, |
| | 1 | 30 | | IRoleStore roleStore) |
| | | 31 | | { |
| | 1 | 32 | | _identityGenerator = identityGenerator; |
| | 1 | 33 | | _clientIdGenerator = clientIdGenerator; |
| | 1 | 34 | | _secretGenerator = secretGenerator; |
| | 1 | 35 | | _apiKeyGenerator = apiKeyGenerator; |
| | 1 | 36 | | _secretHasher = secretHasher; |
| | 1 | 37 | | _applicationStore = applicationStore; |
| | 1 | 38 | | _roleStore = roleStore; |
| | 1 | 39 | | } |
| | | 40 | | |
| | | 41 | | /// <inheritdoc /> |
| | | 42 | | public override void Configure() |
| | | 43 | | { |
| | 1 | 44 | | Post("/identity/applications"); |
| | 1 | 45 | | ConfigurePermissions("create:application"); |
| | 1 | 46 | | Policies(IdentityPolicyNames.SecurityRoot); |
| | 1 | 47 | | } |
| | | 48 | | |
| | | 49 | | /// <inheritdoc /> |
| | | 50 | | public override async Task HandleAsync(Request request, CancellationToken cancellationToken) |
| | | 51 | | { |
| | 0 | 52 | | var id = _identityGenerator.GenerateId(); |
| | 0 | 53 | | var clientId = await _clientIdGenerator.GenerateAsync(cancellationToken); |
| | 0 | 54 | | var clientSecret = _secretGenerator.Generate(); |
| | 0 | 55 | | var hashedClientSecret = _secretHasher.HashSecret(clientSecret); |
| | 0 | 56 | | var apiKey = _apiKeyGenerator.Generate(clientId); |
| | 0 | 57 | | var hashedApiKey = _secretHasher.HashSecret(apiKey); |
| | | 58 | | |
| | 0 | 59 | | var application = new Application |
| | 0 | 60 | | { |
| | 0 | 61 | | Id = id, |
| | 0 | 62 | | ClientId = clientId, |
| | 0 | 63 | | HashedClientSecret = hashedClientSecret.EncodeSecret(), |
| | 0 | 64 | | HashedClientSecretSalt = hashedClientSecret.EncodeSalt(), |
| | 0 | 65 | | Name = request.Name, |
| | 0 | 66 | | HashedApiKey = hashedApiKey.EncodeSecret(), |
| | 0 | 67 | | HashedApiKeySalt = hashedApiKey.EncodeSalt(), |
| | 0 | 68 | | Roles = request.Roles ?? new List<string>() |
| | 0 | 69 | | }; |
| | | 70 | | |
| | 0 | 71 | | await _applicationStore.SaveAsync(application, cancellationToken); |
| | | 72 | | |
| | 0 | 73 | | var response = new Response( |
| | 0 | 74 | | id, |
| | 0 | 75 | | application.Name, |
| | 0 | 76 | | application.Roles, |
| | 0 | 77 | | clientId, |
| | 0 | 78 | | clientSecret, |
| | 0 | 79 | | apiKey, |
| | 0 | 80 | | hashedApiKey.EncodeSecret(), |
| | 0 | 81 | | hashedApiKey.EncodeSalt(), |
| | 0 | 82 | | hashedClientSecret.EncodeSecret(), |
| | 0 | 83 | | hashedClientSecret.EncodeSalt()); |
| | | 84 | | |
| | 0 | 85 | | await Send.OkAsync(response, cancellationToken); |
| | 0 | 86 | | } |
| | | 87 | | } |