Skip to content
Snippets Groups Projects
Commit 231320a0 authored by L. Ellenbeck's avatar L. Ellenbeck
Browse files

WIP: moved functions coscine/issues#1425

parent fa320a9d
No related branches found
No related tags found
1 merge request!90Topic/1425 fh privileges
using Coscine.Database.DataModel; using Coscine.Api.STS.Data;
using Coscine.Database.Models;
using Coscine.Api.STS.Data;
using Coscine.Api.STS.Utils; using Coscine.Api.STS.Utils;
using Coscine.Database.DataModel;
using Coscine.Database.Models;
using Coscine.Metadata;
using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using System; using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Coscine.Metadata;
using System.Collections.Generic;
using VDS.RDF;
using VDS.RDF.Query;
namespace Coscine.Api.STS.Controllers namespace Coscine.Api.STS.Controllers
{ {
...@@ -19,15 +16,11 @@ namespace Coscine.Api.STS.Controllers ...@@ -19,15 +16,11 @@ namespace Coscine.Api.STS.Controllers
{ {
private readonly SignInManager<CoscineUser> _signInManager; private readonly SignInManager<CoscineUser> _signInManager;
private readonly RdfStoreConnector _rdfStoreConnector; private readonly RdfStoreConnector _rdfStoreConnector;
private readonly string _userUrlPrefix;
private readonly Uri _orgPrefixUrl = new Uri("http://www.w3.org/ns/org#");
private readonly Uri _foafPrefixUrl = new Uri("http://xmlns.com/foaf/0.1/");
public ShibbolethController(SignInManager<CoscineUser> signInManager) public ShibbolethController(SignInManager<CoscineUser> signInManager)
{ {
_signInManager = signInManager; _signInManager = signInManager;
_rdfStoreConnector = new RdfStoreConnector(Program.Configuration.GetString("coscine/local/virtuoso/additional/url")); _rdfStoreConnector = new RdfStoreConnector(Program.Configuration.GetString("coscine/local/virtuoso/additional/url"));
_userUrlPrefix = "https://purl.org/coscine/users";
} }
[Route("[controller]/callback")] [Route("[controller]/callback")]
...@@ -81,22 +74,22 @@ namespace Coscine.Api.STS.Controllers ...@@ -81,22 +74,22 @@ namespace Coscine.Api.STS.Controllers
}); });
} }
var userGraphName = $"{_userUrlPrefix}/{user.Id}"; var userGraphName = $"{_rdfStoreConnector.UserUrlPrefix}/{user.Id}";
// Make sure the user graph exists. // Make sure the user graph exists.
EnsureGraph(userGraphName); RdfStoreConnector.EnsureGraph(userGraphName);
// Overwrite for testing. // Overwrite for testing.
identifier = "eU1EjTnPkNKpwIw7k8xYCjnpfsIvXjsz6egnvyOoCaCe0uG4Zp07m0c4GLz1k13a"; identifier = "eU1EjTnPkNKpwIw7k8xYCjnpfsIvXjsz6egnvyOoCaCe0uG4Zp07m0c4GLz1k13a";
// Get organization. // Get organization.
var organization = GetOrganization(entityId, identifier); var organization = _rdfStoreConnector.GetOrganization(entityId, identifier);
// Can only update data if an org was found. // Can only update data if an org was found.
if(organization != null) if(organization != null)
{ {
// Drop old membership infromation. // Drop old membership infromation.
RemoveMembershipData(userGraphName, organization); _rdfStoreConnector.RemoveMembershipData(userGraphName, organization);
// Reverse lookup... // Reverse lookup...
var eduPersonScopedAffiliation = info.Principal.FindFirstValue(ShibbolethAttributeMapping.LabelMapping.FirstOrDefault(x => x.Value == "Entitlement").Key); var eduPersonScopedAffiliation = info.Principal.FindFirstValue(ShibbolethAttributeMapping.LabelMapping.FirstOrDefault(x => x.Value == "Entitlement").Key);
...@@ -105,7 +98,7 @@ namespace Coscine.Api.STS.Controllers ...@@ -105,7 +98,7 @@ namespace Coscine.Api.STS.Controllers
|| (eduPersonScopedAffiliation.StartsWith("member@") && entityId == "https://login-test.rz.rwth-aachen.de/shibboleth")) || (eduPersonScopedAffiliation.StartsWith("member@") && entityId == "https://login-test.rz.rwth-aachen.de/shibboleth"))
{ {
// Add membership information. // Add membership information.
AddMemebershipData(userGraphName, organization); _rdfStoreConnector.AddMemebershipData(userGraphName, organization);
} }
} }
...@@ -122,145 +115,6 @@ namespace Coscine.Api.STS.Controllers ...@@ -122,145 +115,6 @@ namespace Coscine.Api.STS.Controllers
return Redirect(UrlGenerator.ExtendReturnUrl(returnUrl, Request)); return Redirect(UrlGenerator.ExtendReturnUrl(returnUrl, Request));
} }
// Find the orgnization by the entityId or by the user identifier.
private string GetOrganization(string entityId, string identifier)
{
string organization = null;
if(entityId != null)
{
organization = GetOrgnizationWithEntityId(entityId);
}
if(organization != null)
{
return organization;
}
if (identifier != null)
{
return GetOrgnizationWithIdentifier(identifier);
}
return null;
}
// Creates graph if needed (silent disables the "error" for existing graph).
private static void EnsureGraph(string graphIri)
{
var commandString = new SparqlParameterizedString
{
CommandText = "CREATE SILENT GRAPH @graphIri"
};
commandString.SetUri("graphIri", new Uri(graphIri));
}
// Find organization by entityId.
private string GetOrgnizationWithEntityId(string entityId)
{
var commandString = new SparqlParameterizedString
{
CommandText = @"SELECT DISTINCT ?organization
WHERE
{
?organization org:identifier @entityId .
}"
};
commandString.Namespaces.AddNamespace("org", _orgPrefixUrl);
commandString.SetLiteral("entityId", entityId);
var resultSet = _rdfStoreConnector.QueryEndpoint.QueryWithResultSet(commandString.ToString());
if (resultSet.Count != 1)
{
return null;
}
return resultSet.First().Value("organization").ToString();
}
// Find organization by user identifier.
private string GetOrgnizationWithIdentifier(string identifier)
{
var commandString = new SparqlParameterizedString
{
CommandText = @"SELECT DISTINCT ?organization
WHERE
{
?organization org:hasUnit ?subOrganization .
?organization a org:FormalOrganization .
?nodeId org:organization ?subOrganization .
?nodeId org:member ?organizationMember .
?organizationMember foaf:openId @identifier .
}"
};
commandString.Namespaces.AddNamespace("foaf", _foafPrefixUrl);
commandString.Namespaces.AddNamespace("org", _orgPrefixUrl);
commandString.SetLiteral("identifier", identifier);
var resultSet = _rdfStoreConnector.QueryEndpoint.QueryWithResultSet(commandString.ToString());
if (resultSet.Count != 1)
{
return null;
}
return resultSet.First().Value("organization").ToString();
}
// Add the membership block to the user graph.
private void AddMemebershipData(string userGraph, string organization)
{
var commandString = new SparqlParameterizedString
{
CommandText = @"INSERT
{
GRAPH @userGraph
{
[
a org:Membership ;
org:member @member ;
org:organization @organization ;
]
}
}"
};
commandString.Namespaces.AddNamespace("org", _orgPrefixUrl);
commandString.SetUri("userGraph", new Uri(userGraph));
commandString.SetUri("member", new Uri(userGraph));
commandString.SetUri("organization", new Uri(organization));
_rdfStoreConnector.QueryEndpoint.QueryRaw(commandString.ToString());
}
// Remove the membership block to the user graph.
private void RemoveMembershipData(string userGraph, string organization)
{
var commandString = new SparqlParameterizedString
{
CommandText = @"DELETE
{
GRAPH @userGraph
{
?s ?p0 ?o0 .
}
}
USING @userGraph WHERE
{
?s ?p0 ?o0 .
?s a org:Membership .
?s org:member @member .
?s org:organization @organization .
}"
};
commandString.Namespaces.AddNamespace("org", _orgPrefixUrl);
commandString.SetUri("userGraph", new Uri(userGraph));
commandString.SetUri("member", new Uri(userGraph));
commandString.SetUri("organization", new Uri(organization));
_rdfStoreConnector.QueryEndpoint.QueryRaw(commandString.ToString());
}
/// <summary> /// <summary>
/// This method is the central route for logging into an identity provider. /// This method is the central route for logging into an identity provider.
/// On default, the user is redirected to the WAFY of the DFN-AAI. /// On default, the user is redirected to the WAFY of the DFN-AAI.
......
...@@ -20,7 +20,7 @@ ...@@ -20,7 +20,7 @@
<PackageReference Include="Coscine.Action" Version="2.*-*" /> <PackageReference Include="Coscine.Action" Version="2.*-*" />
<PackageReference Include="Coscine.ActiveDirectory" Version="2.*-*" /> <PackageReference Include="Coscine.ActiveDirectory" Version="2.*-*" />
<PackageReference Include="Coscine.ApiCommons" Version="2.*-*" /> <PackageReference Include="Coscine.ApiCommons" Version="2.*-*" />
<PackageReference Include="Coscine.Metadata" Version="2.0.0" /> <PackageReference Include="Coscine.Metadata" Version="2.1.0-topic-1425-fhpri0002" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.1.12" /> <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.1.12" />
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="3.1.12" /> <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="3.1.12" />
<PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="6.8.0" /> <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="6.8.0" />
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment