/
WebhookController.cs
68 lines (57 loc) · 2.43 KB
/
WebhookController.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
using System;
using System.Threading.Tasks;
using Duende.IdentityServer.Services;
using IdentityExpress.Identity;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using Rsk.Samples.IdentityServer.AdminUiIntegration.Models;
using Rsk.Samples.IdentityServer.AdminUiIntegration.Services;
namespace Rsk.Samples.IdentityServer.AdminUiIntegration.Controllers
{
[Route("[controller]")]
public class WebhookController : Controller
{
private readonly WebhookService webhookService;
private readonly ILogger<WebhookController> logger;
private readonly ISessionManagementService sessionManagementService;
public WebhookController(ILogger<WebhookController> logger, UserManager<IdentityExpressUser> userManager, ISessionManagementService sessionManagementService)
{
webhookService = new WebhookService(userManager);
this.logger = logger ?? throw new ArgumentNullException(nameof(logger));
this.sessionManagementService = sessionManagementService ?? throw new ArgumentNullException(nameof(sessionManagementService));
}
[Authorize("webhook")]
[HttpPost]
public async Task<IActionResult> ResetMfa([FromBody] WebhookModel dto)
{
if (string.IsNullOrEmpty(dto.Email))
{
logger.LogError("Cannot reset Mfa if email does not have value");
return BadRequest("Email cannot be null");
}
var result = await webhookService.SendResetMfaEmail(dto.Username, CreateMfaResetLink);
if (!result.Succeeded)
{
logger.LogError($"ResetMfa webhook failed: {result.ErrorMessage}");
return BadRequest(result.ErrorMessage);
}
return Ok();
}
[HttpDelete("deletesession/{id}")]
public async Task<IActionResult> DeleteServerSideSession([FromRoute] string id)
{
ArgumentNullException.ThrowIfNull(id);
await sessionManagementService.RemoveSessionsAsync(new RemoveSessionsContext
{
SessionId = id
});
return Ok();
}
private Uri CreateMfaResetLink(string subject)
{
return new Uri(Url.Action("", "", new { subject }, Request.Scheme));
}
}
}