Finalized api keys

Author: gauffininteractive

src/Server/OneTrueError.Api.Client/OneTrueClient.cs

@@ -12,32 +12,25 @@ namespace OneTrueError.Api.Client
     /// <summary>
     ///     Client for the OneTrueError server API
     /// </summary>
-    public class OneTrueClient : IQueryBus, ICommandBus, IEventBus
+    public class OneTrueApiClient : IQueryBus, ICommandBus, IEventBus
     {
-        private readonly string _apiKey;
+        private string _apiKey;
 
         private readonly JsonSerializerSettings _jsonSerializerSettings = new JsonSerializerSettings
         {
             ConstructorHandling = ConstructorHandling.AllowNonPublicDefaultConstructor,
             Formatting = Formatting.Indented
         };
 
-        private readonly string _sharedSecret;
+        private string _sharedSecret;
         private Uri _uri;
 
 
         /// <summary>
-        ///     Creates a new instance of <see cref="OneTrueClient" />.
+        ///     Creates a new instance of <see cref="OneTrueApiClient" />.
         /// </summary>
-        /// <param name="apiKey">Api key from the admin area in OneTrueError web</param>
-        /// <param name="sharedSecret">Shared secret from the admin area in OneTrueError web</param>
-        public OneTrueClient(string apiKey, string sharedSecret)
-        {
-            if (apiKey == null) throw new ArgumentNullException(nameof(apiKey));
-            if (sharedSecret == null) throw new ArgumentNullException(nameof(sharedSecret));
+        public OneTrueApiClient() { 
 
-            _apiKey = apiKey;
-            _sharedSecret = sharedSecret;
             _jsonSerializerSettings.ContractResolver = new IncludeNonPublicMembersContractResolver();
         }
 
@@ -84,17 +77,23 @@ public async Task<TResult> QueryAsync<TResult>(Query<TResult> query)
         ///     Open a channel
         /// </summary>
         /// <param name="uri">Root URL to the OneTrueError web</param>
-        public void Open(Uri uri)
+        /// <param name="apiKey">Api key from the admin area in OneTrueError web</param>
+        /// <param name="sharedSecret">Shared secret from the admin area in OneTrueError web</param>
+        public void Open(Uri uri, string apiKey, string sharedSecret)
         {
+            if (apiKey == null) throw new ArgumentNullException(nameof(apiKey));
+            if (sharedSecret == null) throw new ArgumentNullException(nameof(sharedSecret));
             if (uri == null) throw new ArgumentNullException(nameof(uri));
 
+            _apiKey = apiKey;
+            _sharedSecret = sharedSecret;
             _uri = uri;
         }
 
         private async Task<TResult> DeserializeResponse<TResult>(HttpWebResponse response)
         {
             var responseStream = response.GetResponseStream();
-            var jsonBuf = new byte[responseStream.Length];
+            var jsonBuf = new byte[response.ContentLength];
             await responseStream.ReadAsync(jsonBuf, 0, jsonBuf.Length);
             var jsonStr = Encoding.UTF8.GetString(jsonBuf);
             var responseObj = JsonConvert.DeserializeObject(jsonStr, typeof(TResult), _jsonSerializerSettings);

src/Server/OneTrueError.Api.Client/OneTrueError.Api.Client.csproj

@@ -1,62 +1,63 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
-  <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{017F8863-3DE0-4AD2-9ED3-5ACB87BBBCD0}</ProjectGuid>
-    <OutputType>Library</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
-    <RootNamespace>OneTrueError.Api.Client</RootNamespace>
-    <AssemblyName>OneTrueError.Api.Client</AssemblyName>
-    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <ItemGroup>
-    <Reference Include="DotNetCqs, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
-      <HintPath>..\packages\DotNetCqs.1.0.0\lib\net45\DotNetCqs.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
-      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
-      <Private>True</Private>
-    </Reference>
-    <Reference Include="System" />
-    <Reference Include="System.Core" />
-    <Reference Include="Microsoft.CSharp" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="Json\IncludeNonPublicMembersContractResolver.cs" />
-    <Compile Include="OneTrueClient.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="StringBuilderExtensions.cs" />
-  </ItemGroup>
-  <ItemGroup>
-    <None Include="packages.config" />
-  </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{017F8863-3DE0-4AD2-9ED3-5ACB87BBBCD0}</ProjectGuid>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>OneTrueError.Api.Client</RootNamespace>
+    <AssemblyName>OneTrueError.Api.Client</AssemblyName>
+    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+    <DocumentationFile>bin\Release\OneTrueError.Api.Client.XML</DocumentationFile>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="DotNetCqs, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <HintPath>..\packages\DotNetCqs.1.0.0\lib\net45\DotNetCqs.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="Microsoft.CSharp" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Json\IncludeNonPublicMembersContractResolver.cs" />
+    <Compile Include="OneTrueClient.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="StringBuilderExtensions.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="packages.config" />
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
   </Target>
   <Target Name="AfterBuild">
   </Target>
-  -->
+  -->
 </Project>

src/Server/OneTrueError.Api/AuthorizeAttribute.cs

@@ -2,15 +2,25 @@
 
 namespace OneTrueError.Api
 {
+    /// <summary>
+    ///     Authorize on specific roles.
+    /// </summary>
     [AttributeUsage(AttributeTargets.Class)]
-    public class AuthorizeAttribute : Attribute
+    public class AuthorizeRolesAttribute : Attribute
     {
-        public AuthorizeAttribute(params string[] roles)
+        /// <summary>
+        ///     Creates a new instance of <see cref="AuthorizeRolesAttribute" />.
+        /// </summary>
+        /// <param name="roles">roles granted access</param>
+        public AuthorizeRolesAttribute(params string[] roles)
         {
             if (roles == null) throw new ArgumentNullException("roles");
             Roles = roles;
         }
 
-        public string[] Roles { get; set; }
+        /// <summary>
+        ///     Roles granted access
+        /// </summary>
+        public string[] Roles { get; private set; }
     }
 }

src/Server/OneTrueError.Api/Core/ApiKeys/Commands/CreateApiKey.cs

@@ -6,7 +6,7 @@ namespace OneTrueError.Api.Core.ApiKeys.Commands
     /// <summary>
     /// Create a new api key
     /// </summary>
-    [Authorize("SysAdmin")]
+    [AuthorizeRoles("SysAdmin")]
     public class CreateApiKey : Command
     {
         /// <summary>

src/Server/OneTrueError.Api/Core/ApiKeys/ReadMe.md

@@ -0,0 +1,32 @@
+ApiKeys
+========
+
+Used to allow external applications to talk with OneTrueError.
+
+
+## Example usage
+
+The following example calls a local OneTrueError server to retreive applications.
+
+```csharp
+var client = new OneTrueApiClient();
+var uri = new Uri("http://yourServer/onetrueerror/");
+client.Open(uri, "theApiKey", "sharedSecret");
+var apps = await client.QueryAsync(new GetApplicationList());
+```
+
+Result (serialized as JSON):
+
+```javascript
+[{
+		"Id" : 1,
+		"Name" : "PublicWeb"
+	}, {
+		"Id" : 9,
+		"Name" : "Time reporting system"
+	}, {
+		"Id" : 10,
+		"Name" : "Coffee monitor"
+	}
+]
+```

src/Server/OneTrueError.Api/OneTrueError.Api.csproj

@@ -213,6 +213,7 @@
   <ItemGroup />
   <ItemGroup>
     <None Include="Core\Accounts\ReadMe.md" />
+    <None Include="Core\ApiKeys\ReadMe.md" />
     <None Include="Core\Applications\ReadMe.md" />
     <None Include="Core\Feedback\ReadMe.md" />
     <None Include="Core\Incidents\ReadMe.md" />

src/Server/OneTrueError.App/OneTrueIdentity.cs

@@ -11,19 +11,19 @@ public class OneTrueIdentity : IIdentity
         /// <summary>
         ///     Creates a new instance of <see cref="OneTrueIdentity" />.
         /// </summary>
-        /// <param name="accountId">Account id</param>
+        /// <param name="accountId">0 = system or api key; otherwise an user account id</param>
         /// <param name="userName">User name</param>
         public OneTrueIdentity(int accountId, string userName)
         {
             if (userName == null) throw new ArgumentNullException("userName");
-            if (accountId <= 0) throw new ArgumentOutOfRangeException("accountId");
+            if (accountId < 0) throw new ArgumentOutOfRangeException("accountId");
 
             AccountId = accountId;
             Name = userName;
         }
 
         /// <summary>
-        ///     Account id
+        ///     0 = system or api key; otherwise an user account id
         /// </summary>
         public int AccountId { get; private set; }
 

src/Server/OneTrueError.App/OneTruePrincipal.cs

@@ -15,15 +15,15 @@ public class OneTruePrincipal : IPrincipal
         /// <summary>
         ///     Creates a new instance of <see cref="OneTruePrincipal" />.
         /// </summary>
-        /// <param name="accountId"></param>
+        /// <param name="accountId">0 = system or api key; otherwise an user account id</param>
         /// <param name="userName">Logged in user or <c>"system"</c></param>
         /// <param name="roles"></param>
         /// <exception cref="ArgumentNullException">userName</exception>
         public OneTruePrincipal(int accountId, string userName, string[] roles)
         {
             if (userName == null) throw new ArgumentNullException("userName");
             if (roles == null) throw new ArgumentNullException("roles");
-            if (accountId <= 0) throw new ArgumentOutOfRangeException("accountId");
+            if (accountId < 0) throw new ArgumentOutOfRangeException("accountId");
 
             Identity = new OneTrueIdentity(accountId, userName);
             _roles = roles;

src/Server/OneTrueError.SqlServer.Tests/Core/ApiKeys/Commands/DeleteApiKeyHandlerTests.cs

@@ -47,23 +47,23 @@ private void GetApplicationId()
             if (id is DBNull)
             {
                 repos.CreateAsync(new Application(10, "AppTen")).Wait();
-                _applicationId = (int) _uow.ExecuteScalar("SELECT TOP 1 Id FROM Applications");
+                _applicationId = (int)_uow.ExecuteScalar("SELECT TOP 1 Id FROM Applications");
             }
             else
-                _applicationId = (int) id;
+                _applicationId = (int)id;
 
 
         }
 
         [Fact]
         public async Task should_be_able_to_delete_key_by_id()
         {
-            var cmd  =new DeleteApiKey(_existingEntity.Id);
+            var cmd = new DeleteApiKey(_existingEntity.Id);
 
             var sut = new DeleteApiKeyHandler(_uow);
             await sut.ExecuteAsync(cmd);
 
-            var count = _uow.ExecuteScalar("SELECT cast(count(*) as int) FROM ApiKeys WHERE Id = @1", _existingEntity.Id);
+            var count = _uow.ExecuteScalar("SELECT cast(count(*) as int) FROM ApiKeys WHERE Id = @id", new { id = _existingEntity.Id });
             count.Should().Be(0);
         }
 
@@ -75,7 +75,7 @@ public async Task should_be_able_to_delete_key_by_ApiKey()
             var sut = new DeleteApiKeyHandler(_uow);
             await sut.ExecuteAsync(cmd);
 
-            var count = _uow.ExecuteScalar("SELECT cast(count(*) as int) FROM ApiKeys WHERE Id = @1", _existingEntity.Id);
+            var count = _uow.ExecuteScalar("SELECT cast(count(*) as int) FROM ApiKeys WHERE Id = @id", new { id = _existingEntity.Id });
             count.Should().Be(0);
         }
 

src/Server/OneTrueError.SqlServer/Core/ApiKeys/Commands/DeleteApiKeyHandler.cs

@@ -20,12 +20,21 @@ public DeleteApiKeyHandler(IAdoNetUnitOfWork unitOfWork)
             _unitOfWork = unitOfWork;
         }
 
-        public async Task ExecuteAsync(DeleteApiKey command)
+        public Task ExecuteAsync(DeleteApiKey command)
         {
-            if (string.IsNullOrEmpty(command.ApiKey))
-                await _unitOfWork.DeleteAsync<ApiKey>(command.Id);
+            int id;
+            if (!string.IsNullOrEmpty(command.ApiKey))
+            {
+                id = (int) _unitOfWork.ExecuteScalar("SELECT Id FROM ApiKeys WHERE GeneratedKey = @key", new { key=command.ApiKey});
+            }
             else
-                await _unitOfWork.DeleteAsync<ApiKey>(new {GeneratedKey = command.ApiKey});
+            {
+                id = command.Id;
+            }
+
+            _unitOfWork.ExecuteNonQuery("DELETE FROM [ApiKeyApplications] WHERE ApiKeyId = @id", new {id});
+            _unitOfWork.ExecuteNonQuery("DELETE FROM [ApiKeys] WHERE Id = @id", new { id });
+            return Task.FromResult<object>(null);
         }
     }
 }