btcpayserver/BTCPayServer/Controllers/RestApi/TestController.cs

using System.Threading.Tasks;
using BTCPayServer.Data;
using BTCPayServer.Models;
using BTCPayServer.Security;
using BTCPayServer.Services.Stores;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using OpenIddict.Validation.AspNetCore;

namespace BTCPayServer.Controllers.RestApi
{
    /// <summary>
    /// this controller serves as a testing endpoint for our OpenId unit tests
    /// </summary>
    [Route("api/[controller]")]
    [ApiController]
    [Authorize(AuthenticationSchemes = AuthenticationSchemes.OpenId)]
    public class TestController : ControllerBase
    {
        private readonly UserManager<ApplicationUser> _userManager;
        private readonly StoreRepository _storeRepository;

        public TestController(UserManager<ApplicationUser> userManager, StoreRepository storeRepository)
        {
            _userManager = userManager;
            _storeRepository = storeRepository;
        }

        [HttpGet("me/id")]
        public string GetCurrentUserId()
        {
            return _userManager.GetUserId(User);
        }

        [HttpGet("me")]
        public async Task<ApplicationUser> GetCurrentUser()
        {
            return await _userManager.GetUserAsync(User);
        }

        [HttpGet("me/is-admin")]
        [Authorize(Policy = Policies.CanModifyServerSettings.Key, AuthenticationSchemes = AuthenticationSchemes.OpenId)]
        public bool AmIAnAdmin()
        {
            return true;
        }

        [HttpGet("me/stores")]
        [Authorize(Policy = Policies.CanModifyStoreSettings.Key,
            AuthenticationSchemes = AuthenticationSchemes.OpenId)]
        public async Task<StoreData[]> GetCurrentUserStores()
        {
            return await _storeRepository.GetStoresByUserId(_userManager.GetUserId(User));
        }


        [HttpGet("me/stores/{storeId}/can-edit")]
        [Authorize(Policy = Policies.CanModifyStoreSettings.Key,
            AuthenticationSchemes = AuthenticationSchemes.OpenId)]
        public bool CanEdit(string storeId)
        {
            return true;
        }
    }
}
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`using System.Threading.Tasks;`
			`using BTCPayServer.Data;`
			`using BTCPayServer.Models;`
			`using BTCPayServer.Security;`
			`using BTCPayServer.Services.Stores;`
			`using Microsoft.AspNetCore.Authorization;`
			`using Microsoft.AspNetCore.Identity;`
			`using Microsoft.AspNetCore.Mvc;`
Update to OpenIddict3.0 2019-10-08 15:21:30 +09:00			`using OpenIddict.Validation.AspNetCore;`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00
			`namespace BTCPayServer.Controllers.RestApi`
			`{`
			`/// <summary>`
			`/// this controller serves as a testing endpoint for our OpenId unit tests`
			`/// </summary>`
			`[Route("api/[controller]")]`
			`[ApiController]`
Refactor authorizations 2019-10-12 20:35:30 +09:00			`[Authorize(AuthenticationSchemes = AuthenticationSchemes.OpenId)]`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`public class TestController : ControllerBase`
			`{`
			`private readonly UserManager<ApplicationUser> _userManager;`
			`private readonly StoreRepository _storeRepository;`

			`public TestController(UserManager<ApplicationUser> userManager, StoreRepository storeRepository)`
			`{`
			`_userManager = userManager;`
			`_storeRepository = storeRepository;`
			`}`

			`[HttpGet("me/id")]`
			`public string GetCurrentUserId()`
			`{`
			`return _userManager.GetUserId(User);`
			`}`

			`[HttpGet("me")]`
			`public async Task<ApplicationUser> GetCurrentUser()`
			`{`
			`return await _userManager.GetUserAsync(User);`
			`}`

			`[HttpGet("me/is-admin")]`
Refactor authorizations 2019-10-12 20:35:30 +09:00			`[Authorize(Policy = Policies.CanModifyServerSettings.Key, AuthenticationSchemes = AuthenticationSchemes.OpenId)]`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`public bool AmIAnAdmin()`
Authorize granular permissions (#1057) * granular scope permissions for api * final fixes and styling * prettify code * fix missing policy 2019-09-29 09:23:31 +02:00			`{`
Refactor authorizations 2019-10-12 20:35:30 +09:00			`return true;`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`}`
Authorize granular permissions (#1057) * granular scope permissions for api * final fixes and styling * prettify code * fix missing policy 2019-09-29 09:23:31 +02:00
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`[HttpGet("me/stores")]`
Remove unused scope, assert policy on store listing 2019-10-18 23:42:06 +09:00			`[Authorize(Policy = Policies.CanModifyStoreSettings.Key,`
			`AuthenticationSchemes = AuthenticationSchemes.OpenId)]`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`public async Task<StoreData[]> GetCurrentUserStores()`
			`{`
			`return await _storeRepository.GetStoresByUserId(_userManager.GetUserId(User));`
			`}`


			`[HttpGet("me/stores/{storeId}/can-edit")]`
Refactor authorizations 2019-10-12 20:35:30 +09:00			`[Authorize(Policy = Policies.CanModifyStoreSettings.Key,`
			`AuthenticationSchemes = AuthenticationSchemes.OpenId)]`
Part3: OpenIddict: Add Flows Event Handlers (#568) * Part 1 & Part 2 squashed commits pr changes pr fixes remove config for openid -- no need for it for now Part 1: OpenIddict - Minor Changes & Config prep Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies pr changes fix merge fix compile fix compile #2 Part 1: OpenIddict - Minor Changes & Config prep add missing nuget Part2: Openiddict: Init OpenIddict & Database Migration & Auth Policies * Part3: OpenIddict: Add Flows Event Handlers * pr changes * fix merge * fix rebase * fix imports * cleanup * do not allow u2f enabled accounts to log in * start better tests for flows * add tests * fixes * reintroduce dynamic policy as policies on jwt do not work without it * reduce logs * fix incorrect endpoint definitions * Add implicit flow e2e test * add code flow and refresh flow * do not allow jwt bearer auth for all requests( only those under /api) * remove commentedt code * make sure authorize attr is marked with scheme * remove dynamic policy and set claims in jwt handler * cleanup * change serversettings policy to not need a claim * Add test to checkadmin verification * revert server setting claim removal * fix test * switch back to claim * unit test fixes * try fix build with weird references to csprojes * start fixing rebase * remove https requirement to handle tor * reformat tests correctly * fix csproj * fix ut formatting * PR Changes * do not show selenium browser 2019-07-01 05:39:25 +02:00			`public bool CanEdit(string storeId)`
			`{`
			`return true;`
			`}`
			`}`
			`}`