Sends JWT auth token to Tableau and redirects to dashboard if successful

Author: kevwhitt-hee

DigitalLearningSolutions.Data/Extensions/ConfigurationExtensions.cs

@@ -54,7 +54,8 @@ public static class ConfigurationExtensions
         private const string TableauClientSecret = "ClientSecret";
         private const string TableauUsername = "Username";
         private const string TableauClientName = "ClientName";
-
+        private const string TableauSiteUrl = "SiteUrl";
+        private const string TableauDashboardUrl = "CompetencyDashboardUrl";
         public static string GetAppRootPath(this IConfiguration config)
         {
             return config[AppRootPathName]!;
@@ -185,7 +186,7 @@ public static int GetExportQueryRowLimit(this IConfiguration config)
         }
         public static int GetMaxBulkUploadRowsLimit(this IConfiguration config)
         {
-             int.TryParse(config[MaxBulkUploadRowsLimitKey],out int limitKey);
+            int.TryParse(config[MaxBulkUploadRowsLimitKey], out int limitKey);
             return limitKey;
         }
 
@@ -206,7 +207,7 @@ public static string GetLearningHubAuthenticationClientSecret(this IConfiguratio
 
         public static long GetFreshdeskCreateTicketGroupId(this IConfiguration config)
         {
-           long.TryParse(config[FreshdeskCreateTicketGroupId], out long ticketGroupId);
+            long.TryParse(config[FreshdeskCreateTicketGroupId], out long ticketGroupId);
             return ticketGroupId;
         }
         public static long GetFreshdeskCreateTicketProductId(this IConfiguration config)
@@ -239,5 +240,13 @@ public static string GetTableauUser(this IConfiguration config)
         {
             return config[$"{TableauSectionKey}:{TableauUsername}"]!;
         }
+        public static string GetTableauSiteUrl(this IConfiguration config)
+        {
+            return config[$"{TableauSectionKey}:{TableauSiteUrl}"]!;
+        }
+        public static string GetTableauDashboardUrl(this IConfiguration config)
+        {
+            return config[$"{TableauSectionKey}:{TableauDashboardUrl}"]!;
+        }
     }
 }

DigitalLearningSolutions.Web/Controllers/TrackingSystem/Centre/SelfAssessmentReports/SelfAssessmentReportsController.cs

@@ -12,6 +12,7 @@
     using DigitalLearningSolutions.Data.Utilities;
     using DigitalLearningSolutions.Web.ViewModels.TrackingSystem.Centre.Reports;
     using DigitalLearningSolutions.Web.Helpers.ExternalApis;
+    using System.Threading.Tasks;
 
     [FeatureGate(FeatureFlags.RefactoredTrackingSystem)]
     [Authorize(Policy = CustomPolicies.UserCentreAdmin)]
@@ -69,11 +70,12 @@ public IActionResult DownloadSelfAssessmentReport(int selfAssessmentId)
         }
         [HttpGet]
         [Route("LaunchTableauDashboards")]
-        public IActionResult LaunchTableauDashboards()
+        public async Task<IActionResult> LaunchTableauDashboards()
         {
             var userEmail = User.GetUserPrimaryEmail();
             var jwt = tableauConnectionHelper.GetTableauJwt(userEmail);
-            return RedirectToAction("Index");
+            var url = await tableauConnectionHelper.AuthenticateUserAsync(jwt);
+            return RedirectToPage(url);
         }
     }
 }

DigitalLearningSolutions.Web/Helpers/ExternalApis/TableauConnectionHelper.cs

@@ -8,55 +8,83 @@
     using System;
     using Microsoft.Extensions.Configuration;
     using DigitalLearningSolutions.Data.Extensions;
+    using DocumentFormat.OpenXml.Bibliography;
+    using Microsoft.FeatureManagement.FeatureFilters;
+    using System.Net.Http.Headers;
+    using System.Net.Http;
+    using System.Threading.Tasks;
 
     public interface ITableauConnectionHelperService
-        {
-         string GetTableauJwt(string email);
-        }
+    {
+        string GetTableauJwt(string email);
+        Task<string> AuthenticateUserAsync(string jwtToken);
+    }
     public class TableauConnectionHelper : ITableauConnectionHelperService
     {
-        private readonly string connectedAppClient;
+        private readonly string connectedAppClientName;
         private readonly string connectedAppSecretKey;
         private readonly string connectedAppClientId;
+        private readonly string tableauUrl;
+        private readonly string dashboardUrl;
         private readonly string user;
         public TableauConnectionHelper(IConfiguration config)
         {
-            connectedAppClient = config.GetTableauClientName();
+            connectedAppClientName = config.GetTableauClientName();
             connectedAppClientId = config.GetTableauClientId();
             connectedAppSecretKey = config.GetTableauClientSecret();
+            tableauUrl = config.GetTableauSiteUrl();
+            dashboardUrl = config.GetTableauDashboardUrl();
             user = config.GetTableauUser();
         }
         public string GetTableauJwt(string email)
         {
             var tokenHandler = new JwtSecurityTokenHandler();
-            var key = Encoding.ASCII.GetBytes(connectedAppSecretKey);
-
-            var tokenDescriptor = new SecurityTokenDescriptor
+            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(connectedAppSecretKey));
+            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+            var claims = new[]
             {
-                Issuer = connectedAppClientId,
-                Audience = "tableau",
-                Subject = new ClaimsIdentity(new[]
-                {
                 new Claim(JwtRegisteredClaimNames.Sub, user),
-                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
+                new Claim(JwtRegisteredClaimNames.Iss, connectedAppClientId),
                 new Claim("scp", "tableau:views:embed"),
-                new Claim("scp", "tableau:metrics:embed"),
-                new Claim("users.primaryemail", email)
-            }),
-                Expires = DateTime.UtcNow.AddMinutes(5),
-                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
-                Claims = new Dictionary<string, object>
-            {
-                { "kid", connectedAppClientId },
-                { "iss", connectedAppClient }
-            }
+                new Claim("users.primaryemail", email),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
+                new Claim(JwtRegisteredClaimNames.Exp,
+                new DateTimeOffset(DateTime.UtcNow.AddMinutes(20)).ToUnixTimeSeconds().ToString())
             };
 
-            var token = tokenHandler.CreateToken(tokenDescriptor);
-            var tokenString = tokenHandler.WriteToken(token);
+            var token = new JwtSecurityToken(
+                issuer: connectedAppClientId,
+                audience: "tableau",
+                claims: claims,
+                expires: DateTime.UtcNow.AddMinutes(20),
+                signingCredentials: credentials);
 
-            return tokenString;
+            return new JwtSecurityTokenHandler().WriteToken(token);
         }
 
+        public async Task<string> AuthenticateUserAsync(string jwtToken)
+        {
+            using (var client = new HttpClient())
+            {
+                client.BaseAddress = new Uri(tableauUrl);
+                client.DefaultRequestHeaders.Accept.Clear();
+                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+
+                var requestContent = new StringContent($"{{ \"token\": \"{jwtToken}\" }}", Encoding.UTF8, "application/json");
+
+                HttpResponseMessage response = await client.PostAsync("/api/3.8/auth/signin", requestContent); // Adjust API version as needed
+
+                if (response.IsSuccessStatusCode)
+                {
+                    string responseBody = await response.Content.ReadAsStringAsync();
+                    // Process the response body if needed
+                    return dashboardUrl; // Return the response for further processing
+                }
+                else
+                {
+                    throw new Exception("Failed to authenticate with Tableau Server: " + response.ReasonPhrase);
+                }
+            }
+        }
     }
 }

DigitalLearningSolutions.Web/Views/TrackingSystem/Centre/SelfAssessmentReports/Index.cshtml

@@ -43,7 +43,7 @@
         </ul>
         @if (Model.SelfAssessmentSelects.Any())
             {
-            <a asp-controller="SelfAssessmentReports" asp-action="LaunchTableau">@($"View Tableau Competency Dashboards")</a>
+            <a asp-controller="SelfAssessmentReports" asp-action="LaunchTableauDashboards">@($"View Tableau Competency Dashboards")</a>
             }
 
     </div>