brunobritodev
diff --git a/‎README.md‎
Lines changed: 11 additions & 0 deletions b/‎README.md‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/Backend/Jp.UserManagement/jpProject_sso_log.txt‎
Lines changed: 22 additions & 0 deletions b/‎src/Backend/Jp.UserManagement/jpProject_sso_log.txt‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/app.component.ts‎
Lines changed: 4 additions & 1 deletion b/‎src/Frontend/Jp.AdminUI/src/app/app.component.ts‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/core/auth/auth.config.ts‎
Lines changed: 1 addition & 0 deletions b/‎src/Frontend/Jp.AdminUI/src/app/core/auth/auth.config.ts‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/core/interceptors/auth.interceptor.ts‎
Lines changed: 83 additions & 8 deletions b/‎src/Frontend/Jp.AdminUI/src/app/core/interceptors/auth.interceptor.ts‎
Lines changed: 83 additions & 8 deletions
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/api-resource.service.ts‎
Lines changed: 5 additions & 3 deletions b/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/api-resource.service.ts‎
Lines changed: 5 additions & 3 deletions
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/secrets/api-secrets.component.html‎
Lines changed: 1 addition & 1 deletion b/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/secrets/api-secrets.component.html‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/secrets/api-secrets.component.ts‎
Lines changed: 1 addition & 1 deletion b/‎src/Frontend/Jp.AdminUI/src/app/panel/api-resources/secrets/api-secrets.component.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/panel/clients/clients.service.ts‎
Lines changed: 1 addition & 1 deletion b/‎src/Frontend/Jp.AdminUI/src/app/panel/clients/clients.service.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Frontend/Jp.AdminUI/src/app/panel/clients/secrets/secrets.component.html‎
Lines changed: 1 addition & 1 deletion b/‎src/Frontend/Jp.AdminUI/src/app/panel/clients/secrets/secrets.component.html‎
Lines changed: 1 addition & 1 deletion
@@ -89,6 +89,17 @@ We'll love it! Please [Read the docs](https://jp-project.readthedocs.io/en/lates
 If you need help building or running your Jp Project platform
 There are several ways we can help you out.
 
+## v1.1
+- Minor bugs correction
+- Added localization feature to SSO
+- Added translation feature to User Management
+- Silent refresh for angular-oauth2-oidc both for User Management and Admin
+- Changed Security Headers to accept Azure Application Insights
+ 
+
+## v1.0
+* First release
+
 # What comes next?
 
 Code coverage
 
@@ -60761,3 +60761,25 @@ WHERE `s.Client`.`ClientId` = @__clientId_0
 2018-10-26 13:57:09.236 -03:00 [INF] Executing ObjectResult, writing value of type 'Jp.Infra.CrossCutting.Tools.Model.DefaultResponse`1[[System.Collections.Generic.IEnumerable`1[[Jp.Application.ViewModels.SecretViewModel, Jp.Application, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]], System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]'.
 2018-10-26 13:57:09.242 -03:00 [INF] Executed action Jp.Management.Controllers.ClientsController.Secrets (Jp.Management) in 55.4131ms
 2018-10-26 13:57:09.248 -03:00 [INF] Request finished in 92.4888ms 200 application/json; charset=utf-8
+2018-12-27 14:13:18.682 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 14:13:19.981 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 15:24:04.070 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 15:24:06.355 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 16:09:22.837 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 16:09:24.280 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 16:43:56.856 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 16:43:58.117 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 16:46:28.770 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 16:46:29.882 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 16:56:06.556 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 16:56:07.667 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 17:00:56.720 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 17:00:57.838 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 17:06:27.089 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 17:06:28.265 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 17:10:29.892 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 17:10:31.022 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 17:14:12.394 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 17:14:13.548 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
+2018-12-27 18:46:16.995 -02:00 [INF] Authority URI: https://localhost:5000
+2018-12-27 18:46:18.413 -02:00 [INF] User profile is available. Using 'C:\Users\bruno.brito\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
@@ -36,11 +36,14 @@ export class AppComponent implements OnInit {
         this.oauthService.configure(authConfig);
         this.oauthService.setStorage(localStorage);
         this.oauthService.tokenValidationHandler = new JwksValidationHandler();
+        
 
         this.settings.loadDiscoveryDocumentAndTryLogin().pipe(tap(doc => {
             if (!environment.production)
                 console.log(doc);
-        })).subscribe();
+        })).subscribe(a => {
+            this.oauthService.setupAutomaticSilentRefresh();
+        });
         // this.oauthService.loadDiscoveryDocument().then(doc => {
         //     if (!environment.production)
         //     console.log(doc);
 
@@ -6,6 +6,7 @@ export const authConfig: AuthConfig = {
     clientId: "IS4-Admin",
     postLogoutRedirectUri: environment.Uri,
     redirectUri: environment.Uri + "/login-callback",
+    silentRefreshRedirectUri: environment.Uri + '/silent-refresh.html',
     scope: "openid profile email jp_api.is4",
     oidc: true,
 };
@@ -1,17 +1,22 @@
 import { Injectable } from '@angular/core';
 import { OAuthService } from 'angular-oauth2-oidc';
-import { HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http';
+import { HttpEvent, HttpHandler, HttpInterceptor, HttpRequest, HttpErrorResponse } from '@angular/common/http';
 import { Observable } from 'rxjs/Observable';
 import { Router } from '@angular/router';
 import { environment } from '@env/environment';
+import { BehaviorSubject, of, from } from 'rxjs';
+import { switchMap, catchError, take } from 'rxjs/operators';
+import { SettingsService } from '@core/settings/settings.service';
 
 @Injectable()
 export class AuthInterceptor implements HttpInterceptor {
     private baseUrl: string;
+    isRefreshingToken: boolean = false;
+    tokenSubject: BehaviorSubject<boolean> = new BehaviorSubject<boolean>(null);
 
     constructor(
         private authStorage: OAuthService,
-        private router: Router) {
+        public settingsService: SettingsService) {
         this.baseUrl = environment.ResourceServer;
     }
 
@@ -24,16 +29,86 @@ export class AuthInterceptor implements HttpInterceptor {
 
         if (url.startsWith(this.baseUrl.toLowerCase())) {
 
-            const token = this.authStorage.getAccessToken();
-            const header = 'Bearer ' + token;
+            return next.handle(this.addToken(req, this.authStorage.getAccessToken())).do((event: HttpEvent<any>) => { }, (error: any) => {
+                if (error instanceof HttpErrorResponse) {
+                    switch ((<HttpErrorResponse>error).status) {
+                        case 400:
+                            return this.handle400Error(error);
+                        case 401:
+                            {
+                                this.settingsService.login();
+                                return Observable.throw(error);
+                            }
+                    }
+                } else {
+                    return Observable.throw(error);
+                }
+            });
+        }
 
-            const headers = req.headers
-                .set('Authorization', header);
+        return next.handle(req);
+    }
 
-            req = req.clone({ headers });
+    private handle400Error(error) {
+        if (error && error.status === 400 && error.error && error.error.error === 'invalid_grant') {
+            // If we get a 400 and the error message is 'invalid_grant', the token is no longer valid so logout.
+            this.authStorage.logOut();
+            this.settingsService.login();
         }
 
-        return next.handle(req);
+        return Observable.throw(error);
+    }
+
+    // In case of silentRefresh()
+    private handle401Error(req: HttpRequest<any>, next: HttpHandler) {
+        if (!this.isRefreshingToken) {
+            this.isRefreshingToken = true;
+
+            // Reset here so that the following requests wait until the token
+            // comes back from the refreshToken call.
+            this.tokenSubject.next(null);
+
+            from(this.authStorage.silentRefresh())
+                .pipe(switchMap(a => {
+                    this.tokenSubject.next(true);
+                    return next.handle(this.addToken(req, this.authStorage.getAccessToken()));
+                }))
+                .do((event: HttpEvent<any>) => { }, (err: any) => {
+                    if (err instanceof HttpErrorResponse) {
+                        // do error handling here
+                        this.settingsService.login();
+                    }
+                });
+        } else {
+            return this.tokenSubject
+                .filter(token => token != null)
+                .pipe(take(1))
+                .pipe(switchMap(token => {
+                    return next.handle(this.addToken(req, this.authStorage.getAccessToken()));
+                }));
+        }
+    }
+
+    /*
+        This method is only here so the example works.
+        Do not include in your code, just use 'req' instead of 'this.getNewRequest(req)'.
+    */
+    getNewRequest(req: HttpRequest<any>): HttpRequest<any> {
+        if (req.url.indexOf('getData') > 0) {
+            return new HttpRequest('GET', 'http://private-4002d-testerrorresponses.apiary-mock.com/getData');
+        }
+
+        return new HttpRequest('GET', 'http://private-4002d-testerrorresponses.apiary-mock.com/getLookup');
+    }
+
+    logoutUser() {
+        // Route to the login page (implementation up to you)
+
+        return Observable.throw("");
+    }
+
+    addToken(req: HttpRequest<any>, token: string): HttpRequest<any> {
+        return req.clone({ setHeaders: { Authorization: 'Bearer ' + token } });
     }
 
     private shouldIgnore(url: string): boolean {
 
@@ -9,7 +9,7 @@ import { Scope } from "@shared/viewModel/scope.model";
 
 @Injectable()
 export class ApiResourceService {
-   
+
     constructor(private http: HttpClient) {
     }
 
@@ -32,14 +32,14 @@ export class ApiResourceService {
     }
 
     public update(model: ApiResource): Observable<DefaultResponse<boolean>> {
-        return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/update", model);
+        return this.http.put<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/update", model);
     }
 
     public remove(name: string): any {
         const removeCommand = {
             name: name
         };
-        return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/remove", removeCommand);
+        return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/remove", { params: removeCommand });
     }
 
 
@@ -51,7 +51,9 @@ export class ApiResourceService {
         };
         return this.http.get<DefaultResponse<ApiResourceSecret[]>>(environment.ResourceServer + "ApiResource/secrets", options);
     }
+
     public removeSecret(resourceName: string, id: number): Observable<DefaultResponse<boolean>> {
+        
         const removeCommand = {
             id: id,
             resourceName: resourceName
 
@@ -37,7 +37,7 @@ <h3>{{ resourceName }}</h3>
                 <tr *ngFor="let secret of apiSecrets">
                     <td><button class="btn btn-danger btn-xs" (click)="remove(secret.id)"><i class="fa fa-times"></i></button></td>
                     <td>{{secret.value}}</td>
-                    <th>{{ secret.type }}</th>
+                    <td>{{secret.type}}</td>
                     <td>{{secret.expiration}}</td>
                     <td>{{secret.description}}</td>
                 </tr>
 
@@ -48,7 +48,7 @@ export class ApiResourceSecretsComponent implements OnInit {
         this.model = new ApiResourceSecret();
         this.showButtonLoading = false;
         this.hashTypes = [{ id: 0, text: "Sha256" }, { id: 1, text: "Sha512" }];
-        this.secretTypes = [{ id: 'SharedSecret', text: "Shared Secret" }, { id: "X509Thumbprint", text: "X509 Thumbprint" }, { id: "X509Name", text: "X509 Name" }, { id: "X509CertificateBase64", text: "X509 Certificate Base64" }];
+        this.secretTypes = [{ id: 'SharedSecret', text: "Shared Secret" }, { id: 'X509Thumbprint', text: "X509 Thumbprint" }, { id: 'X509Name', text: "X509 Name" }, { id: 'X509CertificateBase64', text: "X509 Certificate Base64" }];
     }
 
     public showSuccessMessage() {
 
@@ -33,7 +33,7 @@ export class ClientService {
     }
 
     public update(model: Client): Observable<DefaultResponse<boolean>> {
-        return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "clients/update", model);
+        return this.http.put<DefaultResponse<boolean>>(environment.ResourceServer + "clients/update", model);
     }
 
     public remove(clientId: string): any {
 
@@ -37,7 +37,7 @@ <h3>{{ client }}</h3>
                 <tr *ngFor="let secret of clientSecrets">
                     <td><button class="btn btn-danger btn-xs" (click)="remove(secret.id)"><i class="fa fa-times"></i></button></td>
                     <td>{{secret.value}}</td>
-                    <th>{{ secret.type }}</th>
+                    <td>{{secret.type}}</td>
                     <td>{{secret.expiration}}</td>
                     <td>{{secret.description}}</td>
                 </tr>
Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ import { Scope } from "@shared/viewModel/scope.model";`
`9`	`9`
`10`	`10`	`@Injectable()`
`11`	`11`	`export class ApiResourceService {`
`12`		`-`
	`12`	`+`
`13`	`13`	`constructor(private http: HttpClient) {`
`14`	`14`	`}`
`15`	`15`
`@@ -32,14 +32,14 @@ export class ApiResourceService {`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`public update(model: ApiResource): Observable<DefaultResponse<boolean>> {`
`35`		`- return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/update", model);`
	`35`	`+ return this.http.put<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/update", model);`
`36`	`36`	`}`
`37`	`37`
`38`	`38`	`public remove(name: string): any {`
`39`	`39`	`const removeCommand = {`
`40`	`40`	`name: name`
`41`	`41`	`};`
`42`		`- return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/remove", removeCommand);`
	`42`	`+ return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "ApiResource/remove", { params: removeCommand });`
`43`	`43`	`}`
`44`	`44`
`45`	`45`
`@@ -51,7 +51,9 @@ export class ApiResourceService {`
`51`	`51`	`};`
`52`	`52`	`return this.http.get<DefaultResponse<ApiResourceSecret[]>>(environment.ResourceServer + "ApiResource/secrets", options);`
`53`	`53`	`}`
	`54`	`+`
`54`	`55`	`public removeSecret(resourceName: string, id: number): Observable<DefaultResponse<boolean>> {`
	`56`	`+`
`55`	`57`	`const removeCommand = {`
`56`	`58`	`id: id,`
`57`	`59`	`resourceName: resourceName`
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ export class ApiResourceSecretsComponent implements OnInit {`
`48`	`48`	`this.model = new ApiResourceSecret();`
`49`	`49`	`this.showButtonLoading = false;`
`50`	`50`	`this.hashTypes = [{ id: 0, text: "Sha256" }, { id: 1, text: "Sha512" }];`
`51`		`- this.secretTypes = [{ id: 'SharedSecret', text: "Shared Secret" }, { id: "X509Thumbprint", text: "X509 Thumbprint" }, { id: "X509Name", text: "X509 Name" }, { id: "X509CertificateBase64", text: "X509 Certificate Base64" }];`
	`51`	`+ this.secretTypes = [{ id: 'SharedSecret', text: "Shared Secret" }, { id: 'X509Thumbprint', text: "X509 Thumbprint" }, { id: 'X509Name', text: "X509 Name" }, { id: 'X509CertificateBase64', text: "X509 Certificate Base64" }];`
`52`	`52`	`}`
`53`	`53`
`54`	`54`	`public showSuccessMessage() {`
Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ export class ClientService {`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`public update(model: Client): Observable<DefaultResponse<boolean>> {`
`36`		`- return this.http.post<DefaultResponse<boolean>>(environment.ResourceServer + "clients/update", model);`
	`36`	`+ return this.http.put<DefaultResponse<boolean>>(environment.ResourceServer + "clients/update", model);`
`37`	`37`	`}`
`38`	`38`
`39`	`39`	`public remove(clientId: string): any {`