Validate users outside organisation; HTTP revoke action update.

Author: acoumb

src/Umbraco.Cms.Integrations.Crm.Dynamics/App_Plugins/UmbracoCms.Integrations/Crm/Dynamics/js/configuration.controller.js

@@ -11,6 +11,9 @@
 
             if (typeof $scope.connected === "function")
                 $scope.connected();
+        } else if (response.message.length > 0) {
+            if (typeof $scope.connected === "undefined")
+                notificationsService.error("Dynamics Configuration", response.message);
         }
     });
 
@@ -41,7 +44,7 @@
     window.addEventListener("message", function (event) {
         if (event.data.type === "hubspot:oauth:success") {
             vm.oauthSuccessEventCount += 1;
-            
+
             if (vm.oauthSuccessEventCount == 1) {
                 umbracoCmsIntegrationsCrmDynamicsResource.getAccessToken(event.data.code).then(function (response) {
 

src/Umbraco.Cms.Integrations.Crm.Dynamics/App_Plugins/UmbracoCms.Integrations/Crm/Dynamics/js/dynamics.resource.js

@@ -16,7 +16,7 @@
             },
             revokeAccessToken: function () {
                 return umbRequestHelper.resourcePromise(
-                    $http.post(`${apiEndpoint}/RevokeAccessToken`),
+                    $http.delete(`${apiEndpoint}/RevokeAccessToken`),
                     "Failed");
             },
             getSystemUserFullName: function () {

src/Umbraco.Cms.Integrations.Crm.Dynamics/Controllers/FormsController.cs

@@ -1,7 +1,7 @@
-
-#if NETCOREAPP
+#if NETCOREAPP
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
+
 using Umbraco.Cms.Web.BackOffice.Controllers;
 using Umbraco.Cms.Web.Common.Attributes;
 #else
@@ -74,11 +74,11 @@ public async Task<OAuthConfigurationDto> CheckOAuthConfiguration()
         {
             var oauthConfiguration = _dynamicsConfigurationService.GetOAuthConfiguration();
 
-            if (oauthConfiguration == null) return new OAuthConfigurationDto();
+            if (oauthConfiguration == null) return new OAuthConfigurationDto { Message = string.Empty };
 
             var identity = await _dynamicsService.GetIdentity(oauthConfiguration.AccessToken);
 
-            if (!identity.IsAuthorized) return new OAuthConfigurationDto();
+            if (!identity.IsAuthorized) return new OAuthConfigurationDto { Message = identity.Error?.Message };
 
             oauthConfiguration.IsAuthorized = true;
 
@@ -113,8 +113,10 @@ public async Task<string> GetAccessToken([FromBody] OAuthRequestDto authRequestD
 
                 var identity = await _dynamicsService.GetIdentity(tokenDto.AccessToken);
 
-                if (identity != null)
+                if (identity.IsAuthorized)
                     _dynamicsConfigurationService.AddorUpdateOAuthConfiguration(tokenDto.AccessToken, identity.UserId, identity.FullName);
+                else
+                    return "Error: " + identity.Error.Message;
 
                 return result;
             }
@@ -158,7 +160,7 @@ public async Task<ResponseDto<FormDto>> GetForms()
         [HttpGet]
         public string GetSystemUserFullName() => _dynamicsConfigurationService.GetSystemUserFullName();
 
-        [HttpPost]
-        public void RevokeAccessToken() => _dynamicsConfigurationService.Delete();
+        [HttpDelete]
+        public string RevokeAccessToken() => _dynamicsConfigurationService.Delete();
     }
 }

src/Umbraco.Cms.Integrations.Crm.Dynamics/Models/Dtos/ErrorDto.cs

@@ -7,6 +7,9 @@ public class ErrorDto
         [JsonProperty("status")]
         public string Status { get; set; }
 
+        [JsonProperty("code")]
+        public string Code { get; set; }
+
         [JsonProperty("message")]
         public string Message { get; set; }
 

src/Umbraco.Cms.Integrations.Crm.Dynamics/Models/Dtos/IdentityDto.cs

@@ -4,12 +4,14 @@ namespace Umbraco.Cms.Integrations.Crm.Dynamics.Models.Dtos
 {
     public class IdentityDto
     {
-        public bool IsAuthorized { get; set; } = true;
+        public bool IsAuthorized { get; set; }
 
         [JsonProperty("systemuserid")]
         public string UserId { get; set; }
 
         [JsonProperty("fullname")]
         public string FullName { get; set; }
+
+        public ErrorDto Error { get; set; }
     }
 }

src/Umbraco.Cms.Integrations.Crm.Dynamics/Models/Dtos/OAuthConfigurationDto.cs

@@ -19,5 +19,8 @@ public class OAuthConfigurationDto
 
         [JsonProperty("isAuthorized")]
         public bool IsAuthorized { get; set; }
+
+        [JsonProperty("message")]
+        public string Message { get; set; }
     }
 }

src/Umbraco.Cms.Integrations.Crm.Dynamics/Services/DynamicsService.cs

@@ -49,7 +49,9 @@ public DynamicsService(DynamicsConfigurationService dynamicsConfigurationService
 
         public async Task<IdentityDto> GetIdentity(string accessToken)
         {
-            var userId = await GetUserId(accessToken);
+            var user = await GetUser(accessToken);
+
+            if (!user.IsAuthorized) return user;
 
             var requestMessage = new HttpRequestMessage
             {
@@ -64,9 +66,10 @@ public async Task<IdentityDto> GetIdentity(string accessToken)
 
             var result = await response.Content.ReadAsStringAsync();
 
-            var systemUsers = JsonConvert.DeserializeObject<ResponseDto<IdentityDto>>(result);
+            var systemUser = JsonConvert.DeserializeObject<ResponseDto<IdentityDto>>(result).Value.FirstOrDefault(p => p.UserId == user.UserId.ToString());
+            systemUser.IsAuthorized = true;
 
-            return systemUsers.Value.FirstOrDefault(p => p.UserId == userId.ToString());
+            return systemUser;
         }
 
         public async Task<string> GetEmbedCode(string formId)
@@ -92,7 +95,7 @@ public async Task<string> GetEmbedCode(string formId)
             return embedCode.Value.FirstOrDefault() != null ? embedCode.Value.First().EmbedCode : string.Empty;
         }
 
-        private async Task<string> GetUserId(string accessToken)
+        private async Task<IdentityDto> GetUser(string accessToken)
         {
             var requestMessage = new HttpRequestMessage
             {
@@ -103,11 +106,18 @@ private async Task<string> GetUserId(string accessToken)
 
             var response = await ClientFactory().SendAsync(requestMessage);
 
-            if(!response.IsSuccessStatusCode) return String.Empty;
-
             var result = await response.Content.ReadAsStringAsync();
 
-            return JObject.Parse(result)["UserId"].ToString();
+            if (!response.IsSuccessStatusCode)
+            {
+                return JsonConvert.DeserializeObject<IdentityDto>(result);
+            }
+
+            return new IdentityDto
+            {
+                IsAuthorized = true,
+                UserId = JObject.Parse(result)["UserId"].ToString()
+            };
         }
     }
 }