Cleanup

Author: webprofusion-chrisc

src/Certify.Server/Certify.Server.Hub.Api/Controllers/v1/CertificateController.cs

@@ -277,6 +277,7 @@ public async Task<IActionResult> UpdateManagedCertificateDetails(string instance
         /// <summary>
         /// Begin the managed certificate request/renewal process for the given managed certificate id (on demand)
         /// </summary>
+        /// <param name="instanceId"></param>
         /// <param name="id"></param>
         /// <returns></returns>
         [HttpPost]

src/Certify.Server/Certify.Server.Hub.Api/Services/ManagementAPI.cs

@@ -28,6 +28,7 @@ public partial class ManagementAPI
         /// </summary>
         /// <param name="mgmtStateProvider">The instance management state provider.</param>
         /// <param name="mgmtHubContext">The management hub context for SignalR or Direct communication.</param>
+        /// <param name="log"></param>
         public ManagementAPI(IInstanceManagementStateProvider mgmtStateProvider, IHubContext<InstanceManagementHub, IInstanceManagementHub> mgmtHubContext, ILogger<ManagementAPI> log)
         {
             _mgmtStateProvider = mgmtStateProvider;
@@ -41,6 +42,7 @@ public ManagementAPI(IInstanceManagementStateProvider mgmtStateProvider, IHubCon
         /// <param name="mgmtStateProvider">The instance management state provider.</param>
         /// <param name="mgmtHubContext">The management hub context for SignalR communication.</param>
         /// <param name="certifyManager">The in-process Certify manager instance.</param>
+        /// <param name="log"></param>
         public ManagementAPI(IInstanceManagementStateProvider mgmtStateProvider, IHubContext<InstanceManagementHub, IInstanceManagementHub> mgmtHubContext, Certify.Management.ICertifyManager certifyManager, ILogger<ManagementAPI> log)
         {
             _mgmtStateProvider = mgmtStateProvider;
@@ -125,12 +127,12 @@ private async Task SendCommandWithNoResult(string instanceId, InstanceCommandReq
         /// <returns>The deserialized result as type <typeparamref name="T"/> if available; otherwise, default.</returns>
         private async Task<T?> PerformInstanceCommandTaskWithResult<T>(string instanceId, KeyValuePair<string, string>[] args, string commandType)
         {
-            InstanceCommandResult result;
-            var cmd = new InstanceCommandRequest(commandType, args);
-
-            cmd.IsResultAwaited = true;
+            var cmd = new InstanceCommandRequest(commandType, args)
+            {
+                IsResultAwaited = true
+            };
 
-            result = await GetCommandResult(instanceId, cmd);
+            var result = await GetCommandResult(instanceId, cmd);
 
             if (result?.Value != null)
             {
@@ -623,6 +625,12 @@ internal async Task<List<ActionStep>> PerformInstanceImport(string instanceId, I
             return await PerformInstanceCommandTaskWithResult<ICollection<Models.ActionStep>>(instanceId, args, ManagementHubCommands.GetSystemStatusItems);
         }
 
+        /// <summary>
+        /// Retrieves the service configuration for the specified instance.
+        /// </summary>
+        /// <param name="instanceId">The target instance identifier.</param>
+        /// <param name="currentAuthContext">The current authentication context.</param>
+        /// <returns>A <see cref="ServiceConfig"/> object containing the service configuration, or null if not found.</returns>
         public async Task<ServiceConfig?> GetServiceConfig(string instanceId, AuthContext? currentAuthContext)
         {
             var args = new KeyValuePair<string, string>[] {
@@ -632,6 +640,12 @@ internal async Task<List<ActionStep>> PerformInstanceImport(string instanceId, I
             return await PerformInstanceCommandTaskWithResult<ServiceConfig>(instanceId, args, ManagementHubCommands.GetServiceConfig);
         }
 
+        /// <summary>
+        /// Retrieves service core settings for a specified instance asynchronously.
+        /// </summary>
+        /// <param name="instanceId">Identifies the specific instance for which the settings are being retrieved.</param>
+        /// <param name="currentAuthContext">Provides the authentication context necessary for accessing the service settings.</param>
+        /// <returns>Returns the preferences associated with the service core settings or null if not found.</returns>
         public async Task<Preferences?> GetServiceCoreSettings(string instanceId, AuthContext? currentAuthContext)
         {
             var args = new KeyValuePair<string, string>[] {
@@ -641,6 +655,13 @@ internal async Task<List<ActionStep>> PerformInstanceImport(string instanceId, I
             return await PerformInstanceCommandTaskWithResult<Preferences>(instanceId, args, ManagementHubCommands.GetServiceCoreSettings);
         }
 
+        /// <summary>
+        /// Updates the core settings of a service instance based on provided preferences and authentication context.
+        /// </summary>
+        /// <param name="instanceId">Identifies the specific service instance to be updated.</param>
+        /// <param name="prefs">Contains the new preferences to apply to the service instance.</param>
+        /// <param name="currentAuthContext">Holds the current authentication context for authorization during the update.</param>
+        /// <returns>Returns the result of the update operation, which may indicate success or failure.</returns>
         public async Task<ActionResult?> UpdateServiceCoreSettings(string instanceId, Preferences prefs, AuthContext? currentAuthContext)
         {
             var args = new KeyValuePair<string, string>[] {
@@ -651,6 +672,13 @@ internal async Task<List<ActionStep>> PerformInstanceImport(string instanceId, I
             return await PerformInstanceCommandTaskWithResult<ActionResult?>(instanceId, args, ManagementHubCommands.UpdateServiceCoreSettings);
         }
 
+        /// <summary>
+        /// Updates the configuration of a specified service instance asynchronously.
+        /// </summary>
+        /// <param name="instanceId">Identifies the specific service instance to be updated.</param>
+        /// <param name="config">Contains the new configuration settings for the service instance.</param>
+        /// <param name="currentAuthContext">Represents the current authentication context for authorization checks.</param>
+        /// <returns>Returns the result of the update operation, which may indicate success or failure.</returns>
         public async Task<ActionResult?> UpdateServiceConfig(string instanceId, ServiceConfig config, AuthContext? currentAuthContext)
         {
             var args = new KeyValuePair<string, string>[] {

src/Certify.Service/Controllers/ControllerBase.cs

@@ -1,10 +1,8 @@
 using System;
-using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using System.Security.Claims;
 using System.Security.Principal;
-using System.Threading.Tasks;
 using System.Web.Http;
 using System.Web.Http.Controllers;
 using Microsoft.IdentityModel.JsonWebTokens;
@@ -27,30 +25,8 @@ protected override bool IsAuthorized(HttpActionContext actionContext)
             var request = actionContext.Request;
             var authorization = request.Headers.Authorization;
 
-#if DEBUG   // feature not in production
-            if (authorization != null && authorization.Scheme == "Bearer")
-            {
-                //bearer token presented, validate principle
-                var token = authorization.Parameter;
-
-                var secretKey = ((ControllerBase)actionContext.ControllerContext.Controller).GetAuthSecretKey();
-
-                var principal = AuthenticateJwtToken(token, secretKey).Result;
-
-                if (principal == null)
-                {
-                    //invalid token
-                    return false;
-                }
-                else
-                {
-                    actionContext.RequestContext.Principal = principal;
-                    return true;
-                }
-            }
-#endif
-
             var user = actionContext.RequestContext.Principal as WindowsPrincipal;
+
             if (user.IsInRole(WindowsBuiltInRole.Administrator))
             {
                 return true;
@@ -63,93 +39,6 @@ protected override bool IsAuthorized(HttpActionContext actionContext)
 
             return false;
         }
-
-        public static ClaimsIdentity GetClaimsIdentity(string token, string secret)
-        {
-            // adapted form https://stackoverflow.com/questions/40281050/jwt-authentication-for-asp-net-web-api
-            try
-            {
-                var tokenHandler = new JsonWebTokenHandler();
-                var jwtToken = tokenHandler.ReadToken(token) as JsonWebToken;
-
-                if (jwtToken == null)
-                {
-                    return null;
-                }
-
-                var symmetricKey = Convert.FromBase64String(secret);
-
-                var validationParameters = new TokenValidationParameters()
-                {
-                    RequireExpirationTime = true,
-                    ValidateIssuer = false,
-                    ValidateAudience = false,
-                    IssuerSigningKey = new SymmetricSecurityKey(symmetricKey)
-                };
-
-                var result = tokenHandler.ValidateToken(token, validationParameters);
-
-                if (result.IsValid)
-                {
-                    return result.ClaimsIdentity;
-                }
-                else
-                {
-                    return null;
-                }
-            }
-            catch (Exception)
-            {
-                //should write log
-                return null;
-            }
-        }
-
-        private static bool ValidateToken(string token, string secret, out string username)
-        {
-            username = null;
-
-            var identity = GetClaimsIdentity(token, secret);
-
-            if (identity == null || !identity.IsAuthenticated)
-            {
-                return false;
-            }
-
-            var usernameClaim = identity.FindFirst(ClaimTypes.Name);
-            username = usernameClaim?.Value;
-
-            if (string.IsNullOrEmpty(username))
-            {
-                return false;
-            }
-
-            // More validation to check whether username exists in system etc
-
-            return true;
-        }
-
-        protected Task<IPrincipal> AuthenticateJwtToken(string token, string secret)
-        {
-
-            if (ValidateToken(token, secret, out var username))
-            {
-                // based on username to get more information from database 
-                // in order to build local identity
-                var claims = new List<Claim>
-                {
-                    new Claim(ClaimTypes.Name, username)
-                    // Add more claims if needed: Roles, ...
-                };
-
-                var identity = new ClaimsIdentity(claims, "Jwt");
-                IPrincipal user = new ClaimsPrincipal(identity);
-
-                return Task.FromResult(user);
-            }
-
-            return Task.FromResult<IPrincipal>(null);
-        }
     }
 
     [CustomAuthCheck]

src/Certify.Tests/Certify.Core.Tests.Unit/Tests/CertifyServiceTests.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
+using System.Net.Http.Json;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
 using Certify.Models;