106 lines
3.3 KiB
C#
106 lines
3.3 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using OTSSignsOrchestrator.Configuration;
|
|
using OTSSignsOrchestrator.Models.DTOs;
|
|
using OTSSignsOrchestrator.Services;
|
|
|
|
namespace OTSSignsOrchestrator.API;
|
|
|
|
[ApiController]
|
|
[Route("api")]
|
|
public class OidcProvidersController : ControllerBase
|
|
{
|
|
private readonly OidcProviderService _providerService;
|
|
private readonly ILogger<OidcProvidersController> _logger;
|
|
|
|
public OidcProvidersController(OidcProviderService providerService, ILogger<OidcProvidersController> logger)
|
|
{
|
|
_providerService = providerService;
|
|
_logger = logger;
|
|
}
|
|
|
|
/// <summary>
|
|
/// List active OIDC providers (no auth required — used by login page).
|
|
/// </summary>
|
|
[HttpGet("idp-providers")]
|
|
[AllowAnonymous]
|
|
public async Task<IActionResult> ListActive()
|
|
{
|
|
var providers = await _providerService.GetActiveProvidersAsync();
|
|
return Ok(new
|
|
{
|
|
items = providers.Select(p => new
|
|
{
|
|
p.Id,
|
|
p.Name,
|
|
p.IsEnabled,
|
|
p.IsPrimary
|
|
})
|
|
});
|
|
}
|
|
|
|
[HttpGet("admin/idp-providers")]
|
|
[Authorize(Roles = AppConstants.AdminRole)]
|
|
public async Task<IActionResult> ListAll()
|
|
{
|
|
var providers = await _providerService.GetAllProvidersAsync();
|
|
return Ok(new
|
|
{
|
|
items = providers.Select(p => new
|
|
{
|
|
p.Id,
|
|
p.Name,
|
|
p.Authority,
|
|
p.ClientId,
|
|
p.Audience,
|
|
p.IsEnabled,
|
|
p.IsPrimary,
|
|
p.CreatedAt,
|
|
p.UpdatedAt
|
|
// Never return ClientSecret
|
|
})
|
|
});
|
|
}
|
|
|
|
[HttpPost("admin/idp-providers")]
|
|
[Authorize(Roles = AppConstants.AdminRole)]
|
|
public async Task<IActionResult> Create([FromBody] CreateOidcProviderDto dto)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(ModelState);
|
|
|
|
var provider = await _providerService.CreateProviderAsync(dto);
|
|
return Ok(new { provider.Id, provider.Name, provider.CreatedAt });
|
|
}
|
|
|
|
[HttpPut("admin/idp-providers/{id:guid}")]
|
|
[Authorize(Roles = AppConstants.AdminRole)]
|
|
public async Task<IActionResult> Update(Guid id, [FromBody] UpdateOidcProviderDto dto)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(ModelState);
|
|
|
|
var provider = await _providerService.UpdateProviderAsync(id, dto);
|
|
return Ok(new { provider.Id, provider.Name, provider.UpdatedAt });
|
|
}
|
|
|
|
[HttpDelete("admin/idp-providers/{id:guid}")]
|
|
[Authorize(Roles = AppConstants.AdminRole)]
|
|
public async Task<IActionResult> Delete(Guid id)
|
|
{
|
|
await _providerService.DeleteProviderAsync(id);
|
|
return Ok(new { success = true, message = "Provider deleted." });
|
|
}
|
|
|
|
[HttpPost("admin/idp-providers/{id:guid}/test")]
|
|
[Authorize(Roles = AppConstants.AdminRole)]
|
|
public async Task<IActionResult> Test(Guid id)
|
|
{
|
|
var provider = await _providerService.GetProviderAsync(id);
|
|
if (provider == null) return NotFound();
|
|
|
|
var (isValid, message) = await _providerService.TestConnectionAsync(provider);
|
|
return Ok(new { isValid, message });
|
|
}
|
|
}
|