-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
API access with client credentials (core functionality) (#16817)
* First stab * Delivery API client credentials + a little refactor to ensure unique client IDs * Introduce user type * Support user type in the Management API * Clean up TODOs * Update API user last login date when issuing a token * Better error reporting for mismatched user types * Do not allow password change or reset for API users * Update OpenApi.json * Revert change * Remove obsolete comment * Make applicable classes abstract or sealed * Review changes * Add endpoint for retrieving all user client IDs
- Loading branch information
Showing
53 changed files
with
1,444 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
....Api.Management/Controllers/User/ClientCredentials/ClientCredentialsUserControllerBase.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
using Microsoft.AspNetCore.Http; | ||
using Microsoft.AspNetCore.Mvc; | ||
using Umbraco.Cms.Core.Security.OperationStatus; | ||
|
||
namespace Umbraco.Cms.Api.Management.Controllers.User.ClientCredentials; | ||
|
||
[ApiExplorerSettings(GroupName = "User")] | ||
public abstract class ClientCredentialsUserControllerBase : UserControllerBase | ||
{ | ||
protected IActionResult BackOfficeUserClientCredentialsOperationStatusResult(BackOfficeUserClientCredentialsOperationStatus status) => | ||
OperationStatusResult(status, problemDetailsBuilder => status switch | ||
{ | ||
BackOfficeUserClientCredentialsOperationStatus.InvalidUser => BadRequest(problemDetailsBuilder | ||
.WithTitle("Invalid user") | ||
.WithDetail("The specified user does not support this operation. Possibly caused by a mismatched client ID or an inapplicable user type.") | ||
.Build()), | ||
BackOfficeUserClientCredentialsOperationStatus.DuplicateClientId => BadRequest(problemDetailsBuilder | ||
.WithTitle("Duplicate client ID") | ||
.WithDetail("The specified client ID is already in use. Choose another client ID.") | ||
.Build()), | ||
_ => StatusCode(StatusCodes.Status500InternalServerError, problemDetailsBuilder | ||
.WithTitle("Unknown client credentials operation status.") | ||
.Build()), | ||
}); | ||
} |
Oops, something went wrong.