ckaczor/sqltoolsservice
1
0
Fork 0
mirror of https://github.com/ckaczor/sqltoolsservice.git synced 2026-01-18 17:23:52 -05:00
Code Issues Packages Projects Releases Wiki Activity

Create Firewall Rule support with a simple Resource Provider implementation

Browse Source 
Implementation of the resource provider APIs in order to support Create Firewall Rule. Provides definition for a ResourceProvider and Authentication service. The ResourceProvider supports firewall rules for now, and since authentication is routed through that method it will call into the auth service to set up the current account to be used.

Additional notes:
- Fixed deserialization by adding an Accept header. This shouldn't be necessary, but for some reason the firewall rule defaults to XML without this
- Use generic server list and parse the ID to get the resource group, avoiding a large number of extra calls for each RG
- Errors now include error message from the API
This commit is contained in:
Kevin Cunnane
2017-10-09 15:45:33 -07:00
committed by GitHub
parent fecf56bce2
commit 7acc668c04
49 changed files with 1844 additions and 556 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
src/Microsoft.SqlTools.ResourceProvider.Core/Contracts/Account.cs Normal file
View File

@@ -0,0 +1,119 @@
//
// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
//
using System.Collections.Generic;
namespace Microsoft.SqlTools.ResourceProvider.Core.Contracts
{
/// <summary>
/// An object, usable in <see cref="CreateFirewallRuleRequest"/>s and other messages
/// </summary>
public class Account
{
/// <summary>
/// The key that identifies the account
/// </summary>
public AccountKey Key { get; set; }
/// <summary>
/// Display information for the account
/// </summary>
public AccountDisplayInfo DisplayInfo { get; set; }
/// <summary>
/// Customizable properties, which will include the access token or similar authentication support
/// </summary>
public AccountProperties Properties { get; set; }
/// <summary>
/// Indicates if the account needs refreshing
/// </summary>
public bool IsStale { get; set; }
}
/// <summary>
/// Azure-specific properties. Note that ideally with would reuse GeneralRequestDetails but
/// this isn't feasible right now as that is specific to having an Options property to hang it off
/// </summary>
public class AccountProperties
{
/// <summary>
/// Is this a Microsoft account, such as live.com, or not?
/// </summary>
internal bool IsMsAccount
{
get;
set;
}
/// <summary>
/// Tenants for each object
/// </summary>
public IEnumerable<Tenant> Tenants
{
get;
set;
}
}
/// <summary>
/// Represents a key that identifies an account.
/// </summary>
public class AccountKey
{
/// <summary>
/// Identifier of the provider
/// </summary>
public string ProviderId { get; set; }
// Note: ignoring ProviderArgs as it's not relevant
/// <summary>
/// Identifier for the account, unique to the provider
/// </summary>
public string AccountId { get; set; }
}
/// <summary>
/// Represents display information for an account.
/// </summary>
public class AccountDisplayInfo
{
/// <summary>
/// A display name that offers context for the account, such as "Contoso".
/// </summary>
public string ContextualDisplayName { get; set; }
// Note: ignoring ContextualLogo as it's not needed
/// <summary>
/// A display name that identifies the account, such as "user@contoso.com".
/// </summary
public string DisplayName { get; set; }
}
/// <summary>
/// Represents a tenant (an Azure Active Directory instance) to which a user has access
/// </summary>
public class Tenant
{
/// <summary>
/// Globally unique identifier of the tenant
/// </summary>
public string Id { get; set; }
/// <summary>
/// Display name of the tenant
/// </summary>
public string DisplayName { get; set; }
/// <summary>
/// Identifier of the user in the tenant
/// </summary>
public string UserId { get; set; }
}
}

35
src/Microsoft.SqlTools.ResourceProvider.Core/Contracts/AccountSecurityToken.cs Normal file
View File

@@ -0,0 +1,35 @@
//
// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
//
using System.Collections.Generic;
namespace Microsoft.SqlTools.ResourceProvider.Core.Contracts
{
/// <summary>
/// Contains key information about a Token used to log in to a resource provider
/// </summary>
public class AccountSecurityToken
{
/// <summary>
/// Expiration time for the token
/// </summary>
public string ExpiresOn { get; set; }
/// <summary>
/// URI defining the root for resource lookup
/// </summary>
public string Resource { get; set; }
/// <summary>
/// The actual token
/// </summary>
public string Token { get; set; }
/// <summary>
/// The type of token being sent - for example "Bearer" for most resource queries
/// </summary>
public string TokenType { get; set; }
}
}

102
src/Microsoft.SqlTools.ResourceProvider.Core/Contracts/FirewallRule.cs Normal file
View File

@@ -0,0 +1,102 @@
//
// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
//
using System.Collections.Generic;
using Microsoft.SqlTools.Hosting.Protocol.Contracts;
namespace Microsoft.SqlTools.ResourceProvider.Core.Contracts
{
/// <summary>
/// A request to open up a firewall rule
/// </summary>
public class CreateFirewallRuleRequest
{
public static readonly
RequestType<CreateFirewallRuleParams, CreateFirewallRuleResponse> Type =
RequestType<CreateFirewallRuleParams, CreateFirewallRuleResponse>.Create("resource/createFirewallRule");
}
/// <summary>
/// A FirewallRule object, usable in <see cref="CreateFirewallRuleRequest"/>s and other messages
/// </summary>
public class CreateFirewallRuleParams
{
/// <summary>
/// Account information to use in connecting to Azure
/// </summary>
public Account Account { get; set; }
/// <summary>
/// Per-tenant token mappings. Ideally would be set independently of this call, but for
/// now this allows us to get the tokens necessary to find a server and open a firewall rule
/// </summary>
public Dictionary<string,AccountSecurityToken> SecurityTokenMappings { get; set; }
/// <summary>
/// Fully qualified name of the server to create a new firewall rule on
/// </summary>
public string ServerName { get; set; }
/// <summary>
/// Start of the IP address range
/// </summary>
public string StartIpAddress { get; set; }
/// <summary>
/// End of the IP address range
/// </summary>
public string EndIpAddress { get; set; }
}
public class CreateFirewallRuleResponse
{
public bool Result { get; set; }
public string ErrorMessage { get; set; }
}
public class CanHandleFirewallRuleRequest
{
public static readonly
RequestType<HandleFirewallRuleParams, HandleFirewallRuleResponse> Type =
RequestType<HandleFirewallRuleParams, HandleFirewallRuleResponse>.Create("resource/handleFirewallRule");
}
public class HandleFirewallRuleParams
{
/// <summary>
/// The error code used to defined the error type
/// </summary>
public int ErrorCode { get; set; }
/// <summary>
/// The error message from which to parse the IP address
/// </summary>
public string ErrorMessage { get; set; }
/// <summary>
/// The connection type, for example MSSQL
/// </summary>
public string ConnectionTypeId { get; set; }
}
/// <summary>
/// Response to the check for Firewall rule support given an error message
/// </summary>
public class HandleFirewallRuleResponse
{
/// <summary>
/// Can this be handled?
/// </summary>
public bool Result { get; set; }
/// <summary>
/// If not, why?
/// </summary>
public string ErrorMessage { get; set; }
/// <summary>
/// If it can be handled, is there a default IP address to send back so users
/// can tell what their blocked IP is?
/// </summary>
public string IpAddress { get; set; }
}
}