Merge pull request #1 from OpenPerpetuum/feature/openidserver

Add OpenID Connect and Perpetuum Account Authentication

Author: nref-dan

src/.vscode/launch.json

@@ -0,0 +1,46 @@
+{
+   // Use IntelliSense to find out which attributes exist for C# debugging
+   // Use hover for the description of the existing attributes
+   // For further information visit https://github.com/OmniSharp/omnisharp-vscode/blob/master/debugger-launchjson.md
+   "version": "0.2.0",
+   "configurations": [
+        {
+            "name": ".NET Core Launch (web)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // If you have changed target frameworks, make sure to update the program path.
+            "program": "${workspaceFolder}/OpenPerpetuum.Api/bin/Debug/netcoreapp2.1/OpenPerpetuum.Api.dll",
+            "args": [],
+            "cwd": "${workspaceFolder}/OpenPerpetuum.Api",
+            "stopAtEntry": false,
+            "internalConsoleOptions": "openOnSessionStart",
+            "launchBrowser": {
+                "enabled": true,
+                "args": "${auto-detect-url}",
+                "windows": {
+                    "command": "cmd.exe",
+                    "args": "/C start ${auto-detect-url}"
+                },
+                "osx": {
+                    "command": "open"
+                },
+                "linux": {
+                    "command": "xdg-open"
+                }
+            },
+            "env": {
+                "ASPNETCORE_ENVIRONMENT": "Development"
+            },
+            "sourceFileMap": {
+                "/Views": "${workspaceFolder}/Views"
+            }
+        },
+        {
+            "name": ".NET Core Attach",
+            "type": "coreclr",
+            "request": "attach",
+            "processId": "${command:pickProcess}"
+        }
+    ,]
+}

src/.vscode/settings.json

@@ -0,0 +1,2 @@
+{
+}

src/.vscode/tasks.json

@@ -0,0 +1,16 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/OpenPerpetuum.Api/OpenPerpetuum.Api.csproj",
+                "-o ${workspaceFolder}/bin"
+            ],
+            "problemMatcher": "$msCompile"
+        }
+    ]
+}

src/Database/api/Patches/Create_Database_Init.sql

@@ -0,0 +1,50 @@
+create database api; -- Bler; sort this out with something a little more explicit please (I hate leaving things in the hands of SQL Server) =)
+go
+
+begin transaction CREATE_API_DB
+set xact_abort on
+set transaction isolation level read committed
+
+use api
+
+if not exists (select * from sys.schemas where name = 'Authorisation')
+	exec('create schema Authorisation'); -- Allows it to run in its own batch
+
+if not exists (select * from sys.server_principals where type = 'S' and name='api_mgmt_user')
+	create login api_mgmt_user with password='ChangeMe';
+
+if not exists (select * from sys.database_principals where type = 'S' and name='api_mgmt_user')
+	create user api_mgmt_user for login api_mgmt_user with default_schema=dbo;
+
+grant EXECUTE on schema :: dbo to api_mgmt_user;
+grant EXECUTE on schema :: Authorisation to api_mgmt_user;
+
+create table api.dbo.DBPatchVersion
+(
+	PatchId int not null,
+	PatchName nvarchar(500) not null,
+	VersionNumber nvarchar(30) not null,
+	DateApplied datetimeoffset not null,
+	MessageLog nvarchar(max) null,
+	constraint PK_DBPatchVersion_PatchId primary key (PatchId),
+	constraint UQ_DBPatchVersion_VersionNumber unique (VersionNumber)
+);
+
+insert into api.dbo.DBPatchVersion
+(
+	PatchId,
+	PatchName,
+	VersionNumber,
+	DateApplied,
+	MessageLog
+)
+values
+(
+	1000,
+	'Create_Database_Init',
+	'1.000',
+	getdate(),
+	'Initialised database with baseline settings'
+);
+
+commit transaction CREATE_API_DB;

src/Database/api/Patches/PatchControl.xml

@@ -0,0 +1,3 @@
+<PatchControl>
+	<SchemaPatch filename="SchemaPatch1_001.sql" version="1.001" dependency="1.000" />
+</PatchControl>

src/Database/api/Patches/SchemaPatch1_001.sql

@@ -0,0 +1,26 @@
+/*
+	************************
+	Patch Version:	1.001
+	Written By:		Marakai
+	Description:	Create the table for storing the AccessClients (third party allowed applications)
+	Depends On:		1.000
+	************************
+*/
+
+create table AccessClient
+(
+	ClientId uniqueidentifier not null,
+	FriendlyName nvarchar(500) not null,
+	AdministratorContactAddress nvarchar(max) not null,
+	AdministratorName nvarchar(max) not null,
+	RedirectUri nvarchar(500) not null,
+	SecretKey nvarchar(100) not null,
+	IsAdministratorApp bit not null,
+	constraint PK_AccessClient_ClientId primary key (ClientId),
+	constraint UQ_AccessClient_FriendlyName unique (FriendlyName),
+	constraint UQ_AccessClient_RedirectUri unique (RedirectUri),
+	constraint UQ_AccessClient_SecretKey unique (SecretKey)
+)
+
+-- Ensure there is only one administrator app so that we control it. This prevents hard-coding the ClientId, making it easier to recover in the event of a compromise
+create unique index UQF_AccessClient_IsAdministratorApp on AccessClient (IsAdministratorApp) where IsAdministratorApp = 1;

src/Database/api/Procedures/Authorisation.GetAccessClients.sql

@@ -0,0 +1,18 @@
+if object_id('Authorisation.GetAccessClients', 'P') is not null
+	drop procedure Authorisation.GetAccessClients;
+go
+
+create procedure Authorisation.GetAccessClients
+	@ClientId uniqueidentifier null
+as
+
+select
+	ClientId,
+	FriendlyName,
+	AdministratorContactAddress,
+	AdministratorName,
+	RedirectUri,
+	SecretKey,
+	IsAdministratorApp
+from AccessClient
+where (@ClientId is null or ClientId = @ClientId);

src/Database/api/Procedures/ProcedureControl.xml

@@ -0,0 +1,3 @@
+<ProcedureControl>
+	<StoredProcedure name="Authorisation.GetAccessClients" filename="Authorisation.GetAccessClients.sql" />
+</ProcedureControl>

src/Database/game/Patches/PatchControl.xml

@@ -0,0 +1,3 @@
+<PatchControl>
+	<SchemaPatch filename="SchemaPatch1_001.sql" version="1.001" />
+</PatchControl>

src/Database/game/Patches/SchemaPatch1_001.sql

@@ -0,0 +1,54 @@
+/*
+	************************
+	Patch Version:	1.001
+	Written By:		Marakai
+	Description:	Create the user and access rights for the API
+	Depends On:		None
+	************************
+*/
+
+begin transaction CREATE_API_USER
+set xact_abort on
+set transaction isolation level read committed
+
+if not exists (select * from sys.schemas where name = 'API')
+	exec('create schema API'); -- Allows it to run in its own batch
+
+if not exists (select * from sys.server_principals where type = 'S' and name='api_user')
+	create login api_user with password='ChangeMe';
+
+if not exists (select * from sys.database_principals where type = 'S' and name='api_user')
+	create user api_user for login api_user with default_schema=dbo;
+
+grant EXECUTE on schema :: dbo to api_user;
+grant EXECUTE on schema :: API to api_user;
+
+create table dbo.DBPatchVersion
+(
+	PatchId int not null,
+	PatchName nvarchar(500) not null,
+	VersionNumber nvarchar(30) not null,
+	DateApplied datetimeoffset not null,
+	MessageLog nvarchar(max) null,
+	constraint PK_DBPatchVersion_PatchId primary key (PatchId),
+	constraint UQ_DBPatchVersion_VersionNumber unique (VersionNumber)
+);
+
+insert into dbo.DBPatchVersion
+(
+	PatchId,
+	PatchName,
+	VersionNumber,
+	DateApplied,
+	MessageLog
+)
+values
+(
+	1000,
+	'Create_Database_Init',
+	'1.000',
+	getdate(),
+	'Initialised database with baseline settings'
+);
+
+commit transaction CREATE_API_USER;