Merge pull request #9 from damienbod/feature/multi-tenant

Delegated read, application write EntraID auth

AspNetCoreAzureBlobStorage.sln

@@ -13,6 +13,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DelegatedEntraIDBlobStorage
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DelegatedReadAppWriteBlobStorage", "DelegatedReadAppWriteBlobStorage\DelegatedReadAppWriteBlobStorage.csproj", "{83C304C5-9B28-4D59-BA33-94884CA7F060}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "MultiClientBlobStorage", "MultiClientBlobStorage\MultiClientBlobStorage.csproj", "{0145341E-34F8-4FA2-BF5B-95CD3E53903E}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -27,6 +29,10 @@ Global
 		{83C304C5-9B28-4D59-BA33-94884CA7F060}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{83C304C5-9B28-4D59-BA33-94884CA7F060}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{83C304C5-9B28-4D59-BA33-94884CA7F060}.Release|Any CPU.Build.0 = Release|Any CPU
+		{0145341E-34F8-4FA2-BF5B-95CD3E53903E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{0145341E-34F8-4FA2-BF5B-95CD3E53903E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{0145341E-34F8-4FA2-BF5B-95CD3E53903E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{0145341E-34F8-4FA2-BF5B-95CD3E53903E}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

DelegatedEntraIDBlobStorage/DelegatedEntraIDBlobStorage.csproj

@@ -11,10 +11,10 @@
     <PackageReference Include="Azure.Storage.Blobs" Version="12.19.1" />
     <PackageReference Include="Microsoft.Identity.Web" Version="2.17.0" />
     <PackageReference Include="Microsoft.Identity.Web.UI" Version="2.17.0" />
-    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.1" />
 
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.1" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.1">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>

DelegatedEntraIDBlobStorage/FilesProvider/SqlDataAccess/FileDescriptionProvider.cs

@@ -9,7 +9,7 @@ public class FileDescriptionProvider
 
     public FileDescriptionProvider(FileContext context, IConfiguration configuration)
     {
-        _context = context;;
+        _context = context;
         _configuration = configuration;
     }
 

DelegatedEntraIDBlobStorage/Migrations/20210206130700_init.cs

@@ -1,5 +1,4 @@
-using System;
-using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Migrations;
 
 namespace AspNetCoreAzureStorage.Migrations
 {

DelegatedEntraIDBlobStorage/Pages/Error.cshtml.cs

@@ -1,6 +1,6 @@
-using System.Diagnostics;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.Diagnostics;
 
 namespace DelegatedEntraIDBlobStorage.Pages;
 

DelegatedEntraIDBlobStorage/Pages/ListFiles.cshtml.cs

@@ -17,7 +17,7 @@ public class ListFilesModel : PageModel
     private readonly ITokenAcquisition _tokenAcquisition;
 
     [BindProperty]
-    public IEnumerable<FileDescriptionDto> FileDescriptions { get; set; } 
+    public IEnumerable<FileDescriptionDto> FileDescriptions { get; set; }
         = new List<FileDescriptionDto>();
 
     [BindProperty]

DelegatedReadAppWriteBlobStorage/DelegatedReadAppWriteBlobStorage.csproj

@@ -11,10 +11,10 @@
     <PackageReference Include="Azure.Storage.Blobs" Version="12.19.1" />
     <PackageReference Include="Microsoft.Identity.Web" Version="2.17.0" />
     <PackageReference Include="Microsoft.Identity.Web.UI" Version="2.17.0" />
-    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.1" />
 
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.1" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.1">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>

DelegatedReadAppWriteBlobStorage/FilesProvider/AzureStorageAccess/BlobApplicationUploadProvider.cs

@@ -8,7 +8,7 @@ public class BlobApplicationUploadProvider
     private readonly IConfiguration _configuration;
     private readonly ClientSecretCredentialProvider _clientSecretCredentialProvider;
 
-    public BlobApplicationUploadProvider(ClientSecretCredentialProvider clientSecretCredentialProvider, 
+    public BlobApplicationUploadProvider(ClientSecretCredentialProvider clientSecretCredentialProvider,
         IConfiguration configuration)
     {
         _configuration = configuration;

DelegatedReadAppWriteBlobStorage/FilesProvider/SqlDataAccess/FileDescriptionProvider.cs

@@ -9,7 +9,7 @@ public class FileDescriptionProvider
 
     public FileDescriptionProvider(FileContext context, IConfiguration configuration)
     {
-        _context = context;;
+        _context = context;
         _configuration = configuration;
     }
 

DelegatedReadAppWriteBlobStorage/Migrations/20210206130700_init.cs

@@ -1,5 +1,4 @@
-using System;
-using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Migrations;
 
 namespace AspNetCoreAzureStorage.Migrations
 {

DelegatedReadAppWriteBlobStorage/Pages/Error.cshtml.cs

@@ -1,6 +1,6 @@
-using System.Diagnostics;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.Diagnostics;
 
 namespace DelegatedReadAppWriteBlobStorage.Pages;
 

DelegatedReadAppWriteBlobStorage/Pages/ListFiles.cshtml.cs

@@ -17,7 +17,7 @@ public class ListFilesModel : PageModel
     private readonly ITokenAcquisition _tokenAcquisition;
 
     [BindProperty]
-    public IEnumerable<FileDescriptionDto> FileDescriptions { get; set; } 
+    public IEnumerable<FileDescriptionDto> FileDescriptions { get; set; }
         = new List<FileDescriptionDto>();
 
     [BindProperty]

MultiClientBlobStorage/MultiClientBlobStorage.csproj

@@ -0,0 +1,25 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <UserSecretsId>8c3776cd-3665-4932-b102-18f6a157351f</UserSecretsId>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Azure.Storage.Blobs" Version="12.19.1" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="2.17.0" />
+    <PackageReference Include="Microsoft.Identity.Web.GraphServiceClient" Version="2.17.0" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="2.17.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="8.0.1" />
+
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="8.0.2" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.2">
+    <PrivateAssets>all</PrivateAssets>
+    <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="Polly" Version="8.3.0" />
+  </ItemGroup>
+
+</Project>

MultiClientBlobStorage/Pages/CreateClient.cshtml

@@ -0,0 +1,48 @@
+@page
+@using Microsoft.AspNetCore.Authorization
+@inject IAuthorizationService AuthorizationService
+@model MultiClientBlobStorage.Pages.CreateClientModel
+@{
+    ViewData["Title"] = "Create Client";
+    Layout = "~/Pages/Shared/_Layout.cshtml";
+}
+
+@if ((await AuthorizationService.AuthorizeAsync(User, "blob-admin-policy")).Succeeded)
+{
+    <div class="card">
+        <div class="card-header">Create Blobs</div>
+        <div class="card-body">
+            <form enctype="multipart/form-data" asp-page="/CreateClient" id="ajaxUploadForm" novalidate="novalidate">
+
+                <fieldset>
+
+                    <div class="col-xs-12" style="padding: 10px;">
+                        <div class="col-xs-4">
+                            <label>Client Name</label>
+                        </div>
+                        <div class="col-xs-7">
+                            <input placeholder="Name" class="form-control" asp-for="ClientName"/>
+                        </div>
+                    </div>
+
+                    <div class="col-xs-12" style="padding: 10px;">
+                        <div class="col-xs-4">
+                            <input type="submit" value="Create" id="ajaxUploadButton" class="btn btn-primary col-sm-12">
+                        </div>
+                        <div class="col-xs-7">
+
+                        </div>
+                    </div>
+
+                </fieldset>
+
+            </form>
+        </div>
+    </div>
+
+}
+else
+{
+    <p>User has not contributor access role for blob storage</p>
+}
+

MultiClientBlobStorage/Pages/CreateClient.cshtml.cs

@@ -0,0 +1,47 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using MultiClientBlobStorage.Providers;
+using MultiClientBlobStorage.Providers.GroupUserServices;
+
+namespace MultiClientBlobStorage.Pages;
+
+[Authorize(Policy = "blob-admin-policy")]
+public class CreateClientModel : PageModel
+{
+    private readonly ClientBlobContainerProvider _clientBlobContainerProvider;
+    private readonly ApplicationMsGraphService _applicationMsGraphService;
+
+    [BindProperty]
+    public string ClientName { get; set; } = string.Empty;
+
+    public CreateClientModel(ClientBlobContainerProvider clientBlobContainerProvider,
+        ApplicationMsGraphService applicationMsGraphService)
+    {
+        _clientBlobContainerProvider = clientBlobContainerProvider;
+        _applicationMsGraphService = applicationMsGraphService;
+    }
+
+    public void OnGet()
+    {
+    }
+
+    public async Task<IActionResult> OnPostAsync()
+    {
+        if (ModelState.IsValid)
+        {
+            var group = await _applicationMsGraphService.CreateSecurityGroupAsync(ClientName);
+
+            var blobContainer = await _clientBlobContainerProvider
+                .CreateBlobContainerClient(ClientName);
+
+            if(blobContainer != null && group != null && group.Id != null)
+            {
+                await _clientBlobContainerProvider
+                    .ApplyReaderGroupToBlobContainer(blobContainer, group.Id);
+            }
+        }
+
+        return Page();
+    }
+}

MultiClientBlobStorage/Pages/Error.cshtml

@@ -0,0 +1,26 @@
+@page
+@model ErrorModel
+@{
+    ViewData["Title"] = "Error";
+}
+
+<h1 class="text-danger">Error.</h1>
+<h2 class="text-danger">An error occurred while processing your request.</h2>
+
+@if (Model.ShowRequestId)
+{
+    <p>
+        <strong>Request ID:</strong> <code>@Model.RequestId</code>
+    </p>
+}
+
+<h3>Development Mode</h3>
+<p>
+    Swapping to the <strong>Development</strong> environment displays detailed information about the error that occurred.
+</p>
+<p>
+    <strong>The Development environment shouldn't be enabled for deployed applications.</strong>
+    It can result in displaying sensitive information from exceptions to end users.
+    For local debugging, enable the <strong>Development</strong> environment by setting the <strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>
+    and restarting the app.
+</p>

MultiClientBlobStorage/Pages/Error.cshtml.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using System.Diagnostics;
+
+namespace MultiClientBlobStorage.Pages;
+
+[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
+public class ErrorModel : PageModel
+{
+    public string? RequestId { get; set; }
+
+    public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
+
+    public void OnGet()
+    {
+        RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
+    }
+}

MultiClientBlobStorage/Pages/Index.cshtml

@@ -0,0 +1,14 @@
+@page
+@model IndexModel
+@{
+    ViewData["Title"] = "Azure Storage and ASP.NET Core";
+}
+
+<div class="card">
+    <div class="card-header">Azure Blob Storage and ASP.NET Core</div>
+    <div class="card-body">
+        <p>Upload and download files using blob storage with delegated read and application write access</p>
+    </div>
+</div>
+
+

MultiClientBlobStorage/Pages/Index.cshtml.cs

@@ -0,0 +1,10 @@
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace MultiClientBlobStorage.Pages;
+
+public class IndexModel : PageModel
+{
+    public void OnGet()
+    {
+    }
+}

MultiClientBlobStorage/Pages/Shared/_Layout.cshtml

@@ -0,0 +1,48 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>@ViewData["Title"] - ME-ID multi client, multi container</title>
+    <link rel="stylesheet" href="~/lib/bootstrap/dist/css/bootstrap.min.css" />
+    <link rel="stylesheet" href="~/css/site.css" />
+</head>
+<body>
+    <header>
+        <nav class="navbar navbar-expand-sm navbar-toggleable-sm navbar-light bg-white border-bottom box-shadow mb-3">
+            <div class="container">
+                <a class="navbar-brand" asp-area="" asp-page="/Index">Me-ID Blob Storage</a>
+                <button class="navbar-toggler" type="button" data-toggle="collapse" data-target=".navbar-collapse" aria-controls="navbarSupportedContent"
+                        aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="navbar-collapse collapse d-sm-inline-flex flex-sm-row-reverse">
+                    <partial name="_LoginPartial" />
+                    <ul class="navbar-nav flex-grow-1">
+                        <li class="nav-item">
+                            <a class="nav-link text-dark" asp-area="" asp-page="/CreateClient">Create client</a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+    </header>
+    <div class="container">
+        <main role="main" class="pb-3">
+            @RenderBody()
+        </main>
+    </div>
+
+    <footer class="border-top footer text-muted">
+        <div class="container">
+            &copy; 2024 - ME-ID Create Blob storage containers
+        </div>
+    </footer>
+
+    <script src="~/lib/jquery/dist/jquery.min.js"></script>
+    <script src="~/lib/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
+    <script src="~/js/site.js" asp-append-version="true"></script>
+
+    @RenderSection("Scripts", required: false)
+</body>
+</html>

MultiClientBlobStorage/Pages/Shared/_LoginPartial.cshtml

@@ -0,0 +1,18 @@
+
+<ul class="navbar-nav">
+@if (User.Identity!.IsAuthenticated)
+{
+        <li class="nav-item">
+            <span class="navbar-text text-dark">Hello @User.Identity.Name!</span>
+        </li>
+        <li class="nav-item">
+            <a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut">Sign out</a>
+        </li>
+}
+else
+{
+        <li class="nav-item">
+            <a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignIn">Sign in</a>
+        </li>
+}
+</ul>

MultiClientBlobStorage/Pages/Shared/_ValidationScriptsPartial.cshtml

@@ -0,0 +1,2 @@
+<script src="~/lib/jquery-validation/dist/jquery.validate.min.js"></script>
+<script src="~/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js"></script>

MultiClientBlobStorage/Pages/_ViewImports.cshtml

@@ -0,0 +1,3 @@
+@using MultiClientBlobStorage
+@namespace MultiClientBlobStorage.Pages
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers

MultiClientBlobStorage/Pages/_ViewStart.cshtml

@@ -0,0 +1,3 @@
+@{
+    Layout = "_Layout";
+}