Session refresh implemented.

Author: eben-roux

Shuttle.Access.Application/Messages/RefreshSession.cs

@@ -0,0 +1,19 @@
+using System;
+
+namespace Shuttle.Access.Application;
+
+public class RefreshSession
+{
+    public string IdentityName { get; }
+    public Guid? Token { get; }
+
+    public RefreshSession(Guid token)
+    {
+        Token = token;
+    }
+
+    public RefreshSession(string identityName)
+    {
+        IdentityName = identityName;
+    }
+}

Shuttle.Access.Application/RefreshSessionParticipant.cs

@@ -0,0 +1,53 @@
+using System.Threading.Tasks;
+using Shuttle.Access.Messages.v1;
+using Shuttle.Core.Contract;
+using Shuttle.Core.Mediator;
+using Shuttle.Esb;
+
+namespace Shuttle.Access.Application;
+
+public class RefreshSessionParticipant : IAsyncParticipant<RefreshSession>
+{
+    private readonly IAccessService _accessService;
+    private readonly IAuthorizationService _authorizationService;
+    private readonly IServiceBus _serviceBus;
+    private readonly ISessionRepository _sessionRepository;
+
+    public RefreshSessionParticipant(IServiceBus serviceBus, IAccessService accessService, IAuthorizationService authorizationService, ISessionRepository sessionRepository)
+    {
+        _serviceBus = Guard.AgainstNull(serviceBus);
+        _accessService = Guard.AgainstNull(accessService);
+        _authorizationService = Guard.AgainstNull(authorizationService);
+        _sessionRepository = Guard.AgainstNull(sessionRepository);
+    }
+
+    public async Task ProcessMessageAsync(IParticipantContext<RefreshSession> context)
+    {
+        Guard.AgainstNull(context);
+
+        var session = context.Message.Token.HasValue
+            ? await _sessionRepository.FindAsync(context.Message.Token.Value)
+            : await _sessionRepository.FindAsync(context.Message.IdentityName);
+
+        if (session == null)
+        {
+            return;
+        }
+
+        session.ClearPermissions();
+
+        foreach (var permission in await _authorizationService.GetPermissionsAsync(session.IdentityName))
+        {
+            session.AddPermission(permission);
+        }
+
+        await _sessionRepository.SaveAsync(session);
+
+        _accessService.Flush(session.Token);
+
+        await _serviceBus.PublishAsync(new SessionRefreshed
+        {
+            Token = session.Token
+        });
+    }
+}

Shuttle.Access.Messages/v1/SessionRefreshed.cs

@@ -0,0 +1,8 @@
+using System;
+
+namespace Shuttle.Access.Messages.v1;
+
+public class SessionRefreshed
+{
+    public Guid Token { get; set; }
+}

Shuttle.Access.Server/Program.cs

@@ -77,6 +77,7 @@ private static async Task Main(string[] args)
                     })
                     .AddEventStore()
                     .AddSqlSubscription()
+                    .AddDataStoreAccessService()
                     .AddMediator(builder =>
                     {
                         builder.AddParticipants(Assembly.Load("Shuttle.Access.Application"));

Shuttle.Access.WebApi/Handlers/AccessServiceHandler.cs

@@ -0,0 +1,134 @@
+using Shuttle.Access.Application;
+using Shuttle.Access.DataAccess;
+using Shuttle.Access.Messages.v1;
+using Shuttle.Core.Contract;
+using Shuttle.Core.Data;
+using Shuttle.Core.Mediator;
+using Shuttle.Esb;
+using Shuttle.Recall;
+
+namespace Shuttle.Access.WebApi.Handlers;
+
+public class AccessServiceHandler :
+    IAsyncMessageHandler<IdentityRoleSet>,
+    IAsyncMessageHandler<RolePermissionSet>,
+    IAsyncMessageHandler<PermissionStatusSet>
+{
+    private readonly IMediator _mediator;
+    private readonly IDatabaseContextFactory _databaseContextFactory;
+    private readonly IIdentityQuery _identityQuery;
+    private readonly IPermissionQuery _permissionQuery;
+    private readonly IProjectionRepository _projectionRepository;
+    private readonly ISessionQuery _sessionQuery;
+
+    public AccessServiceHandler(IDatabaseContextFactory databaseContextFactory, IIdentityQuery identityQuery, IProjectionRepository projectionRepository, IPermissionQuery permissionQuery, ISessionQuery sessionQuery, IMediator mediator)
+    {
+        _databaseContextFactory = Guard.AgainstNull(databaseContextFactory);
+        _identityQuery = Guard.AgainstNull(identityQuery);
+        _projectionRepository = Guard.AgainstNull(projectionRepository);
+        _permissionQuery = Guard.AgainstNull(permissionQuery);
+        _sessionQuery = Guard.AgainstNull(sessionQuery);
+        _mediator = Guard.AgainstNull(mediator);
+    }
+
+    public async Task ProcessMessageAsync(IHandlerContext<IdentityRoleSet> context)
+    {
+        Guard.AgainstNull(context, nameof(context));
+
+        var message = context.Message;
+
+        using (new DatabaseContextScope())
+        await using (_databaseContextFactory.Create())
+        {
+            if (await _projectionRepository.GetSequenceNumberAsync(ProjectionNames.Identity) < message.SequenceNumber)
+            {
+                await context.SendAsync(message, c => c.Defer(DateTime.UtcNow.AddSeconds(5)).Local());
+
+                return;
+            }
+
+            if (message.Active)
+            {
+                await RefreshAsync(new DataAccess.Query.Identity.Specification().WithRoleId(message.RoleId));
+            }
+            else
+            {
+                await RefreshAsync(new DataAccess.Query.Session.Specification().AddPermissions(
+                    (await _permissionQuery.SearchAsync(new DataAccess.Query.Permission.Specification().AddRoleId(message.RoleId)))
+                    .Select(item => item.Name)));
+            }
+        }
+    }
+
+    public async Task ProcessMessageAsync(IHandlerContext<PermissionStatusSet> context)
+    {
+        Guard.AgainstNull(context, nameof(context));
+
+        var message = context.Message;
+
+        using (new DatabaseContextScope())
+        await using (_databaseContextFactory.Create())
+        {
+            if (await _projectionRepository.GetSequenceNumberAsync(ProjectionNames.Permission) < message.SequenceNumber)
+            {
+                await context.SendAsync(message, c => c.Defer(DateTime.UtcNow.AddSeconds(5)).Local());
+
+                return;
+            }
+
+            if (message.Status == (int)PermissionStatus.Removed)
+            {
+                await RefreshAsync(new DataAccess.Query.Session.Specification().AddPermission(message.Name));
+            }
+            else
+            {
+                await RefreshAsync(new DataAccess.Query.Identity.Specification().WithPermissionId(message.Id));
+            }
+        }
+    }
+
+    public async Task ProcessMessageAsync(IHandlerContext<RolePermissionSet> context)
+    {
+        Guard.AgainstNull(context, nameof(context));
+
+        var message = context.Message;
+
+        using (new DatabaseContextScope())
+        await using (_databaseContextFactory.Create())
+        {
+            if (await _projectionRepository.GetSequenceNumberAsync(ProjectionNames.Role) < message.SequenceNumber)
+            {
+                await context.SendAsync(message, c => c.Defer(DateTime.UtcNow.AddSeconds(5)).Local());
+
+                return;
+            }
+
+            if (message.Active)
+            {
+                await RefreshAsync(new DataAccess.Query.Identity.Specification().WithRoleId(message.RoleId));
+            }
+            else
+            { 
+                await RefreshAsync(new DataAccess.Query.Session.Specification().AddPermissions(
+                    (await _permissionQuery.SearchAsync(new DataAccess.Query.Permission.Specification().AddId(message.PermissionId)))
+                    .Select(item => item.Name)));
+            }
+        }
+    }
+
+    private async Task RefreshAsync(DataAccess.Query.Session.Specification specification)
+    {
+        foreach (var session in await _sessionQuery.SearchAsync(specification))
+        {
+            await _mediator.SendAsync(new RefreshSession(session.Token));
+        }
+    }
+
+    private async Task RefreshAsync(DataAccess.Query.Identity.Specification specification)
+    {
+        foreach (var identity in await _identityQuery.SearchAsync(specification))
+        {
+            await _mediator.SendAsync(new RefreshSession(identity.Name));
+        }
+    }
+}

Shuttle.Access.WebApi/Program.cs

@@ -109,6 +109,7 @@ public static void Main(string[] args)
             {
                 webApplicationBuilder.Configuration.GetSection(ServiceBusOptions.SectionName).Bind(builder.Options);
 
+                builder.Options.Asynchronous = true;
                 builder.Options.Subscription.ConnectionStringName = "Access";
 
                 builder.AddSubscription<IdentityRoleSet>();
@@ -117,10 +118,14 @@ public static void Main(string[] args)
             })
             .AddAzureStorageQueues(builder =>
             {
-                builder.AddOptions("azure", new()
+                var queueOptions = webApplicationBuilder.Configuration.GetSection($"{AzureStorageQueueOptions.SectionName}:Access").Get<AzureStorageQueueOptions>() ?? new();
+
+                if (string.IsNullOrWhiteSpace(queueOptions.StorageAccount))
                 {
-                    ConnectionString = webApplicationBuilder.Configuration.GetConnectionString("azure")
-                });
+                    queueOptions.ConnectionString = webApplicationBuilder.Configuration.GetConnectionString("azure") ?? string.Empty;
+                }
+
+                builder.AddOptions("azure", queueOptions);
             })
             .AddEventStore()
             .AddSqlEventStorage(builder =>

Shuttle.Access.WebApi/appsettings.json

@@ -14,15 +14,15 @@
       "OAuthRedirectUri": "http://localhost:3000/oauth",
       "OAuthProviderNames": [
         "GitHub"
-      ] 
+      ]
     },
     "OAuth": {
       "GitHub": {
         "authorizationUrl": "https://github.com/login/oauth/authorize?client_id=__ClientId__&redirect_uri=__RedirectUri__&scope=__Scope__",
         "scope": "user:email",
         "tokenUrl": "https://github.com/login/oauth/access_token",
         "dataUrl": "https://api.github.com/user"
-      } 
+      }
     },
     "ServiceBus": {
       "Inbox": {