359507 impersonate user support

Scenario Based Samples/User impersonate/.github/workflows/gitleaks.yml

@@ -0,0 +1,38 @@
+name: Secret Value found!!
+on:
+  push:
+  public:
+jobs:
+  scan:
+    name: gitleaks
+    runs-on: ubuntu-latest
+    steps:
+     - name: Checkout
+       uses: actions/checkout@v3 
+     - name: Install the gitleaks
+       run: wget https://github.com/zricethezav/gitleaks/releases/download/v8.15.2/gitleaks_8.15.2_linux_x64.tar.gz
+       shell: pwsh
+     - name: Extract the tar file
+       run: tar xzvf gitleaks_8.15.2_linux_x64.tar.gz
+     - name: Generate the report
+       id: gitleaks
+       run: $GITHUB_WORKSPACE/gitleaks detect -s $GITHUB_WORKSPACE -f json -r $GITHUB_WORKSPACE/leaksreport.json
+       shell: bash
+       continue-on-error: true
+     - name: Setup NuGet.exe
+       if: steps.gitleaks.outcome != 'success'
+       uses: nuget/setup-nuget@v1
+       with:
+          nuget-version: latest
+     - name: Install the dotnet
+       if: steps.gitleaks.outcome != 'success'
+       uses: actions/setup-dotnet@v3
+       with:
+          dotnet-version: '3.1.x'
+     - name: Install the report tool packages
+       if: steps.gitleaks.outcome != 'success'
+       run: |
+           nuget install "Syncfusion.Email" -source "https://nexus.syncfusion.com/repository/nuget-hosted/" -version 1.1.0
+           dir $GITHUB_WORKSPACE/Syncfusion.Email.1.1.0/lib/netcoreapp3.1
+           dotnet $GITHUB_WORKSPACE/Syncfusion.Email.1.1.0/lib/netcoreapp3.1/GitleaksReportMail.dll "citeam@syncfusion.com" "$GITHUB_REF_NAME" ${{ secrets.NETWORKCREDENTIALS }} ${{ secrets.NETWORKKEY }} "$GITHUB_WORKSPACE" "boldbi"
+           exit 1

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.31112.23
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "BoldBI.Embed.Sample", "BoldBI.Embed.Sample\BoldBI.Embed.Sample.csproj", "{6D5CD714-8E10-490B-A604-EC1EAC6207F0}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{6D5CD714-8E10-490B-A604-EC1EAC6207F0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{6D5CD714-8E10-490B-A604-EC1EAC6207F0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{6D5CD714-8E10-490B-A604-EC1EAC6207F0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{6D5CD714-8E10-490B-A604-EC1EAC6207F0}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {17ED8247-4B6E-42E3-930D-F78C333EADE9}
+	EndGlobalSection
+EndGlobal

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/BoldBI.Embed.Sample.csproj

@@ -0,0 +1,23 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <RootNamespace>BoldBI.Embed.Sample</RootNamespace>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Compile Remove="App_Data\**" />
+    <Compile Remove="wwwroot\lib\**" />
+    <Content Remove="App_Data\**" />
+    <Content Remove="wwwroot\lib\**" />
+    <EmbeddedResource Remove="App_Data\**" />
+    <EmbeddedResource Remove="wwwroot\lib\**" />
+    <None Remove="App_Data\**" />
+    <None Remove="wwwroot\lib\**" />
+  </ItemGroup>
+
+  <ItemGroup>
+     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
+  </ItemGroup>
+
+</Project>

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/Controllers/HomeController.cs

@@ -0,0 +1,132 @@
+using System;
+using System.Net.Http;
+using Microsoft.AspNetCore.Mvc;
+using BoldBI.Embed.Sample.Models;
+using Newtonsoft.Json;
+using System.Collections.Generic;
+using System.Security.Cryptography;
+using System.IO;
+
+namespace BoldBI.Embed.Sample.Controllers
+{
+    public class HomeController : Controller
+    {
+        public IActionResult Index()
+        {
+            try
+            {
+                string basePath = AppDomain.CurrentDomain.BaseDirectory;
+                string jsonString = System.IO.File.ReadAllText(Path.Combine(basePath, "embedConfig.json"));
+                GlobalAppSettings.EmbedDetails = JsonConvert.DeserializeObject<EmbedDetails>(jsonString);
+
+                // Pass specific properties to the view using ViewBag
+                ViewBag.DashboardId = GlobalAppSettings.EmbedDetails.DashboardId;
+                ViewBag.ServerUrl = GlobalAppSettings.EmbedDetails.ServerUrl;
+                ViewBag.EmbedType = GlobalAppSettings.EmbedDetails.EmbedType;
+                ViewBag.Environment = GlobalAppSettings.EmbedDetails.Environment;
+                ViewBag.SiteIdentifier = GlobalAppSettings.EmbedDetails.SiteIdentifier;
+
+                return View();
+            }
+            catch
+            {
+                return View("EmbedConfigErrorLog");
+            }
+        }
+
+        [HttpGet]
+        [Route("DashboardListing")]
+        public IActionResult DashboardListing()
+        {
+            // Pass specific properties to the view using ViewBag
+            ViewBag.DashboardId = GlobalAppSettings.EmbedDetails.DashboardId;
+            ViewBag.ServerUrl = GlobalAppSettings.EmbedDetails.ServerUrl;
+            ViewBag.EmbedType = GlobalAppSettings.EmbedDetails.EmbedType;
+            ViewBag.Environment = GlobalAppSettings.EmbedDetails.Environment;
+            ViewBag.SiteIdentifier = GlobalAppSettings.EmbedDetails.SiteIdentifier;
+
+            return View();
+        }
+
+        [HttpGet]
+        [Route("GetDashboards")]
+        public string GetDashboards()
+        {
+            var token = GetToken();
+
+            using (var client = new HttpClient())
+            {
+                client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
+                client.DefaultRequestHeaders.Accept.Clear();
+                client.DefaultRequestHeaders.Add("Authorization", token.TokenType + " " + token.AccessToken);
+                var result = client.GetAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/v2.0/items?ItemType=2").Result;
+                string resultContent = result.Content.ReadAsStringAsync().Result;
+                return resultContent;
+            }
+        }
+
+        public Token GetToken()
+        {
+            using (var client = new HttpClient())
+            {
+                client.BaseAddress = new Uri(GlobalAppSettings.EmbedDetails.ServerUrl);
+                client.DefaultRequestHeaders.Accept.Clear();
+
+                var content = new FormUrlEncodedContent(new[]
+                {
+                    new KeyValuePair<string, string>("grant_type", "embed_secret"),
+                    new KeyValuePair<string, string>("Username", GlobalAppSettings.EmbedDetails.UserEmail),
+                    new KeyValuePair<string, string>("embed_secret", GlobalAppSettings.EmbedDetails.EmbedSecret)
+                });
+                var result = client.PostAsync(GlobalAppSettings.EmbedDetails.ServerUrl + "/api/" + GlobalAppSettings.EmbedDetails.SiteIdentifier + "/token", content).Result;
+                string resultContent = result.Content.ReadAsStringAsync().Result;
+                var response = JsonConvert.DeserializeObject<Token>(resultContent);
+                return response;
+            }
+        }
+
+        [HttpPost]
+        [Route("AuthorizationServer")]
+        public string AuthorizationServer([FromBody] object embedQuerString)
+        {
+            var embedClass = Newtonsoft.Json.JsonConvert.DeserializeObject<EmbedClass>(embedQuerString.ToString());
+
+            var embedQuery = embedClass.embedQuerString;
+            // User your user-email as embed_user_email
+            embedQuery += "&embed_user_email=" + GlobalAppSettings.EmbedDetails.UserEmail;
+            //To set embed_server_timestamp to overcome the EmbedCodeValidation failing while different timezone using at client application.
+            double timeStamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
+            embedQuery += "&embed_server_timestamp=" + timeStamp;
+            //Set another user mail as embed_ipersonate_email this will override the embed_user_email 
+            embedQuery += "&embed_impersonate_email=" + "demo@boldbi.com";
+            var embedDetailsUrl = "/embed/authorize?" + embedQuery + "&embed_signature=" + GetSignatureUrl(embedQuery);
+
+            using (var client = new HttpClient())
+            {
+                client.BaseAddress = new Uri(embedClass.dashboardServerApiUrl);
+                client.DefaultRequestHeaders.Accept.Clear();
+
+                var result = client.GetAsync(embedClass.dashboardServerApiUrl + embedDetailsUrl).Result;
+                string resultContent = result.Content.ReadAsStringAsync().Result;
+                return resultContent;
+            }
+
+        }
+
+        public string GetSignatureUrl(string queryString)
+        {
+            if (queryString != null)
+            {
+                var encoding = new System.Text.UTF8Encoding();
+                var keyBytes = encoding.GetBytes(GlobalAppSettings.EmbedDetails.EmbedSecret);
+                var messageBytes = encoding.GetBytes(queryString);
+                using (var hmacsha1 = new HMACSHA256(keyBytes))
+                {
+                    var hashMessage = hmacsha1.ComputeHash(messageBytes);
+                    return Convert.ToBase64String(hashMessage);
+                }
+            }
+            return string.Empty;
+        }
+    }
+}

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/Models/DataClass.cs

@@ -0,0 +1,68 @@
+using Newtonsoft.Json;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Runtime.Serialization;
+using System.Threading.Tasks;
+
+namespace BoldBI.Embed.Sample.Models
+{
+    [DataContract]
+    public class EmbedClass
+    {
+        [DataMember]
+        public string embedQuerString { get; set; }
+        [DataMember]
+        public string dashboardServerApiUrl { get; set; }
+    }
+
+    public class TokenObject
+    {
+        public string Message { get; set; }
+
+        public string Status { get; set; }
+
+        public string Token { get; set; }
+    }
+
+    public class Token
+    {
+        [JsonProperty("access_token")]
+        public string AccessToken { get; set; }
+
+        [JsonProperty("token_type")]
+        public string TokenType { get; set; }
+
+        [JsonProperty("expires_in")]
+        public string ExpiresIn { get; set; }
+
+        [JsonProperty("email")]
+        public string Email { get; set; }
+
+        public string LoginResult { get; set; }
+
+        public string LoginStatusInfo { get; set; }
+
+        [JsonProperty(".issued")]
+        public string Issued { get; set; }
+
+        [JsonProperty(".expires")]
+        public string Expires { get; set; }
+    }
+    public class EmbedDetails
+    {
+        public string Environment { get; set; }
+
+        public string SiteIdentifier { get; set; }
+
+        public string ServerUrl { get; set; }
+
+        public string EmbedSecret { get; set; }
+
+        public string UserEmail { get; set; }
+
+        public string EmbedType { get; set; }
+
+        public string DashboardId { get; set; }
+    }
+}

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/Models/GlobalAppSettings.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace BoldBI.Embed.Sample.Models
+{
+    public class GlobalAppSettings
+    {
+        public static EmbedDetails EmbedDetails { get; set; }
+    }
+}

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/Program.cs

@@ -0,0 +1,31 @@
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// Add services to the container.
+builder.Services.AddControllersWithViews();
+
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (!app.Environment.IsDevelopment())
+{
+    app.UseExceptionHandler("/Home/Error");
+    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
+    app.UseHsts();
+}
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+
+app.UseRouting();
+
+app.UseAuthorization();
+
+app.MapControllerRoute(
+    name: "default",
+    pattern: "{controller=Home}/{action=Index}/{id?}");
+
+app.Run();

Scenario Based Samples/User impersonate/BoldBI.Embed.Sample/Properties/launchSettings.json

@@ -0,0 +1,27 @@
+{
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:61377",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "BoldBI.Embed.Sample": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      },
+      "applicationUrl": "http://localhost:5000"
+    }
+  }
+}