/// <summary>
 /// Initializes a new instance of the MobileConnectInterface class
 /// </summary>
 /// <param name="config">Configuration options</param>
 /// <param name="discovery">Instance of IDiscovery concrete implementation</param>
 /// <param name="authentication">Instance of IAuthentication concrete implementation</param>
 /// <param name="identity">Instance of IIdentityService concrete implementation</param>
 /// <param name="jwks">Instance of IJWKeysetService concrete implementation</param>
 public MobileConnectInterface(MobileConnectConfig config, IDiscoveryService discovery, IAuthenticationService authentication, IIdentityService identity, IJWKeysetService jwks)
 {
     this._discovery      = discovery;
     this._authentication = authentication;
     this._identity       = identity;
     this._jwks           = jwks;
     this._config         = config;
 }
Beispiel #2
0
        public MobileConnectInterface(IDiscoveryService discovery, IAuthenticationService authentication, MobileConnectConfig config)
        {
            var client = new RestClient();

            _discovery      = discovery;
            _authentication = authentication;
            _identity       = new IdentityService(client);
            _jwks           = new JWKeysetService(client, new DiscoveryCache());
            _config         = config;
        }
        public MobileConnectInterface(IDiscoveryService discovery, IAuthenticationService authentication, MobileConnectConfig config)
        {
            var cache  = discovery.Cache;
            var client = new Utils.RestClient();

            this._discovery      = discovery;
            this._authentication = authentication;
            this._identity       = new IdentityService(client);
            this._jwks           = new JWKeysetService(client, cache);
            this._config         = config;
        }
        /// <summary>
        /// Initializes a new instance of the MobileConnectWebInterface class
        /// </summary>
        /// <param name="discovery">Instance of IDiscovery concrete implementation</param>
        /// <param name="authentication">Instance of IAuthentication concrete implementation</param>
        /// <param name="identity">Instance of IIdentityService concrete implementation</param>
        /// <param name="jwks">Instance of IJWKeysetService concrete implementation</param>
        /// <param name="config">Configuration options</param>
        public MobileConnectWebInterface(IDiscoveryService discovery, IAuthenticationService authentication, IIdentityService identity, IJWKeysetService jwks, MobileConnectConfig config)
        {
            this._discovery          = discovery;
            this._authentication     = authentication;
            this._identity           = identity;
            this._jwks               = jwks;
            this._config             = config;
            this._cacheWithSessionId = config.CacheResponsesWithSessionId && discovery.Cache != null;

            Log.Debug(() => _cacheWithSessionId ? $"MobileConnectWebInterface caching enabled with type={discovery.Cache.GetType().AssemblyQualifiedName}" : "MobileConnectWebInterface caching disabled");
        }
        public MobileConnectWebInterface(IDiscoveryService discovery, IAuthenticationService authentication, MobileConnectConfig config)
        {
            var cache  = discovery.Cache;
            var client = new Utils.RestClient();

            this._discovery          = discovery;
            this._authentication     = authentication;
            this._identity           = new IdentityService(client);
            this._jwks               = new JWKeysetService(client, cache);
            this._config             = config;
            this._cacheWithSessionId = config.CacheResponsesWithSessionId && _discovery.Cache != null;

            Log.Debug(() => _cacheWithSessionId ? $"MobileConnectWebInterface caching enabled with type={cache.GetType().AssemblyQualifiedName}" : "MobileConnectWebInterface caching disabled");
        }
        public MobileConnectWebInterface(
            IDiscoveryService discovery,
            IAuthenticationService authentication,
            MobileConnectConfig config)
        {
            var client = new RestClient();

            _discovery          = discovery;
            _authentication     = authentication;
            _identity           = new IdentityService(client);
            _jwks               = new JWKeysetService(client, new DiscoveryCache());
            _config             = config;
            _cacheWithSessionId = config.CacheResponsesWithSessionId;
            _sessionCahce       = new SessionCache();

            Log.Debug(() => _cacheWithSessionId ?
                      $"MobileConnectWebInterface caching enabled with " +
                      $"type={_sessionCahce.GetType().AssemblyQualifiedName}" :
                      "MobileConnectWebInterface caching disabled");
        }
        internal static async Task <MobileConnectStatus> HandleUrlRedirect(IDiscoveryService discovery, IAuthenticationService authentication, IJWKeysetService jwks, Uri redirectedUrl, DiscoveryResponse discoveryResponse,
                                                                           string expectedState, string expectedNonce, MobileConnectConfig config, MobileConnectRequestOptions options)
        {
            if (HttpUtils.ExtractQueryValue(redirectedUrl.Query, "code") != null)
            {
                return(await RequestToken(authentication, jwks, discoveryResponse, redirectedUrl, expectedState, expectedNonce, config, options));
            }
            else if (HttpUtils.ExtractQueryValue(redirectedUrl.Query, "mcc_mnc") != null)
            {
                return(await AttemptDiscoveryAfterOperatorSelection(discovery, redirectedUrl, config));
            }

            string errorCode = HttpUtils.ExtractQueryValue(redirectedUrl.Query, "error") ?? ErrorCodes.InvalidRedirect;
            string errorDesc = HttpUtils.ExtractQueryValue(redirectedUrl.Query, "error_description") ?? HttpUtils.ExtractQueryValue(redirectedUrl.Query, "description") ?? string.Format("Unable to parse next step using {0}", redirectedUrl.AbsoluteUri);

            return(MobileConnectStatus.Error(errorCode, errorDesc, null));
        }
        internal static async Task <MobileConnectStatus> RequestToken(IAuthenticationService authentication, IJWKeysetService jwks, DiscoveryResponse discoveryResponse, Uri redirectedUrl, string expectedState,
                                                                      string expectedNonce, MobileConnectConfig config, MobileConnectRequestOptions options)
        {
            RequestTokenResponse response;

            if (!IsUsableDiscoveryResponse(discoveryResponse))
            {
                return(MobileConnectStatus.StartDiscovery());
            }

            if (string.IsNullOrEmpty(expectedState))
            {
                return(MobileConnectStatus.Error(ErrorCodes.InvalidArgument, "ExpectedState argument was not supplied, this is needed to prevent Cross-Site Request Forgery", null));
            }

            if (string.IsNullOrEmpty(expectedNonce))
            {
                return(MobileConnectStatus.Error(ErrorCodes.InvalidArgument, "expectedNonce argument was not supplied, this is needed to prevent Replay Attacks", null));
            }

            var actualState = HttpUtils.ExtractQueryValue(redirectedUrl.Query, "state");

            if (expectedState != actualState)
            {
                return(MobileConnectStatus.Error(ErrorCodes.InvalidState, "State values do not match, this could suggest an attempted Cross-Site Request Forgery", null));
            }

            try
            {
                var code            = HttpUtils.ExtractQueryValue(redirectedUrl.Query, "code");
                var clientId        = discoveryResponse.ResponseData.response.client_id ?? config.ClientId;
                var clientSecret    = discoveryResponse.ResponseData.response.client_secret ?? config.ClientSecret;
                var requestTokenUrl = discoveryResponse.OperatorUrls.RequestTokenUrl;
                var issuer          = discoveryResponse.ProviderMetadata.Issuer;

                var tokenTask = authentication.RequestTokenAsync(clientId, clientSecret, requestTokenUrl, config.RedirectUrl, code);
                var jwksTask  = jwks.RetrieveJWKSAsync(discoveryResponse.OperatorUrls.JWKSUrl);

                // execute both tasks in parallel
                await Task.WhenAll(tokenTask, jwksTask).ConfigureAwait(false);

                response = tokenTask.Result;

                var maxSupportedVersion = discoveryResponse.ProviderMetadata?.MobileConnectVersionSupported == null ? "mc_v1.1" : discoveryResponse.ProviderMetadata.MobileConnectVersionSupported.MaxSupportedVersionString;

                return(HandleTokenResponse(authentication, response, clientId, issuer, expectedNonce,
                                           maxSupportedVersion, jwksTask.Result, options));
            }
            catch (MobileConnectInvalidArgumentException e)
            {
                Log.Error(() => $"An invalid argument was passed to RequestToken arg={e.Argument}");
                return(MobileConnectStatus.Error(ErrorCodes.InvalidArgument, string.Format("An argument was found to be invalid during the process. The argument was {0}.", e.Argument), e));
            }
            catch (MobileConnectEndpointHttpException e)
            {
                Log.Error(() => $"A general http error occurred in RequestToken redirectedUrl={redirectedUrl} requestTokenUrl={discoveryResponse.OperatorUrls.RequestTokenUrl} jwksUrl={discoveryResponse.OperatorUrls.JWKSUrl}");
                return(MobileConnectStatus.Error(ErrorCodes.HttpFailure, "An HTTP failure occured while calling the operator token endpoint, the endpoint may be inaccessible", e));
            }
            catch (Exception e)
            {
                Log.Error(() => $"A general error occurred in RequestToken redirectedUrl={redirectedUrl} requestTokenUrl={discoveryResponse.OperatorUrls.RequestTokenUrl} jwksUrl={discoveryResponse.OperatorUrls.JWKSUrl}");
                return(MobileConnectStatus.Error(ErrorCodes.Unknown, "A failure occured while requesting a token", e));
            }
        }
        internal static async Task <MobileConnectStatus> RequestHeadlessAuthentication(IAuthenticationService authentication, IJWKeysetService jwks, IIdentityService identity, DiscoveryResponse discoveryResponse, string encryptedMSISDN,
                                                                                       string state, string nonce, MobileConnectConfig config, MobileConnectRequestOptions options, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (!IsUsableDiscoveryResponse(discoveryResponse))
            {
                return(MobileConnectStatus.StartDiscovery());
            }

            MobileConnectStatus status;

            try
            {
                string                clientId          = discoveryResponse.ResponseData.response.client_id ?? config.ClientId;
                string                clientSecret      = discoveryResponse.ResponseData.response.client_secret;
                string                authorizationUrl  = discoveryResponse.OperatorUrls.AuthorizationUrl;
                string                tokenUrl          = discoveryResponse.OperatorUrls.RequestTokenUrl;
                string                issuer            = discoveryResponse.ProviderMetadata.Issuer;
                SupportedVersions     supportedVersions = discoveryResponse.ProviderMetadata.MobileConnectVersionSupported;
                AuthenticationOptions authOptions       = options?.AuthenticationOptions ?? new AuthenticationOptions();
                authOptions.ClientName = discoveryResponse.ApplicationShortName;

                var jwksTask  = jwks.RetrieveJWKSAsync(discoveryResponse.OperatorUrls.JWKSUrl);
                var tokenTask = authentication.RequestHeadlessAuthentication(clientId, clientSecret, authorizationUrl, tokenUrl, config.RedirectUrl, state, nonce,
                                                                             encryptedMSISDN, supportedVersions, authOptions, cancellationToken);

                // execute both tasks in parallel
                await Task.WhenAll(tokenTask, jwksTask).ConfigureAwait(false);

                RequestTokenResponse response = tokenTask.Result;

                status = HandleTokenResponse(authentication, response, clientId, issuer, nonce,
                                             discoveryResponse.ProviderMetadata.MobileConnectVersionSupported.MaxSupportedVersionString, jwksTask.Result, options);
            }
            catch (MobileConnectInvalidArgumentException e)
            {
                Log.Error(() => $"An invalid argument was passed to RequestHeadlessAuthentication arg={e.Argument}");
                return(MobileConnectStatus.Error(ErrorCodes.InvalidArgument, string.Format("An argument was found to be invalid during the process. The argument was {0}.", e.Argument), e));
            }
            catch (MobileConnectEndpointHttpException e)
            {
                Log.Error(() => $"A general http error occurred in RequestHeadlessAuthentication state={state} nonce={nonce} authUrl={discoveryResponse.OperatorUrls.AuthorizationUrl} tokenUrl={discoveryResponse.OperatorUrls.RequestTokenUrl}");
                return(MobileConnectStatus.Error(ErrorCodes.HttpFailure, "An HTTP failure occured while calling the discovery endpoint, the endpoint may be inaccessible", e));
            }
            catch (Exception e)
            {
                Log.Error(() => $"A general error occurred in RequestHeadlessAuthentication state={state} nonce={nonce} authUrl={discoveryResponse.OperatorUrls.AuthorizationUrl} tokenUrl={discoveryResponse.OperatorUrls.RequestTokenUrl}");
                return(MobileConnectStatus.Error(ErrorCodes.Unknown, "An unknown error occured while generating an authorization url", e));
            }

            if (status.ResponseType == MobileConnectResponseType.Error ||
                !options.AutoRetrieveIdentityHeadless || string.IsNullOrEmpty(discoveryResponse.OperatorUrls.PremiumInfoUrl))
            {
                return(status);
            }

            var identityStatus = await RequestIdentity(identity, discoveryResponse, status.TokenResponse.ResponseData.AccessToken, config, options);

            status.IdentityResponse = identityStatus.IdentityResponse;

            return(status);
        }
Beispiel #10
0
 public void Setup()
 {
     _restClient  = new MockRestClient();
     _jwksService = new JWKeysetService(_restClient, new ConcurrentCache());
 }