public IActionResult ValidateToken(string authToken)
{
var validPayload = GoogleJsonWebSignature.ValidateAsync(authToken);
if (validPayload == null)
{
return(StatusCode(StatusCodes.Status403Forbidden, new { response = string.Empty, message = GlobalErrorMessages.INVALID_TOKEN }));
}
var requestUri = new Uri(string.Format(GoogleApiTokenInfoUrl, authToken));
HttpResponseMessage httpResponseMessage;
using (var httpClient = new HttpClient())
{
try
{
httpResponseMessage = httpClient.GetAsync(requestUri).Result;
}
catch (Exception ex)
{
return(StatusCode(StatusCodes.Status400BadRequest, new { response = string.Empty, message = ex.InnerException.Message ?? ex.Message }));
}
}
if (httpResponseMessage.StatusCode != HttpStatusCode.OK)
{
return(StatusCode(StatusCodes.Status403Forbidden, new { response = string.Empty, message = GlobalErrorMessages.INVALID_TOKEN }));
}
var response = httpResponseMessage.Content.ReadAsStringAsync().Result;
GoogleApiTokenInfo userInfo = JsonConvert.DeserializeObject <GoogleApiTokenInfo>(response);
if (_config.GetSection("GoogleClientId").Value.ToString() != userInfo.aud.ToString())
{
return(StatusCode(StatusCodes.Status403Forbidden, new { response = string.Empty, message = GlobalErrorMessages.INVALID_TOKEN }));
}
if (userInfo != null && !String.IsNullOrEmpty(userInfo.email))
{
if (!userInfo.email.Contains(_config.GetSection("CompanyDomain").Value.ToString()))
{
return(StatusCode(StatusCodes.Status403Forbidden, new { response = string.Empty, message = GlobalErrorMessages.INVALID_EMAIL_ADDRESS }));
}
/// Check user register or not CheckUserExistWithEmailAndAdd
UserDTO objUser = new UserDTO();
objUser.Email = userInfo.email;
objUser.FirstName = userInfo.name.Split(' ')[0];
objUser.LastName = userInfo.name.Split(' ')[1];
objUser.UserName = userInfo.email;
objUser.LoginProvider = Enumaration.LoginProvide.Google.ToString();
objUser.ProfileImage = userInfo.picture;
UserDTO checkUser = _accountApplication.CheckUserExistWithEmailAndAdd(objUser);
}
return(Ok());
}
