/// <summary>
/// Given an <see cref="RoAuthenticationRequestDto" />, it will do the authentication on the provider and return a <see cref="AuthenticationResponseDto" />
/// </summary>
/// <param name="request">The authentication request details containing information regarding the connection, username, password etc.</param>
/// <param name="auth0Domain">The Auth0 domain to which to target the request to.</param>
/// <returns>A <see cref="AuthenticationResponseDto" /> with the access token.</returns>
public Task <AuthenticationResponseDto> AuthenticateAsync(RoAuthenticationRequestDto request, string auth0Domain)
{
return(PostAsync <AuthenticationResponseDto>(auth0Domain + (auth0Domain.EndsWith("/") ? "" : "/") + "oauth/ro", request));
}
/// <summary>
/// Refactoring Auth0TokenProvider functionality to support multiple types.
/// Updates the auth0 authentication header for the client id using username and password asynchronous.
/// </summary>
/// <param name="clientId">The client identifier.</param>
/// <param name="forceRefresh">if set to <c>true</c> [force refresh].</param>
/// <returns>
/// A task, when completed, ensures that the authentication header got updated.
/// </returns>
/// <exception cref="System.Collections.Generic.KeyNotFoundException"></exception>
public override async Task UpdateAuthHeaderWithCredentialsAsync(string clientId, bool forceRefresh = false)
{
if (await syncObject.WaitAsync(5000))
{
try
{
if (!clientTokenCache.ContainsKey(clientId))
{
throw new KeyNotFoundException(
$"Cannot update the auth token for client {clientId}, because of missing information.");
}
// Only update if really needed.
// Especially when multiple tasks are invoked at the same time we only need to update once.
// Testing for a valid token happens within GetAuthHeaderForClient but outside of the locked section.
// Therefore it might happen that the token was already updated once entering the locked section.
if (clientTokenCache[clientId].LastRefresh > DateTimeOffset.Now.AddSeconds(-5) && !forceRefresh)
{
return;
}
var request = new RoAuthenticationRequestDto
{
ClientId = clientId, // client ID from bucket service Auth0 app
Username = clientTokenCache[clientId].Auth0Username, // auth0 user
Password = clientTokenCache[clientId].Auth0Password, // the corresponding password
Scope = "openid", // we want openID process
Connection = clientTokenCache[clientId].Auth0Connection, // auth0 connection
GrantType = "password", // it should be granted based on our password
Device = "api" // we want to access an API
};
// authenticate with auth0
var authToken =
await
authenticationApiClient.AuthenticateAsync(request, clientTokenCache[clientId].Auth0ServerUrl);
// set the authorization header
clientTokenCache[clientId].Auth0HeaderValue = new AuthenticationHeaderValue("Bearer", authToken.IdToken);
clientTokenCache[clientId].LastRefresh = DateTimeOffset.Now;
logger.LogInformation($"Successfully authenticated with the service client id {clientId} with username and password.");
ScheduleAutoRefresh(clientTokenCache[clientId]);
}
catch (Exception ex)
{
// any exceptions during authentication are logged here
logger.LogError(
$"Error authenticating with service: {clientId} using user {clientTokenCache[clientId].Auth0Username}.",
ex);
}
finally
{
syncObject.Release();
}
}
else
{
logger.LogWarning("Auth0TokenProvider could not get lock for retrieving an authentication token.");
}
}
