public async Task <Result> AuthorizeAndGetDiscoDetailsAsync(string clientId, string request)
{
var serviceProvider = await AggregatorContext.QueryAsync(ctx => ctx.ServiceProviders
.Include(p => p.AllowedNotificationUris)
.Include(p => p.Discoveries).ThenInclude(d => d.DiscoveryService)
.FirstOrDefaultAsync(p => p.ClientIdOnAggregator == clientId));
if (serviceProvider == null)
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient, GetInvalidDescription(OpenIdConnectParameterNames.ClientId));
}
var jwksString = serviceProvider.UseStoredJwksValue
? serviceProvider.JwksValue
: await cacheAccessor.GetOrCreateAsync(
$"{GetType()}:{nameof(AuthorizeAndGetDiscoDetailsAsync)}:{serviceProvider.Id}",
serviceProvider.JwksCachingInSeconds !.Value,
() => httpClient.GetStringAsync(serviceProvider.JwksUri));
if (!JwtSignatureValidator.Validate(request, jwksString !, out var claims))
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient, "Token validation failed");
}
claims !.TryGetValue(MobileConnectParameterNames.NotificationUri, out var value2);
if (!serviceProvider.AllowedNotificationUris !.Any(u => u.Value == (claims !.TryGetValue(MobileConnectParameterNames.NotificationUri, out var value) ? (string?)value : null)))
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient, GetInvalidDescription(MobileConnectParameterNames.Request));
}
var disco = serviceProvider.Discoveries !.First(d => d.IsEnabled);
return(new(disco.DiscoveryService !.Uri !, disco.ClientIdOnDiscovery !, disco.ClientSecretOnDiscovery !, disco.RedirectUri !));
}
public async Task ValidateIdgwCallBackAsync(DIAuthorizationRequest request, string?code, string?error, string?error_description)
{
if (!string.IsNullOrEmpty(error))
{
var diAuthorizationRequest = await AggregatorContext.QueryAsync(ctx => ctx.DIAuthorizationRequests.FirstAsync(r => r.StateNew == request.StateNew));
diAuthorizationRequest !.Error = error;
diAuthorizationRequest !.ErrorDescription = error_description;
diAuthorizationRequest !.ErrorAt = DateTimeOffset.Now;
await AggregatorContext.SaveAsync(ctx => ctx.DIAuthorizationRequests !.Update(diAuthorizationRequest));
throw new UnifiedException(OAuth2ErrorDetails.GetError(error), error_description);
}
if (string.IsNullOrEmpty(code))
{
var diAuthorizationRequest = await AggregatorContext.QueryAsync(ctx => ctx.DIAuthorizationRequests.FirstAsync(r => r.StateNew == request.StateNew));
diAuthorizationRequest !.Error = "Empty parameter code";
diAuthorizationRequest !.ErrorDescription = "Empty parameter code";
diAuthorizationRequest !.ErrorAt = DateTimeOffset.Now;
await AggregatorContext.SaveAsync(ctx => ctx.DIAuthorizationRequests !.Update(diAuthorizationRequest));
throw new UnifiedException(OAuth2Error.ServerError, "Empty parameter code");
}
}
public void AggregateIncludeTest()
{
var context = new QueryTestContext(new DbContextOptions <QueryTestContext>());
var contextAggregator = new AggregatorContext <QueryTestContext>(new List <QueryTestContext>()
{
context
});
var query = contextAggregator.CreateQueryable(a => a.Students);
}
public async Task <(PremiumInfoToken PremiumInfoToken, bool IsPremiumInfoSigned)> GetAuthStateByTokenAsync(string accessTokenFromAggregatorHash)
{
using var context = new AggregatorContext();
var PremiumInfoToken = await context !.PremiumInfoTokens !.FirstOrDefaultAsync(l => l.AccessTokenOnAggregatorHash == accessTokenFromAggregatorHash);
if (PremiumInfoToken == null)
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient, "No valid token found");
}
var serviceProvider = await context !.ServiceProviders !.FirstOrDefaultAsync(l => l.ClientIdOnAggregator == PremiumInfoToken !.ClientIdOnAggregator);
return(PremiumInfoToken !, serviceProvider !.IsPremiumInfoSigned !);
}
public HomeController(AggregatorContext context, UserManager <appUser> userManager, ITransactionService transactionService,
IAccountSummaryService accountSummaryService, IBankService bankService, SignInManager <appUser> signInManager, ILogger <LoginModel> logger, ISEBAccountAuthService sEBAccountAuthService, IMedBankServices medBankServices)
{
_context = context;
_userManager = userManager;
_transactionService = transactionService;
_accountSummaryService = accountSummaryService;
_bankService = bankService;
_sEBAccountAuthService = sEBAccountAuthService;
_medBankServices = medBankServices;
_signInManager = signInManager;
_logger = logger;
}
public async Task <IActionResult> OnGetAsync(string paramUsername, string paramPassword)
{
if (string.IsNullOrEmpty(paramUsername) || string.IsNullOrEmpty(paramPassword))
{
return(LocalRedirect("/"));
}
string returnUrl = Url.Content("~/");
try
{
// Clear the existing external cookie
await HttpContext
.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}
catch { }
string passwordHash = HelperHash.HashString(paramPassword);
using var context = new AggregatorContext();
var adminUser = await context !.AdminUsers !.FirstOrDefaultAsync(l => l.Login == paramUsername && l.Password == passwordHash);
if (adminUser != null)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, paramUsername),
new Claim(ClaimTypes.Role, "Administrator"),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = true,
RedirectUri = this.Request.Host.Value
};
try
{
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
catch (Exception ex)
{
string error = ex.Message;
throw;
}
return(LocalRedirect(returnUrl));
}
return(LocalRedirect("/"));
}
static public async Task <DiscoverySettings> GetSettingsByClientId(string clientId)
{
var serviceProvider = await AggregatorContext.QueryAsync(ctx => ctx.ServiceProviders
.Include(p => p.AllowedNotificationUris)
.Include(p => p.Discoveries).ThenInclude(d => d.DiscoveryService)
.FirstOrDefaultAsync(p => p.ClientIdOnAggregator == clientId));
if (serviceProvider == null)
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient, GetInvalidDescription(OpenIdConnectParameterNames.ClientId));
}
var disco = serviceProvider.Discoveries !.First(d => d.IsEnabled);
return(new DiscoverySettings(disco.DiscoveryService !.Uri !, disco.ClientIdOnDiscovery !, disco.ClientSecretOnDiscovery !, disco.RedirectUri !));
}
public void ProductController_PayWithROBOKASSAAsync_ShouldReturnNotFound()
{
//Arrange
var options = new DbContextOptionsBuilder <AggregatorContext>()
.UseInMemoryDatabase(databaseName: "Add_writes_to_database")
.Options;
var context = new AggregatorContext(options);
var store = Substitute.For <IUserStore <User> >();
var controller = new ProductController(context,
Substitute.For <UserManager <User> >(store, null, null, null, null, null, null, null, null),
Substitute.For <IConfiguration>());
//Act
var result = controller.PayWithROBOKASSAAsync(-1).Result as StatusCodeResult;
//Assert
Assert.AreEqual(result.StatusCode, (int)HttpStatusCode.NotFound);
}
private async Task UpdateDIAuthStateInDBAsync(DIAuthorizationRequest newAuthState, string id, IdType idType)
{
DIAuthorizationRequest diAuthorizationRequest;
if (idType == IdType.StateId)
{
diAuthorizationRequest = await AggregatorContext.QueryAsync(ctx => ctx.DIAuthorizationRequests.FirstAsync(r => r.StateNew == id));
}
else if (idType == IdType.Dcid)
{
diAuthorizationRequest = await AggregatorContext.QueryAsync(ctx => ctx.DIAuthorizationRequests.FirstAsync(r => r.Dcid == id));
}
else if (idType == IdType.Code)
{
diAuthorizationRequest = await AggregatorContext.QueryAsync(ctx => ctx.DIAuthorizationRequests.FirstAsync(r => r.Code == id));
}
else
{
throw new Exception("Id type is wrong ");
}
diAuthorizationRequest = newAuthState;
await AggregatorContext.SaveAsync(ctx => ctx.DIAuthorizationRequests !.Update(diAuthorizationRequest));
}
public Task EraseClientSecretAsync(string stateNew) => AggregatorContext.SaveAsync(async ctx =>
{
var authorizationRequest = await ctx.DIAuthorizationRequests.FirstAsync(r => r.StateNew == stateNew);
authorizationRequest.IdgwClientSecret = null;
});
public ProductController(AggregatorContext dbContext, UserManager <User> userManager, IConfiguration configuration)
{
_dbContext = dbContext;
_userManager = userManager;
_configuration = configuration;
}
