private static async Task <Auth.Session> CreateSession(string userIdentification,
IAzureApplication application, IHttpRequest request)
{
var authentication = new Authentication
{
authenticationRef = Ref <Authentication> .SecureRef(),
authenticated = DateTime.UtcNow,
userIdentification = userIdentification,
token = SecureGuid.Generate().ToString("N"),
};
return(await await authentication
.StorageCreateAsync(
async (authenticationDiscard) =>
{
var method = EastFive.Azure.Auth.Method.ByMethodName(
CredentialProvider.IntegrationName, application);
var parameters = new Dictionary <string, string>()
{
{ "state", authentication.authenticationRef.id.ToString() },
{ "token", authentication.token },
{ CredentialProvider.referrerKey, "https://example.com/internal" }
};
return await await method.RedeemTokenAsync(parameters, application,
async(externalAccountKey, authorizationRefMaybe, loginProvider, extraParams) =>
{
var authorization = new Auth.Authorization
{
authorizationRef = new Ref <Auth.Authorization>(Security.SecureGuid.Generate()),
Method = method.authenticationId,
parameters = extraParams,
authorized = true,
};
return await await Auth.Redirection.AuthorizeWithAccountAsync(
authorization,
async(authorizationToSave) =>
{
bool created = await authorizationToSave.StorageCreateAsync(
discard => true);
},
method,
externalAccountKey, extraParams,
application, request, loginProvider,
request.RequestUri,
async(accountId, authorizationUpdated) =>
{
return await CreateSessionAsync(authorization);
},
(interruptTo, accountId, authorizationUpdated) => throw new Exception($"Cannot redirect to `{interruptTo}`"),
(why, authorizationUpdated) => throw new Exception(why),
public async Task CanLoginWithAuthenticationRequest()
{
// TODO: Only get Authorization with property header
// TODO: Can't get twice
// TODO: IF authorized, LocationAuthentication should not be set
// var sessionFactory = new RestApplicationFactory();
var sessionFactory = await TestApplicationFactory.InitAsync();
var superAdmin = await sessionFactory.SessionSuperAdminAsync();
(superAdmin as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(Auth.CredentialProviders.AdminLogin),
async(app) =>
{
await 1.AsTask();
return(new Auth.CredentialProviders.AdminLogin());
});
(superAdmin as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(ProvideLoginMock),
async(app) =>
{
await 1.AsTask();
return(new ProvideLoginMock());
});
var authenticationAdmin = await superAdmin.GetAsync <Method, Method>(
onContents :
authentications =>
{
var matchingAuthentications = authentications
.Where(auth => auth.name == Auth.CredentialProviders.AdminLogin.IntegrationName);
Assert.IsTrue(matchingAuthentications.Any());
return(matchingAuthentications.First());
});
var mockAuthenticationMock = await superAdmin.GetAsync <Method, Method>(
onContents :
authentications =>
{
var matchingAuthentications = authentications
.Where(auth => auth.name == ProvideLoginMock.IntegrationName);
Assert.IsTrue(matchingAuthentications.Any());
return(matchingAuthentications.First());
});
var authReturnUrl = new Uri("http://example.com/authtest");
var authorizationIdSecure = Security.SecureGuid.Generate();
var authorizationInvite = new Auth.Authorization
{
authorizationRef = authorizationIdSecure.AsRef <Auth.Authorization>(),
Method = mockAuthenticationMock.authenticationId,
LocationAuthenticationReturn = authReturnUrl,
};
var authroizationWithUrls = await superAdmin.PostAsync(authorizationInvite,
onCreatedBody :
(authorizationResponse, contentType) =>
{
Assert.AreEqual(authorizationInvite.Method.id, authorizationResponse.Method.id);
Assert.AreEqual(authReturnUrl, authorizationResponse.LocationAuthenticationReturn);
return(authorizationResponse);
});
var externalSystemUserId = Guid.NewGuid().ToString();
var internalSystemUserId = Guid.NewGuid();
// var mockParameters = ProvideLoginMock.GetParameters(externalSystemUserId);
Assert.IsTrue(await superAdmin.PostAsync(
new Auth.AccountMapping
{
accountMappingId = Guid.NewGuid(),
accountId = internalSystemUserId,
authorization = authorizationInvite.authorizationRef,
},
onCreated: () => true));
var comms = sessionFactory.GetUnauthorizedSession();
var session = new Session
{
sessionId = Guid.NewGuid().AsRef <Session>(),
};
var token = await comms.PostAsync(session,
onCreatedBody : (sessionWithToken, contentType) => sessionWithToken.token);
(comms as Api.Azure.AzureApplication)
.AddOrUpdateInstantiation(typeof(ProvideLoginMock),
async(app) =>
{
await 1.AsTask();
return(new ProvideLoginMock());
});
// TODO: comms.LoadToken(session.token);
var authentication = await comms.GetAsync <Method, Method>(
onContents :
authentications =>
{
var matchingAuthentications = authentications
.Where(auth => auth.name == ProvideLoginMock.IntegrationName);
Assert.IsTrue(matchingAuthentications.Any());
return(matchingAuthentications.First());
});
var responseResource = ProvideLoginMock.GetResponse(externalSystemUserId, authorizationInvite.authorizationRef.id);
var authorizationToAthenticateSession = await await comms.GetAsync(responseResource,
onRedirect :
async(urlRedirect) =>
{
var authIdStr = urlRedirect.GetQueryParam(EastFive.Api.Azure.AzureApplication.QueryRequestIdentfier);
var authId = Guid.Parse(authIdStr);
var authIdRef = authId.AsRef <Auth.Authorization>();
// TODO: New comms here?
return(await await comms.GetAsync(
(Auth.Authorization authorizationGet) => authorizationGet.authorizationRef.AssignQueryValue(authIdRef),
onContent:
async(authenticatedAuthorization) =>
{
var sessionVirgin = new Session
{
sessionId = Guid.NewGuid().AsRef <Session>(),
authorization = new RefOptional <Auth.Authorization>(authIdRef),
};
var tokenNew = await comms.PostAsync(sessionVirgin,
onCreatedBody: (sessionWithToken, contentType) =>
{
Assert.AreEqual(internalSystemUserId, sessionWithToken.account.Value);
return sessionWithToken.HeaderName.PairWithValue(sessionWithToken.token);
});
comms.Headers.Add(tokenNew.Key, tokenNew.Value);
var integration = new Auth.Integration
{
integrationRef = Guid.NewGuid().AsRef <Auth.Integration>(),
accountId = internalSystemUserId,
Method = mockAuthenticationMock.authenticationId,
authorization = new RefOptional <Auth.Authorization>(authIdRef),
};
Assert.IsTrue(await comms.PostAsync(integration,
onCreated: () => true));
session.authorization = new RefOptional <Auth.Authorization>(authenticatedAuthorization.authorizationRef);
return await comms.PatchAsync(session,
onUpdatedBody:
(updated) =>
{
return updated;
});
}));
});
Assert.AreEqual(internalSystemUserId, authorizationToAthenticateSession.account.Value);
}
