public async Task <AuthenticationProviderResult <RefreshToken> > ValidateRefreshToken(
            ApplicationClient client,
            string refreshTokenTicket)
        {
            var response = new AuthenticationProviderResult <RefreshToken>()
            {
                IsSuccessful    = false,
                ResponseMessage = "",
                Result          = null
            };

            var existingRefreshToken = await this.dataService
                                       .RefreshTokens
                                       .FindByCondition(r => r.ApplicationClientId == client.Id &&
                                                        r.ProtectedTicket == refreshTokenTicket);

            if (existingRefreshToken == null)
            {
                response.ResponseMessage = "Invalid token";
                return(response);
            }

            if (existingRefreshToken.ExpiresUtc < DateTime.Now.ToUniversalTime())
            {
                response.ResponseMessage = "Token expired";
                return(response);
            }

            response.IsSuccessful = true;
            response.Result       = existingRefreshToken;
            return(response);
        }
        public async Task <AuthenticationProviderResult <ApplicationClient> > ValidateApplicationClientAsync(HttpRequest request)
        {
            var response = new AuthenticationProviderResult <ApplicationClient>()
            {
                IsSuccessful    = false,
                ResponseMessage = "",
                Result          = null
            };
            var clientId = request.Headers["client_id"];

            if (string.IsNullOrEmpty(clientId))
            {
                response.ResponseMessage = "Client Id is not set";
                return(response);
            }

            if (!Guid.TryParse(clientId, out Guid validClientID))
            {
                response.ResponseMessage = "Invalid client Id";
                return(response);
            }

            var client = await this.dataService.ApplicationClients.FindByIdAsync(validClientID);

            if (client == null)
            {
                response.ResponseMessage = "Invalid client Id";
                return(response);
            }

            if (!client.Enabled)
            {
                response.ResponseMessage = "Client is inactive";
                return(response);
            }

            if (client.ApplicationClientType == ApplicationClientType.Confidential)
            {
                var clientSecret = request.Headers["client_secret"];
                if (string.IsNullOrEmpty(clientSecret))
                {
                    response.ResponseMessage = "Client secret is not set";
                    return(response);
                }
                ;

                if (client.Base64Secret != clientSecret)
                {
                    response.ResponseMessage = "Client secret do not match";
                    return(response);
                }
            }

            response.IsSuccessful = true;
            response.Result       = client;
            return(response);
        }
        public async Task <AuthenticationProviderResult <ApplicationUser> > ValidateUserAuthenticationAsync(UserForAuthenticationDto userDto)
        {
            var response = new AuthenticationProviderResult <ApplicationUser>()
            {
                IsSuccessful    = false,
                ResponseMessage = "",
                Result          = null
            };

            var user = await this.dataService.UserManager.FindByEmailAsync(userDto.Email);

            if (user == null)
            {
                response.ResponseMessage = "Username or password is incorrect";
                return(response);
            }

            // if (!user.EmailConfirmed)
            // {
            //     response.ResponseMessage = "Email not confirmed";
            //     return response;
            // }

            var result = await this.signInManager.PasswordSignInAsync(user.UserName, userDto.Password, false, true);

            if (result.Succeeded)
            {
                response.IsSuccessful = true;
                response.Result       = user;
                return(response);
            }
            else if (result.IsLockedOut)
            {
                response.ResponseMessage = "User is lockout";
                return(response);
            }
            else
            {
                response.ResponseMessage = "Username or password is incorrect";
                return(response);
            }
        }
        public async Task <AuthenticationProviderResult <ApplicationUser> > ValidateUserAsync(Guid userId)
        {
            var response = new AuthenticationProviderResult <ApplicationUser>()
            {
                IsSuccessful    = false,
                ResponseMessage = "",
                Result          = null
            };

            var user = await this.dataService.UserManager.FindByIdAsync(userId.ToString());

            response.ResponseMessage = "Unauthorized";
            if (user == null)
            {
                return(response);
            }

            if (!await this.signInManager.CanSignInAsync(user))
            {
                return(response);
            }

            if (this.dataService.UserManager.SupportsUserLockout && await this.dataService.UserManager.IsLockedOutAsync(user))
            {
                response.ResponseMessage = "User is lockout";
                return(response);
            }

            // ToDo When Email confirmation available
            // if (!user.EmailConfirmed)
            // {
            //     response.ResponseMessage = "Email not confirmed";
            //     return response;
            // }

            response.IsSuccessful    = true;
            response.ResponseMessage = "";
            response.Result          = user;
            return(response);
        }
        private async Task <AuthenticationDto> CreateAuthentificationDto(AuthenticationProviderResult <ApplicationClient> isValidClient,
                                                                         AuthenticationProviderResult <ApplicationUser> isAuthorize)
        {
            var userClaims = await this.authenticationProvider.GetUserClaimsAsync(isAuthorize.Result);

            var userRoles = await this.authenticationProvider.GetUserRolesAsync(isAuthorize.Result);

            var claims = await this.jWTProvider.GetValidClaims(isAuthorize.Result, userRoles, userClaims);

            var token        = this.jWTProvider.GenerateToken(claims, isValidClient.Result.JWTAudienceCategory);
            var refreshToken = await this.refreshTokenProvider.GenerateRefreshToken(isAuthorize.Result, isValidClient.Result);

            var bearerToken = new AuthenticationDto()
            {
                Id           = Guid.Parse(isAuthorize.Result.Id),
                Email        = isAuthorize.Result.Email,
                Roles        = userRoles,
                Claims       = userClaims,
                Token        = token,
                RefreshToken = refreshToken
            };

            return(bearerToken);
        }