private int GetContactIdFromToken(string originalToken, CrossroadsDecodedToken crossroadsDecodedToken)
{
int contactId = -1;
if (crossroadsDecodedToken.authProvider == AuthConstants.AUTH_PROVIDER_OKTA)
{
contactId = _oktaUserService.GetMpContactIdFromDecodedToken(crossroadsDecodedToken);
}
else if (crossroadsDecodedToken.authProvider == AuthConstants.AUTH_PROVIDER_MP)
{
contactId = _mpUserService.GetMpContactIdFromToken(originalToken);
}
else
{
//This should never happen based on previous logic
_logger.Warn("Invalid issuer when there should not be an invalid issuer w/ token: " + originalToken);
throw new SecurityTokenInvalidIssuerException();
}
if (contactId == -1)
{
string exceptionString = $"No mpContactID available for JWT with issuer: {crossroadsDecodedToken.authProvider}, and JWT id: {crossroadsDecodedToken.decodedToken.Id}";
_logger.Error(exceptionString);
throw new NoContactIdAvailableException(exceptionString);
}
return(contactId);
}
private static Authentication GetAuthentication(CrossroadsDecodedToken decodeTokenResponse)
{
Authentication authentication = new Authentication();
authentication.Provider = decodeTokenResponse.authProvider;
return(authentication);
}
public UserInfo GetUserInfo(string originalToken,
CrossroadsDecodedToken crossroadsDecodedToken,
string mpAPIToken)
{
UserInfo userInfoObject = new UserInfo();
int contactId = GetContactIdFromToken(originalToken, crossroadsDecodedToken);
userInfoObject.Mp = _mpUserService.GetMpUserInfoFromContactId(contactId, mpAPIToken);
return(userInfoObject);
}
public Authorization GetAuthorizations(CrossroadsDecodedToken crossroadsDecodedToken, string mpAPIToken, int mpContactId)
{
Authorization authorizationObject = new Authorization();
if (crossroadsDecodedToken.authProvider == AuthConstants.AUTH_PROVIDER_OKTA)
{
authorizationObject.OktaRoles = _oktaUserService.GetRoles(crossroadsDecodedToken);
}
authorizationObject.MpRoles = _mpUserService.GetRoles(mpAPIToken, mpContactId);
return(authorizationObject);
}
public int GetMpContactIdFromDecodedToken(CrossroadsDecodedToken decodedToken)
{
int mpContactId = -1;
if (decodedToken.decodedToken.Claims == null)
{
return(mpContactId);
}
foreach (Claim claim in decodedToken.decodedToken.Claims)
{
if (claim.Type == "mpContactId")
{
mpContactId = System.Convert.ToInt32(claim.Value);
break;
}
}
return(mpContactId);
}
public async Task <CrossroadsDecodedToken> DecodeAndValidateToken(string token, IOIDConfigurationService configService)
{
JwtSecurityToken decodedToken = DecodeToken(token);
// Get updated configurations for auth servers
var mpConfiguration = await configService.GetMpConfigAsync();
var oktaConfiguration = await configService.GetOktaConfigAsync();
JwtIssuer issuer = GetAndValidateIssuer(decodedToken, mpConfiguration, oktaConfiguration);
ValidateToken(token, issuer.configuration);
CrossroadsDecodedToken crossroadsDecodedToken = new CrossroadsDecodedToken
{
decodedToken = decodedToken,
authProvider = issuer.authProvider
};
return(crossroadsDecodedToken);
}
public async Task <AuthDTO> GetAuthorization(string token)
{
CrossroadsDecodedToken decodedToken = await _jwtService.DecodeAndValidateToken(token, _configService);
UserInfo userInfo = null;
Authorization authorizations = null;
string mpAPIToken = _apiUserRepository.GetDefaultApiClientToken();
userInfo = _userService.GetUserInfo(token, decodedToken, mpAPIToken);
authorizations = _userService.GetAuthorizations(decodedToken, mpAPIToken, userInfo.Mp.ContactId);
Authentication authentication = GetAuthentication(decodedToken);
AuthDTO responseObject = new AuthDTO
{
Authentication = authentication,
Authorization = authorizations,
UserInfo = userInfo
};
return(responseObject);
}
public IDictionary <int, string> GetRoles(CrossroadsDecodedToken decodedToken)
{
return(new Dictionary <int, string>());
}
