Esempio n. 1
0
        public async Task <PostAuthorizeResponse> AuthorizeAsync(
            string country,
            string key,
            string password,
            string responseType,
            string redirectUri,
            string state,
            string ipAddress,
            string userAgent,
            List <string> scopes,
            string audience,
            CancellationToken ct)
        {
            var identityTypes     = IdentityTypeExtensions.TypesWithPassword;
            var phoneIdentityType = new[] { IdentityType.PhoneAndPassword };

            var identity = await _identitiesService.GetVerifiedByKeyAndTypesAsync(key, identityTypes, ct) ??
                           await _identitiesService.GetVerifiedByKeyAndTypesAsync(key.GetPhoneWithoutPrefixes(country),
                                                                                  phoneIdentityType, ct);

            if (identity == null)
            {
                return(new PostAuthorizeResponse(redirectUri, true));
            }

            var profile = await _profilesService.GetAsync(identity.ProfileId, ct);

            if (profile == null)
            {
                return(new PostAuthorizeResponse(redirectUri, true));
            }

            var isPasswordCorrect = _identitiesService.IsPasswordCorrect(identity, password);

            if (!isPasswordCorrect)
            {
                return(new PostAuthorizeResponse(redirectUri, true));
            }

            var claims = await _claimsService.GetByScopesAsync(scopes, profile, ct);

            switch (responseType)
            {
            case ResponseType.Code:
            {
                var code        = _codesService.Create(profile, claims);
                var callbackUri = _callbackUriService.GetByCode(redirectUri, state, code);

                return(new PostAuthorizeResponse(callbackUri, false));
            }

            case ResponseType.Token:
            {
                var accessToken  = _accessTokensService.Create(audience, claims);
                var refreshToken =
                    await _refreshTokensService.CreateAsync(claims, profile, ipAddress, userAgent, ct);

                var callbackUri = _callbackUriService.GetByTokens(redirectUri, state, accessToken, refreshToken);

                return(new PostAuthorizeResponse(callbackUri, false));
            }

            default:
                throw new ArgumentOutOfRangeException(responseType);
            }
        }