public virtual IHttpActionResult RequestRefresh([FromBody] RefreshParams rp)
{
return(ExecuteValidatedAction(() =>
{
// manually validating, as api is no longer wired up...
ValidatorHelpers.ValidateAndThrow(rp, new RefreshParamsValidator());
// validate AuthClient and RefreshToken
JwtConfig config = new JwtConfig(true, RequestLeftPart);
AuthClient client = ValidateClient(rp);
AuthToken rt = AuthService.RetrieveToken(rp.AuthUserId, rp.AuthClientId, rp.TokenIdentifier);
AddNoCacheHeader();
if (client == null || rt == null || rt.AuthClientId != client.Id ||
!JsonWebToken.GrantNewAccess(config, rt.Token))
{
return ImATeapot();
}
// get user
AuthUser user = AuthService.GetByIdForLogin(rt.AuthUserId);
if (user == null)
{
return ImATeapot();
}
CheckSetRoleManager(user); // make sure state is set in RoleManager
ILoginResultDto loginResult = CreateTokenResult(user, client, config); // create new tokens, return result
return loginResult != null ? (IHttpActionResult)Ok(loginResult) : ImATeapot();
}));
}
public virtual IHttpActionResult ResetPassword([FromBody] ResetPasswordParams rpp)
{
return(ExecuteValidatedAction(() =>
{
ValidatorHelpers.ValidateAndThrow(rpp, new ResetPasswordParamsValidator());
// validate client
AuthClient client = ValidateClient(rpp);
if (client == null)
{
return ImATeapot();
}
// validate user
AuthUser user = AuthService.ValidateReset(rpp.AuthUserId, rpp.ResetKey);
if (user == null)
{
return BadRequest();
}
// change password
AuthService.UpdatePassword(user, rpp.Password);
CheckSetRoleManager(user); // make sure state is set in RoleManager
ILoginResultDto result = CreateTokenResult(user, client); // return token
AuthService.MarkResetInvalid(rpp.AuthUserId);
return result != null ? (IHttpActionResult)Ok(result) : ImATeapot();
}));
}
public virtual IHttpActionResult RequestToken([FromBody] LoginParams lp)
{
return(ExecuteValidatedAction(() =>
{
ValidatorHelpers.ValidateAndThrow(lp, new LoginParamsValidator());
var client = ValidateClient(lp);
if (client == null)
{
return ImATeapot();
}
bool isDomainEmail = IsLoginDomainEmail(lp.Username);
if (!isDomainEmail && lp.Password == null)
{
return ImATeapot();
}
AddNoCacheHeader();
// check valid login
var authUser = AuthService.ValidateLogin(lp.Username, lp.Password);
if (authUser != null)
{
CheckSetRoleManager(authUser); // make sure state is set in RoleManager
ILoginResultDto loginResult = CreateTokenResult(authUser, client); // issue the token
return loginResult != null ? (IHttpActionResult)Ok(loginResult) : ImATeapot();
}
// check valid email domain
if (!isDomainEmail)
{
return ImATeapot();
}
AuthService.SendDomainEmailAccess(lp.Username);
return Ok(new DomainEmailLoginResult {
Email = lp.Username, SentEmail = true
});
}));
}
public virtual IHttpActionResult GrantAdminDomainEmailAccess([FromBody] DomainEmailPasswordParams depp)
{
return(ExecuteValidatedAction(() =>
{
ValidatorHelpers.ValidateAndThrow(depp, new DomainEmailPasswordParamsValidator());
AuthClient client = ValidateClient(depp);
if (client == null)
{
return ImATeapot();
}
AuthUser au = AuthService.ValidateDomainEmailLogin(depp.ResetKey);
if (au == null)
{
return ImATeapot();
}
CheckSetRoleManager(au);
ILoginResultDto result = CreateTokenResult(au, client); // return token
return result != null ? (IHttpActionResult)Ok(result) : ImATeapot();
}));
}
