/// <summary>
/// Creates a new Token member with a set of auto-generated keys, an alias, and member type.
/// </summary>
/// <param name="alias">nullable member alias to use, must be unique. If null, then no alias
/// will be created with the member</param>
/// <param name="createMemberType">the type of member to register</param>
/// <returns>the created member</returns>
public Task <Member> CreateMember(
Alias alias = null,
CreateMemberType createMemberType = CreateMemberType.Business)
{
var unauthenticated = ClientFactory.Unauthenticated(channel);
return(unauthenticated
.CreateMemberId(createMemberType)
.FlatMap(memberId =>
{
var crypto = cryptoEngineFactory.Create(memberId);
var operations = new List <MemberOperation>
{
Util.ToAddKeyOperation(crypto.GenerateKey(Level.Privileged)),
Util.ToAddKeyOperation(crypto.GenerateKey(Level.Standard)),
Util.ToAddKeyOperation(crypto.GenerateKey(Level.Low))
};
var metadata = new List <MemberOperationMetadata>();
if (alias != null)
{
operations.Add(Util.ToAddAliasOperation(alias.ToNormalized()));
metadata.Add(Util.ToAddAliasMetadata(alias.ToNormalized()));
}
var signer = crypto.CreateSigner(Level.Privileged);
return unauthenticated.CreateMember(memberId, operations, metadata, signer);
})
.Map(member =>
{
var crypto = cryptoEngineFactory.Create(member.Id);
var client = ClientFactory.Authenticated(channel, member.Id, crypto);
return new Member(client);
}));
}
/// <summary>
/// Return a Member set up to use some Token member's keys (assuming we have them).
/// </summary>
/// <param name="memberId">the member ID</param>
/// <returns>the member</returns>
public Task <Member> GetMember(string memberId)
{
var crypto = cryptoEngineFactory.Create(memberId);
var client = ClientFactory.Authenticated(channel, memberId, crypto);
return(client
.GetMember(memberId)
.Map(member => new Member(client)));
}
/// <summary>
/// Return a Member set up to use some Token member's keys (assuming we have them).
/// </summary>
/// <returns>The member.</returns>
/// <param name="memberId">Member identifier.</param>
public Task <Member> GetMember(string memberId)
{
var crypto = cryptoEngineFactory.Create(memberId);
var client = ClientFactory.Authenticated(channel, memberId, crypto);
return(GetMemberImpl(memberId, client)
.Map(member =>
{
return new Member(member.MemberId(), client,
tokenCluster, member.PartnerId(), member.RealmId());
}));
}
/// <summary>
/// Sets up a member given a specific ID of a member that already exists in the system. If
/// the member ID already has keys, this will not succeed.Used for testing since this
/// gives more control over the member creation process.
///
/// <p>Adds an alias and a set of auto-generated keys to the member.</p>
/// </summary>
/// <param name="memberId">member id</param>
/// <param name="alias">nullable member alias to use, must be unique. If null, then no alias will
/// be created with the member.</param>
/// <returns>newly created member</returns>
public Task <Member> SetUpMember(string memberId,
Alias alias)
{
return(SetUpMemberImpl(memberId, alias)
.Map(member =>
{
var crypto = cryptoEngineFactory.Create(member.MemberId());
var client = ClientFactory.Authenticated(channel, member.MemberId(), crypto);
return new Member(member.MemberId(), client, tokenCluster,
member.PartnerId(), member.RealmId(), browserFactory);
}));
}
/// <summary>
/// Creates a new Token member with a set of auto-generated keys, an alias, and member type.
/// </summary>
/// <param name="alias">nullable member alias to use, must be unique. If null, then no alias will
/// be created with the member..</param>
/// <param name="partnerId">of partner member.</param>
/// <param name="realmId">member Id of existing member to which this new member is associated with</param>
/// <returns>newly created member</returns>
public Task <Member> CreateMember(
Alias alias,
string partnerId = null,
string realmId = null)
{
return(CreateMemberImpl(alias, CreateMemberType.Business, null, partnerId, realmId)
.Map(member =>
{
var crypto = cryptoEngineFactory.Create(member.MemberId());
var client = ClientFactory.Authenticated(channel, member.MemberId(), crypto);
return new Member(member.MemberId(), client, tokenCluster, partnerId, realmId);
}));
}
/// <summary>
/// Completes account recovery if the default recovery rule was set.
/// </summary>
/// <param name="memberId">the member id</param>
/// <param name="verificationId">the verification id</param>
/// <param name="code">the code</param>
/// <returns>the new member</returns>
public Task <Member> CompleteRecoveryWithDefaultRule(
string memberId,
string verificationId,
string code,
ICryptoEngine cryptoEngine)
{
return(CompleteRecoveryWithDefaultRuleImpl(memberId, verificationId, code, cryptoEngine)
.Map(member =>
{
var client = ClientFactory.Authenticated(channel, member.MemberId(), cryptoEngine);
return new Member(member.MemberId(), client,
tokenCluster, member.PartnerId(), member.RealmId());
}));
}
/// <summary>
/// Completes the recovery.
/// </summary>
/// <returns>The recovery.</returns>
/// <param name="memberId">Member identifier.</param>
/// <param name="recoveryOperations">Recovery operations.</param>
/// <param name="privilegedKey">the privileged public key in the member recovery operations</param>
/// <param name="cryptoEngine">Crypto engine.</param>
public Task <Member> CompleteRecovery(
string memberId,
IList <MemberRecoveryOperation> recoveryOperations,
Key privilegedKey,
ICryptoEngine cryptoEngine)
{
return(CompleteRecoveryImpl(memberId, recoveryOperations, privilegedKey, cryptoEngine)
.Map(member =>
{
var client = ClientFactory.Authenticated(channel, member.MemberId(), cryptoEngine);
return new Member(member.MemberId(), client,
tokenCluster, member.PartnerId(), member.RealmId());
}));
}
/// <summary>
/// Creates a new Token member with a set of auto-generated keys, an alias, and member type.
/// </summary>
/// <param name="alias">nullable member alias to use, must be unique. If null, then no alias will
/// be created with the member.</param>
/// <param name="recoveryAgent">member id of the primary recovery agent.</param>
/// <param name="realmId">member id of an existing Member to whose realm this new member belongs.</param>
/// <returns>newly created member</returns>
public Task <Member> CreateMember(
Alias alias,
string recoveryAgent = null,
string realmId = null)
{
return(CreateMemberImpl(alias, CreateMemberType.Personal, recoveryAgent, null, realmId)
.Map(member =>
{
var crypto = cryptoEngineFactory.Create(member.MemberId());
var client = ClientFactory.Authenticated(channel, member.MemberId(), crypto);
return new Member(member.MemberId(), client, tokenCluster, member.PartnerId()
, member.RealmId(), browserFactory);
}));
}
/// <summary>
/// Completes account recovery if the default recovery rule was set.
/// </summary>
/// <param name="memberId">the member id</param>
/// <param name="verificationId">the verification id</param>
/// <param name="code">the code</param>
/// <returns>the new member</returns>
public Task <Member> CompleteRecoveryWithDefaultRule(
string memberId,
string verificationId,
string code)
{
var unauthenticated = ClientFactory.Unauthenticated(channel);
var cryptoEngine = new TokenCryptoEngine(memberId, new InMemoryKeyStore());
return(unauthenticated
.CompleteRecoveryWithDefaultRule(memberId, verificationId, code, cryptoEngine)
.Map(member =>
{
var client = ClientFactory.Authenticated(channel, member.Id, cryptoEngine);
return new Member(client);
}));
}
/// <summary>
/// Completes account recovery.
/// </summary>
/// <param name="memberId">the member id</param>
/// <param name="recoveryOperations">the member recovery operations</param>
/// <param name="privilegedKey">the privileged public key in the member recovery operations</param>
/// <param name="cryptoEngine">the new crypto engine</param>
/// <returns>the new member</returns>
public Task <Member> CompleteRecovery(
string memberId,
IList <MemberRecoveryOperation> recoveryOperations,
Key privilegedKey,
ICryptoEngine cryptoEngine)
{
var unauthenticated = ClientFactory.Unauthenticated(channel);
return(unauthenticated
.CompleteRecovery(memberId, recoveryOperations, privilegedKey, cryptoEngine)
.Map(member =>
{
var client = ClientFactory.Authenticated(channel, member.Id, cryptoEngine);
return new Member(client);
}));
}
/// <summary>
/// Recovers an eIDAS-verified member with eIDAS payload.
///
/// </summary>
/// <param name="payload">a payload containing member id, the certificate and a new key to add to the member</param>
/// <param name="signature">a payload signature with the private key corresponding to the certificate</param>
/// <param name="cryptoEngine">a crypto engine that must contain the privileged key that is included in
/// the payload(if it does not contain keys for other levels they will be generated)</param>
/// <returns>a Task of a new member</returns>
public Task <Member> RecoverEidasMember(
EidasRecoveryPayload payload,
string signature,
ICryptoEngine cryptoEngine)
{
var unauthenticated = ClientFactory.Unauthenticated(channel);
return(unauthenticated.RecoverEidasMember(payload,
signature,
cryptoEngine)
.Map(member =>
{
var client = ClientFactory.Authenticated(channel,
member.Id,
cryptoEngine);
return new Member(
member.Id,
client,
tokenCluster,
member.PartnerId,
member.RealmId);
}));
}