public async Task <SIAuthorizationResult> SIAuthorize([FromQuery(Name = OpenIdConnectParameterNames.ClientId)] string?clientId, string?scope, string?request)
{
var msisdn = siRequestValidationService.ValidateAndGetMsisdn(clientId, scope, request);
var discoDetails = await siRequestAuthorizationService.AuthorizeAndGetDiscoDetailsAsync(clientId !, request !);
discoveryConnector.SetDiscoveryConnector(new DiscoverySettings(discoDetails.DiscoUri, discoDetails.DiscoClientId, discoDetails.DiscoSecret, discoDetails.DiscoRedirectUri));
var discoveryResponse = await discoveryConnector.GetDiscoveryResponseByMsisdnAsync(new(msisdn, discoDetails.DiscoRedirectUri));
var isNewIdgwConnector = await idgwConnectorManager.TryAddConnectorAsync(discoveryResponse.ServingOperator !, discoveryResponse.UriOpenIdConfig);
var servingOperator = idgwConnectorManager.GetServingOperatorByString(discoveryResponse.ServingOperator !);
var idgwConnector = idgwConnectorManager[servingOperator];
if (isNewIdgwConnector && !string.IsNullOrEmpty(discoveryResponse.UriPremiumInfo))
{
idgwConnector.OpenIdConfig.PremiumInfoEndpoint = discoveryResponse.UriPremiumInfo;
}
var idgwSIAuthorizeResult = await idgwConnector.SIAuthorizeAsync(clientId !, discoveryResponse.ClientId, request !);
idgwSIAuthorizeResult.SIAuthorizeRequest !.ServingOperator = discoveryResponse.ServingOperator !;
await AggregatorContext.SaveAsync(ctx => ctx.SIAuthorizationRequests !.AddAsync(idgwSIAuthorizeResult.SIAuthorizeRequest !));
return(new SIAuthorizationResult(idgwSIAuthorizeResult.AuthorizationRequestId, idgwSIAuthorizeResult.ExpiresIn));
}
public async Task <IActionResult> DIAuthorize(
[FromQuery(Name = OpenIdConnectParameterNames.ClientId)] string?clientId,
[FromQuery(Name = OpenIdConnectParameterNames.RedirectUri)] string?redirectUri,
[FromQuery(Name = OpenIdConnectParameterNames.Scope)] string?scope,
[FromQuery(Name = OpenIdConnectParameterNames.ResponseType)] string?responseType,
[FromQuery(Name = OpenIdConnectParameterNames.AcrValues)] string?acrValues,
[FromQuery(Name = OpenIdConnectParameterNames.Nonce)] string?nonce,
[FromQuery(Name = MobileConnectParameterNames.Version)] string?version,
[FromQuery(Name = OpenIdConnectParameterNames.State)] string?state,
[FromQuery(Name = OpenIdConnectParameterNames.LoginHint)] string?loginHint,
[FromQuery(Name = OpenIdConnectParameterNames.Display)] string?display,
[FromQuery(Name = MobileConnectParameterNames.ClientName)] string?clientName)
{
var createdAt = DateTimeOffset.Now;
await diRequestValidationService.ValidateRedirectUriAsync(clientId, redirectUri);
try
{
var request = new DIAuthorizationRequest()
{
ClientId = clientId,
RedirectUri = redirectUri,
Scope = scope,
ResponseType = responseType,
AcrValues = acrValues,
State = state,
Nonce = nonce,
Version = version,
LoginHint = loginHint,
Display = display,
ClientName = clientName,
CreatedAt = createdAt
};
diRequestValidationService.Validate(request);
request.StateNew = Guid.NewGuid().ToString();
SetDIAuthorizeCookie(request.StateNew);
var cacheRequest = await authorizationStateService.SetDIAuthStateAsync(request);
var discoSettings = await diAuthorizationService.GetDiscoSettingsByClientIdAsync(clientId !);
discoveryConnector.SetDiscoveryConnector(discoSettings);
if (string.IsNullOrEmpty(loginHint))
{
var discoSessionResponse = await discoveryConnector.InitDiscoSessionRequestAsync(); // внутри Discovery хотел редирекнуть, но мы пока не редиректим.
cacheRequest.Dcid = discoSessionResponse.Dcid !;
await authorizationStateService.UpdateDIAuthStateDcidAsync(cacheRequest !);
return(Redirect(discoSessionResponse.CreatedByDiscoveryRedirectUri));
}
var discoveryResponse = await discoveryConnector.GetDiscoveryResponseByMsisdnAsync(new(loginHint.Substring(loginHint.IndexOf(":") + 1), discoSettings.DiscoRedirectUri));
cacheRequest !.ServingOperator = discoveryResponse.ServingOperator;
cacheRequest !.IdgwClientId = discoveryResponse.ClientId;
cacheRequest !.IdgwClientSecret = discoveryResponse.ClientSecret;
await authorizationStateService.UpdateDIAuthStateAsync(cacheRequest !);
var isNewIdgwConnector = await idgwConnectorManager.TryAddConnectorAsync(discoveryResponse.ServingOperator !, discoveryResponse.UriOpenIdConfig);
var servingOperator = idgwConnectorManager.GetServingOperatorByString(discoveryResponse.ServingOperator !);
var idgwConnector = idgwConnectorManager[servingOperator];
if (isNewIdgwConnector && !string.IsNullOrEmpty(discoveryResponse.UriPremiumInfo))
{
idgwConnector.OpenIdConfig.PremiumInfoEndpoint = discoveryResponse.UriPremiumInfo;
}
var idGatewayDIAuthUri = diAuthorizationService.CreateIdGatewayDIAuthUri(idgwConnector.OpenIdConfig.AuthorizationEndpoint, cacheRequest !);
return(Redirect(idGatewayDIAuthUri));
}
catch (UnifiedException ex)
{
return(Redirect($"{redirectUri}?error={ex.Error}&error_description={ex.ErrorDescription}"));
}
catch
{
return(Redirect($"{redirectUri}?error=server_error"));
}
}