public async Task <IActionResult> Auth(
[FromForm] AuthBinding binding,
[FromServices] AuthenticationService authenticationService,
CancellationToken cancellationToken)
{
switch (binding.GrantType)
{
case GrantType.password:
if (IsNullOrEmpty(binding.UserName))
{
BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest, $"Field 'username' is required for '{GrantType.password}' grant type"));
}
if (IsNullOrEmpty(binding.Password))
{
BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest, $"Field 'password' is required for '{GrantType.password}' grant type"));
}
try
{
var(accessToken, expiresIn, refreshToken) =
await authenticationService.AuthenticationByPassword(binding.UserName, binding.Password, HttpContext.GetIp(), cancellationToken);
return(Ok(new TokenView(accessToken, "Bearer", (Int64)expiresIn.TotalSeconds, refreshToken)));
}
catch (UnauthorizedException)
{
return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnauthorizedClient, "Email or password is incorrect")));
}
case GrantType.refresh_token:
if (IsNullOrEmpty(binding.RefreshToken))
{
BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest,
$"Field 'refresh_token' is required for '{GrantType.refresh_token}' grant type"));
}
try
{
var(accessToken, expiresIn, refreshToken) =
await authenticationService.AuthenticationByRefreshToken(binding.RefreshToken, HttpContext.GetIp(), cancellationToken);
return(Ok(new TokenView(accessToken, "Bearer", (Int64)expiresIn.TotalSeconds, refreshToken)));
}
catch (UnauthorizedException)
{
return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnauthorizedClient, "Refresh token is incorrect")));
}
default:
return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnsupportedGrantType, $"Unsupported grant type: {binding.GrantType}.")));
}
}
public async Task <IActionResult> Auth(
CancellationToken cancellationToken,
[FromForm(Name = "grant_type")] String grantType,
[FromForm(Name = "username")] String userName,
[FromForm(Name = "password")] String password,
[FromForm(Name = "refresh_token")] String refreshToken,
[FromServices] UserAuthenticationService authenticationService)
{
// много дичи согласно RFC
const String passwordGrantType = "password";
const String refreshTokenGrantType = "refresh_token";
if (String.IsNullOrEmpty(grantType))
{
return(BadRequest(ErrorView.Build(ErrorCode.InvalidRequest, "Field 'grant_type' is required")));
}
switch (grantType)
{
case passwordGrantType:
if (String.IsNullOrEmpty(userName))
{
BadRequest(ErrorView.Build(ErrorCode.InvalidRequest,
$"Field 'username' is required for '{passwordGrantType}' grant type"));
}
if (String.IsNullOrEmpty(password))
{
BadRequest(ErrorView.Build(ErrorCode.InvalidRequest,
$"Field 'password' is required for '{passwordGrantType}' grant type"));
}
try{
return(Ok(TokenView.FromToken(
await authenticationService.AuthenticationByPassword(userName, password,
cancellationToken))));
}
catch (UnauthorizedException) {
return(BadRequest(ErrorView.Build(ErrorCode.UnauthorizedClient,
"Login or password is incorrect")));
}
catch (UnconfirmedException) {
return(BadRequest(ErrorView.Build(ErrorCode.InvalidClient, "Registration is unconfirmed")));
}
case refreshTokenGrantType:
if (String.IsNullOrEmpty(refreshToken))
{
BadRequest(ErrorView.Build(ErrorCode.InvalidRequest,
$"Field 'refresh_token' is required for '{refreshTokenGrantType}' grant type"));
}
try{
return(Ok(TokenView.FromToken(
await authenticationService.AuthenticationByRefreshToken(refreshToken, cancellationToken))));
}
catch (UnauthorizedException) {
return(BadRequest(ErrorView.Build(ErrorCode.UnauthorizedClient, "Refresh token is incorrect")));
}
catch (UnconfirmedException) {
return(BadRequest(ErrorView.Build(ErrorCode.InvalidClient, "Registration is unconfirmed")));
}
default:
return(BadRequest(ErrorView.Build(ErrorCode.UnsupportedGrantType,
$"Unsupported grant type: {grantType}. Possible types: {passwordGrantType}, {refreshTokenGrantType}")));
}
}
