public async Task <IActionResult> Auth( [FromForm] AuthBinding binding, [FromServices] AuthenticationService authenticationService, CancellationToken cancellationToken) { switch (binding.GrantType) { case GrantType.password: if (IsNullOrEmpty(binding.UserName)) { BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest, $"Field 'username' is required for '{GrantType.password}' grant type")); } if (IsNullOrEmpty(binding.Password)) { BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest, $"Field 'password' is required for '{GrantType.password}' grant type")); } try { var(accessToken, expiresIn, refreshToken) = await authenticationService.AuthenticationByPassword(binding.UserName, binding.Password, HttpContext.GetIp(), cancellationToken); return(Ok(new TokenView(accessToken, "Bearer", (Int64)expiresIn.TotalSeconds, refreshToken))); } catch (UnauthorizedException) { return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnauthorizedClient, "Email or password is incorrect"))); } case GrantType.refresh_token: if (IsNullOrEmpty(binding.RefreshToken)) { BadRequest(ErrorView.Build(O2AuthErrorCode.InvalidRequest, $"Field 'refresh_token' is required for '{GrantType.refresh_token}' grant type")); } try { var(accessToken, expiresIn, refreshToken) = await authenticationService.AuthenticationByRefreshToken(binding.RefreshToken, HttpContext.GetIp(), cancellationToken); return(Ok(new TokenView(accessToken, "Bearer", (Int64)expiresIn.TotalSeconds, refreshToken))); } catch (UnauthorizedException) { return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnauthorizedClient, "Refresh token is incorrect"))); } default: return(BadRequest(ErrorView.Build(O2AuthErrorCode.UnsupportedGrantType, $"Unsupported grant type: {binding.GrantType}."))); } }
public async Task <IActionResult> Auth( CancellationToken cancellationToken, [FromForm(Name = "grant_type")] String grantType, [FromForm(Name = "username")] String userName, [FromForm(Name = "password")] String password, [FromForm(Name = "refresh_token")] String refreshToken, [FromServices] UserAuthenticationService authenticationService) { // много дичи согласно RFC const String passwordGrantType = "password"; const String refreshTokenGrantType = "refresh_token"; if (String.IsNullOrEmpty(grantType)) { return(BadRequest(ErrorView.Build(ErrorCode.InvalidRequest, "Field 'grant_type' is required"))); } switch (grantType) { case passwordGrantType: if (String.IsNullOrEmpty(userName)) { BadRequest(ErrorView.Build(ErrorCode.InvalidRequest, $"Field 'username' is required for '{passwordGrantType}' grant type")); } if (String.IsNullOrEmpty(password)) { BadRequest(ErrorView.Build(ErrorCode.InvalidRequest, $"Field 'password' is required for '{passwordGrantType}' grant type")); } try{ return(Ok(TokenView.FromToken( await authenticationService.AuthenticationByPassword(userName, password, cancellationToken)))); } catch (UnauthorizedException) { return(BadRequest(ErrorView.Build(ErrorCode.UnauthorizedClient, "Login or password is incorrect"))); } catch (UnconfirmedException) { return(BadRequest(ErrorView.Build(ErrorCode.InvalidClient, "Registration is unconfirmed"))); } case refreshTokenGrantType: if (String.IsNullOrEmpty(refreshToken)) { BadRequest(ErrorView.Build(ErrorCode.InvalidRequest, $"Field 'refresh_token' is required for '{refreshTokenGrantType}' grant type")); } try{ return(Ok(TokenView.FromToken( await authenticationService.AuthenticationByRefreshToken(refreshToken, cancellationToken)))); } catch (UnauthorizedException) { return(BadRequest(ErrorView.Build(ErrorCode.UnauthorizedClient, "Refresh token is incorrect"))); } catch (UnconfirmedException) { return(BadRequest(ErrorView.Build(ErrorCode.InvalidClient, "Registration is unconfirmed"))); } default: return(BadRequest(ErrorView.Build(ErrorCode.UnsupportedGrantType, $"Unsupported grant type: {grantType}. Possible types: {passwordGrantType}, {refreshTokenGrantType}"))); } }