public string Token(string msisdn) => SignedJwtCreator.Create(new Dictionary <string, object>()
{
[OpenIdConnectParameterNames.AcrValues] = "2",
[OpenIdConnectParameterNames.ClientId] = "client_a",
[OpenIdConnectParameterNames.LoginHint] = $"MSISDN:{msisdn}",
[OpenIdConnectParameterNames.Scope] = "openid mc_identity_basic",
[MobileConnectParameterNames.ClientNotificationToken] = "token-for-sp-notification",
[MobileConnectParameterNames.NotificationUri] = "http://client-a.ru/notification"
}, settings.PrivateKey !);
public async Task <object> PremiumInfo()
{
string accessTokenOnAggregator = premiumInfoValidationService.CheckAndGetAccessTokenOnAggregator(Request);
string atHash = HelperHash.AtHashString(accessTokenOnAggregator);
var authorizationState = await authorizationStateService.GetAuthStateByTokenAsync(atHash);
var servingOperator = idgwConnectorManager.GetServingOperatorByString(authorizationState !.PremiumInfoToken.ServingOperator !);
var idgwConnector = idgwConnectorManager[servingOperator];
var idgwResponse = await idgwConnector !.PremiumInfoAsync(authorizationState !.PremiumInfoToken.AccessTokenOnIdgw !);
var idgwJwks = await idgwConnector.GetJwksAsync();
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
if (jwtSecurityTokenHandler.CanReadToken(idgwResponse))
{
if (!JwtSignatureValidator.Validate(idgwResponse, idgwJwks, out var idClaims))
{
throw new UnifiedException(OAuth2Error.UnauthorizedClient);
}
var jwtPayload = jwtSecurityTokenHandler.ReadJwtToken(idgwResponse).Payload;
if (authorizationState !.IsPremiumInfoSigned)
{
return(SignedJwtCreator.Create(jwtPayload, settings.PrivateKey !));
}
return(jwtPayload);
}
if (authorizationState !.IsPremiumInfoSigned)
{
var newPayload = JwtPayload.Deserialize(idgwResponse);
return(SignedJwtCreator.Create(newPayload, settings.PrivateKey !));
}
var idgwResponseJson = JsonDocument.Parse(idgwResponse);
if (idgwResponseJson != null)
{
return(idgwResponseJson);
}
return(idgwResponse);
}