public async Task <IActionResult> IssueToken(
[FromBody] BearerTokenRequest model,
[FromHeader(Name = ActiveTenant.Constants.MultiTenancy.ApplicationHeader)]
string application,
[FromHeader(Name = ActiveTenant.Constants.MultiTenancy.TenantHeader)]
string tenant,
[FromHeader(Name = ActiveVersion.Constants.Versioning.VersionHeader)]
string version
)
{
if (!this.TryValidateModelOrError(ModelState, ErrorEvents.ValidationFailed,
ErrorStrings.ValidationFailed, out var error))
{
return(error);
}
// FIXME: pin claims transformation to user-provided scope
var operation = await _signInService.SignInAsync(model.IdentityType, model.Identity, model.Password);
if (!operation.Succeeded)
{
return(operation.ToResult());
}
var token = _fabricator.CreateToken(operation.Data);
return(Ok(new { AccessToken = token }));
}
public Task <IActionResult> IssueToken([FromBody] BearerTokenRequest model,
[FromHeader(Name = ActiveTenant.Constants.MultiTenancy.ApplicationHeader)]
string application,
[FromHeader(Name = ActiveTenant.Constants.MultiTenancy.TenantHeader)]
string tenant,
[FromHeader(Name = ActiveVersion.Constants.Versioning.VersionHeader)]
string version)
{
if (!this.TryValidateModelOrError(ModelState, ErrorEvents.ValidationFailed, ErrorStrings.ValidationFailed,
out var error))
{
return(Task.FromResult((IActionResult)error));
}
bool isSuperUser;
var superUser = _options.Value;
switch (model.IdentityType)
{
case IdentityType.Username:
isSuperUser = superUser.Username == model.Identity;
if (!isSuperUser)
{
return(this.NotFoundAsync());
}
break;
case IdentityType.Email:
isSuperUser = superUser.Email == model.Identity;
if (!isSuperUser)
{
return(this.NotFoundAsync());
}
break;
case IdentityType.PhoneNumber:
isSuperUser = superUser.PhoneNumber == model.Identity;
if (!isSuperUser)
{
return(this.NotFoundAsync());
}
break;
default:
throw new ArgumentOutOfRangeException();
}
if (!Utilities.Compare(Encoding.UTF8.GetBytes(model.Password),
Encoding.UTF8.GetBytes(_options.Value.Password)))
{
return(this.UnauthorizedAsync());
}
var claims = new List <Claim>
{
new Claim(_claimNameProvider?.RoleClaim ?? ClaimTypes.Role,
Constants.ClaimValues.SuperUser)
};
var user = typeof(TKey) != typeof(Guid)
? typeof(TKey).IsNumeric()
? new { Id = Constants.SuperUserNumberId }.QuackLike <IUserIdProvider <TKey> >()
: new { Id = Constants.SuperUserStringId }.QuackLike <IUserIdProvider <TKey> >()
: new { Id = Constants.SuperUserGuidId }.QuackLike <IUserIdProvider <TKey> >();
var token = _fabricator.CreateToken(user, claims);
var response = new BearerTokenResponse
{
IdentityType = model.IdentityType,
AccessToken = token
};
return(Task.FromResult((IActionResult)Ok(response)));
}
