/// <inheritdoc/>
public StartAuthenticationResponse StartAuthentication(string clientId, string authorizeUrl, string redirectUrl, string state, string nonce,
string encryptedMsisdn, SupportedVersions versions, AuthenticationOptions options)
{
Validate.RejectNullOrEmpty(clientId, "clientId");
Validate.RejectNullOrEmpty(authorizeUrl, "authorizeUrl");
Validate.RejectNullOrEmpty(redirectUrl, "redirectUrl");
Validate.RejectNullOrEmpty(state, "state");
Validate.RejectNullOrEmpty(nonce, "nonce");
options = options ?? new AuthenticationOptions();
options.Scope = options.Scope ?? "";
bool shouldUseAuthorize = ShouldUseAuthorize(options);
if (shouldUseAuthorize)
{
Validate.RejectNullOrEmpty(options.Context, "options.Context");
Validate.RejectNullOrEmpty(options.ClientName, "options.ClientName");
}
options.State = state;
options.Nonce = nonce;
options.LoginHintToken = options.LoginHintToken;
if (options.LoginHintToken == null)
{
options.LoginHint = options.LoginHint ?? LoginHint.GenerateForEncryptedMsisdn(encryptedMsisdn);
}
options.RedirectUrl = redirectUrl;
options.ClientId = clientId;
string version;
string coercedScope = CoerceAuthenticationScope(options.Scope, versions, shouldUseAuthorize, out version);
Log.Info(() => $"scope={options.Scope} => coercedScope={coercedScope}");
options.Scope = coercedScope;
UriBuilder build = new UriBuilder(authorizeUrl);
build.AddQueryParams(GetAuthenticationQueryParams(options, shouldUseAuthorize, version));
Log.Info(() => $"Authentication URI={build.Uri.AbsoluteUri}");
return(new StartAuthenticationResponse()
{
Url = build.Uri.AbsoluteUri
});
}
/// <inheritdoc/>
public StartAuthenticationResponse StartAuthentication(string clientId, string authorizeUrl, string redirectUrl, string state, string nonce,
string encryptedMsisdn, SupportedVersions versions, AuthenticationOptions options, string currentVersion)
{
Validate.RejectNullOrEmpty(clientId, "clientId");
Validate.RejectNullOrEmpty(authorizeUrl, "authorizeUrl");
Validate.RejectNullOrEmpty(redirectUrl, "redirectUrl");
Validate.RejectNullOrEmpty(state, "state");
Validate.RejectNullOrEmpty(nonce, "nonce");
options = options ?? new AuthenticationOptions();
options.Scope = options.Scope ?? "";
bool shouldUseAuthorize = options.Scope.ToLower().Equals(Constants.Scope.AUTHZ.ToLower());
if (shouldUseAuthorize)
{
Validate.RejectNullOrEmpty(options.Context, "options.Context");
Validate.RejectNullOrEmpty(options.ClientName, "options.ClientName");
Validate.RejectNullOrEmpty(options.BindingMessage, "options.BindingMessage");
}
if (options != null)
{
KYCClaimsParameter kycClaims = options.KycClaims;
if (kycClaims != null)
{
bool isNamePresent = false;
bool isAddressPresent = false;
if (currentVersion.Equals(DefaultOptions.V2_3) && options.Scope.Contains(Constants.Scope.KYCPLAIN))
{
isNamePresent = StringUtils.requireNonEmpty("name || given_name and family_name",
kycClaims.Name, kycClaims.GivenName, kycClaims.FamilyName);
isAddressPresent = StringUtils.requireNonEmpty(
"address || houseno_or_housename, postal_code, country, town", kycClaims.Address,
kycClaims.HousenoOrHouseName, kycClaims.PostalCode, kycClaims.Country, kycClaims.Town);
}
if (currentVersion.Equals(DefaultOptions.V2_3) && options.Scope.Contains(Constants.Scope.KYCHASHED))
{
isNamePresent = StringUtils.requireNonEmpty("name_hashed || given_name_hashed and family_name_hashed",
kycClaims.NameHashed, kycClaims.GivenNameHashed, kycClaims.FamilyNameHashed);
isAddressPresent = StringUtils.requireNonEmpty(
"address_hashed || houseno_or_housename_hashed, postal_code_hashed, country_hashed, town_hashed", kycClaims.AddressHashed,
kycClaims.HousenoOrHouseNameHashed, kycClaims.PostalCodeHashed, kycClaims.CountryHashed, kycClaims.TownHashed);
}
if ((isNamePresent & !isAddressPresent) | (!isNamePresent & isAddressPresent))
{
throw new MobileConnectInvalidArgumentException("(split|concatenated, plain|hashed) name or address is empty");
}
}
}
options.State = state;
options.Nonce = nonce;
if (options.LoginHintToken == null)
{
options.LoginHint = options.LoginHint ?? LoginHint.GenerateForEncryptedMsisdn(encryptedMsisdn);
}
options.RedirectUrl = redirectUrl;
options.ClientId = clientId;
UriBuilder build = new UriBuilder(authorizeUrl);
build.AddQueryParams(GetAuthenticationQueryParams(options, shouldUseAuthorize, options.Version));
Log.Info(() => $"Authentication URI={build.Uri.AbsoluteUri}");
return(new StartAuthenticationResponse()
{
Url = build.Uri.AbsoluteUri
});
}
