/// <summary>
/// Create a signed token request based on known credentials
/// and the given token params. This would typically be used if creating
/// signed requests for submission by another client.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/>. If null a token request is generated from options passed when the client was created.</param>
/// <param name="authOptions"><see cref="AuthOptions"/>. If null the default AuthOptions are used.</param>
/// <returns></returns>
public async Task <string> CreateTokenRequestAsync(TokenParams tokenParams, AuthOptions authOptions)
{
var mergedOptions = authOptions != null?authOptions.Merge(Options) : Options;
if (string.IsNullOrEmpty(mergedOptions.Key))
{
throw new AblyException("No key specified", 40101, HttpStatusCode.Unauthorized);
}
var @params = MergeTokenParamsWithDefaults(tokenParams);
if (mergedOptions.QueryTime.GetValueOrDefault(false))
{
@params.Timestamp = await _rest.TimeAsync();
}
ApiKey key = mergedOptions.ParseKey();
var request = new TokenRequest(Now).Populate(@params, key.KeyName, key.KeySecret);
return(JsonHelper.Serialize(request));
}
public AuthOptions Merge(AuthOptions defaults)
{
if (AuthCallback == null)
{
AuthCallback = defaults.AuthCallback;
}
if (AuthUrl == null)
{
AuthUrl = defaults.AuthUrl;
}
if (Token.IsEmpty())
{
Token = defaults.Token;
}
if (TokenDetails == null)
{
TokenDetails = defaults.TokenDetails;
}
if (AuthHeaders.Count == 0)
{
AuthHeaders = defaults.AuthHeaders;
}
if (AuthParams.Count == 0)
{
AuthParams = defaults.AuthParams;
}
if (Key.IsEmpty())
{
Key = defaults.Key;
}
if (UseTokenAuth.HasValue == false)
{
UseTokenAuth = defaults.UseTokenAuth;
}
if (QueryTime.HasValue == false)
{
QueryTime = defaults.QueryTime;
}
return(this);
}
/// <summary>
/// Create a signed token request based on known credentials
/// and the given token params. This would typically be used if creating
/// signed requests for submission by another client.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/>. If null a token request is generated from options passed when the client was created.</param>
/// <param name="authOptions"><see cref="AuthOptions"/>. If null the default AuthOptions are used.</param>
/// <returns></returns>
public async Task <string> CreateTokenRequestAsync(TokenParams tokenParams, AuthOptions authOptions)
{
authOptions = authOptions ?? CurrentAuthOptions ?? Options;
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
if (string.IsNullOrEmpty(authOptions.Key))
{
throw new AblyException("No key specified", 40101, HttpStatusCode.Unauthorized);
}
await SetTokenParamsTimestamp(authOptions, tokenParams);
if (authOptions.QueryTime.GetValueOrDefault(false))
{
tokenParams.Timestamp = await _rest.TimeAsync();
}
var apiKey = authOptions.ParseKey();
var request = new TokenRequest(Now).Populate(tokenParams, apiKey.KeyName, apiKey.KeySecret);
return(JsonHelper.Serialize(request));
}
public TokenRequest CreateTokenRequest(TokenParams tokenParams = null,
AuthOptions authOptions = null)
{
return(AsyncHelper.RunSync(() => CreateTokenRequestAsync(tokenParams, authOptions)));
}
public TokenDetails Authorise(TokenParams tokenParams = null,
AuthOptions options = null)
{
return(AsyncHelper.RunSync(() => AuthoriseAsync(tokenParams, options)));
}
public TokenDetails RequestToken(TokenParams tokenParams = null,
AuthOptions options = null)
{
return(AsyncHelper.RunSync(() => RequestTokenAsync(tokenParams, options)));
}
/// <summary>
/// Ensure valid auth credentials are present. This may rely in an already-known
/// and valid token, and will obtain a new token if necessary or explicitly
/// requested.
/// Authorisation will use the parameters supplied on construction except
/// where overridden with the options supplied in the call.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/> custom parameter. Pass null and default token request options will be generated used the options passed when creating the client</param>
/// <param name="options"><see cref="AuthOptions"/> custom options.</param>
/// <returns>Returns a valid token</returns>
/// <exception cref="AblyException">Throws an ably exception representing the server response</exception>
public async Task <TokenDetails> AuthoriseAsync(TokenParams tokenParams = null, AuthOptions options = null)
{
var authOptions = options ?? new AuthOptions();
bool force = authOptions.Force; //this is needed because I share the object and reset Force later on.
authOptions.Merge(CurrentAuthOptions);
SetCurrentAuthOptions(options);
var authTokenParams = MergeTokenParamsWithDefaults(tokenParams);
SetCurrentTokenParams(authTokenParams);
if (force)
{
CurrentToken = await RequestTokenAsync(authTokenParams, options);
}
else if (CurrentToken != null)
{
if ((Config.Now().AddSeconds(Defaults.TokenExpireBufferInSeconds)) >= CurrentToken.Expires)
{
CurrentToken = await RequestTokenAsync(authTokenParams, options);
}
}
else
{
CurrentToken = await RequestTokenAsync(authTokenParams, options);
}
AuthMethod = AuthMethod.Token;
return(CurrentToken);
}
/// <summary>
/// Makes a token request. This will make a token request now, even if the library already
/// has a valid token. It would typically be used to issue tokens for use by other clients.
/// </summary>
/// <param name="tokenParams">The <see cref="TokenRequest"/> data used for the token</param>
/// <param name="options">Extra <see cref="AuthOptions"/> used for creating a token </param>
/// <returns>A valid ably token</returns>
/// <exception cref="AblyException"></exception>
public virtual async Task <TokenDetails> RequestTokenAsync(TokenParams tokenParams = null, AuthOptions options = null)
{
var mergedOptions = options != null?options.Merge(Options) : Options;
string keyId = "", keyValue = "";
if (mergedOptions.Key.IsNotEmpty())
{
var key = mergedOptions.ParseKey();
keyId = key.KeyName;
keyValue = key.KeySecret;
}
var @params = MergeTokenParamsWithDefaults(tokenParams);
if (mergedOptions.QueryTime.GetValueOrDefault(false))
{
@params.Timestamp = await _rest.TimeAsync();
}
EnsureSecureConnection();
var request = _rest.CreatePostRequest($"/keys/{keyId}/requestToken");
request.SkipAuthentication = true;
TokenRequest postData = null;
if (mergedOptions.AuthCallback != null)
{
var callbackResult = await mergedOptions.AuthCallback(@params);
if (callbackResult == null)
{
throw new AblyException("AuthCallback returned null");
}
if (callbackResult is TokenDetails)
{
return(callbackResult as TokenDetails);
}
if (callbackResult is TokenRequest)
{
postData = callbackResult as TokenRequest;
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
else
{
throw new AblyException($"AuthCallback returned an unsupported type ({callbackResult.GetType()}. Expected either TokenDetails or TokenRequest");
}
}
else if (mergedOptions.AuthUrl.IsNotEmpty())
{
var response = await CallAuthUrl(mergedOptions, @params);
if (response.Type == ResponseType.Text) //Return token string
{
return(new TokenDetails(response.TextResponse));
}
var signedData = response.TextResponse;
var jData = JObject.Parse(signedData);
if (TokenDetails.IsToken(jData))
{
return(JsonHelper.DeserializeObject <TokenDetails>(jData));
}
postData = JsonHelper.Deserialize <TokenRequest>(signedData);
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
else
{
if (keyId.IsEmpty() || keyValue.IsEmpty())
{
throw new AblyException("TokenAuth is on but there is no way to generate one");
}
postData = new TokenRequest().Populate(@params, keyId, keyValue);
}
request.PostData = postData;
TokenDetails result = await _rest.ExecuteRequest <TokenDetails>(request);
if (result == null)
{
throw new AblyException(new ErrorInfo("Invalid token response returned", 500));
}
return(result);
}
public TokenDetails Authorise(TokenParams tokenParams = null, AuthOptions options = null)
{
Logger.Warning("Authorise is deprecated and will be removed in the future, please replace with a call to Authorize.");
return(AsyncHelper.RunSync(() => AuthorizeAsync(tokenParams, options)));
}
public async Task <TokenDetails> AuthoriseAsync(TokenParams tokenParams = null, AuthOptions options = null)
{
Logger.Warning("AuthoriseAsync is deprecated and will be removed in the future, please replace with a call to AuthorizeAsync");
return(await AuthorizeAsync(tokenParams, options));
}
/// <summary>
/// Ensure valid auth credentials are present. This may rely in an already-known
/// and valid token, and will obtain a new token if necessary or explicitly
/// requested.
/// Authorisation will use the parameters supplied on construction except
/// where overridden with the options supplied in the call.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/> custom parameter. Pass null and default token request options will be generated used the options passed when creating the client</param>
/// <param name="authOptions"><see cref="AuthOptions"/> custom options.</param>
/// <returns>Returns a valid token</returns>
/// <exception cref="AblyException">Throws an ably exception representing the server response</exception>
public async Task <TokenDetails> AuthorizeAsync(TokenParams tokenParams = null, AuthOptions authOptions = null)
{
// RSA10j - TokenParams and AuthOptions supersede any previously client library configured TokenParams and AuthOptions
authOptions = authOptions ?? CurrentAuthOptions ?? Options;
SetCurrentAuthOptions(authOptions);
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
SetCurrentTokenParams(tokenParams);
CurrentToken = await RequestTokenAsync(tokenParams, authOptions);
AuthMethod = AuthMethod.Token;
var eventArgs = new AblyAuthUpdatedEventArgs(CurrentToken);
AuthUpdated?.Invoke(this, eventArgs);
// RTC8a3
await AuthorizeCompleted(eventArgs);
return(CurrentToken);
}
/// <summary>
/// Makes a token request. This will make a token request now, even if the library already
/// has a valid token. It would typically be used to issue tokens for use by other clients.
/// </summary>
/// <param name="tokenParams">The <see cref="TokenRequest"/> data used for the token</param>
/// <param name="authOptions">Extra <see cref="AuthOptions"/> used for creating a token </param>
/// <returns>A valid ably token</returns>
/// <exception cref="AblyException"></exception>
public virtual async Task <TokenDetails> RequestTokenAsync(TokenParams tokenParams = null, AuthOptions authOptions = null)
{
EnsureSecureConnection();
// (RSA8e)
authOptions = authOptions ?? CurrentAuthOptions ?? Options ?? new AuthOptions();
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
string keyId = string.Empty, keyValue = string.Empty;
if (authOptions.Key.IsNotEmpty())
{
var key = authOptions.ParseKey();
keyId = key.KeyName;
keyValue = key.KeySecret;
}
if (tokenParams.ClientId.IsEmpty())
{
tokenParams.ClientId = ClientId;
}
await SetTokenParamsTimestamp(authOptions, tokenParams);
var request = _rest.CreatePostRequest($"/keys/{keyId}/requestToken");
request.SkipAuthentication = true;
TokenRequest postData = null;
if (authOptions.AuthCallback != null)
{
bool shouldCatch = true;
try
{
var callbackResult = await authOptions.AuthCallback(tokenParams);
if (callbackResult == null)
{
throw new AblyException("AuthCallback returned null", 80019);
}
if (callbackResult is TokenDetails)
{
return(callbackResult as TokenDetails);
}
if (callbackResult is TokenRequest || callbackResult is string)
{
postData = GetTokenRequest(callbackResult);
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
else
{
shouldCatch = false;
throw new AblyException($"AuthCallback returned an unsupported type ({callbackResult.GetType()}. Expected either TokenDetails or TokenRequest", 80019, HttpStatusCode.BadRequest);
}
}
catch (Exception ex) when(shouldCatch)
{
var statusCode = HttpStatusCode.Unauthorized;
if (ex is AblyException aex)
{
statusCode = aex.ErrorInfo.StatusCode == HttpStatusCode.Forbidden
? HttpStatusCode.Forbidden
: HttpStatusCode.Unauthorized;
}
throw new AblyException(
new ErrorInfo(
"Error calling AuthCallback, token request failed. See inner exception for details.",
80019,
statusCode), ex);
}
}
else if (authOptions.AuthUrl.IsNotEmpty())
{
var responseText = String.Empty;
try
{
var response = await CallAuthUrl(authOptions, tokenParams);
if (response.Type == ResponseType.Text || response.Type == ResponseType.Jwt)
{
// RSC8c:
// The token retrieved is assumed by the library to be a token string
// if the response has Content-Type "text/plain" or "application/jwt"
return(new TokenDetails(response.TextResponse, Now));
}
responseText = response.TextResponse;
var jData = JObject.Parse(responseText);
if (TokenDetails.IsToken(jData))
{
return(JsonHelper.DeserializeObject <TokenDetails>(jData));
}
postData = JsonHelper.Deserialize <TokenRequest>(responseText);
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
catch (AblyException ex)
{
throw new AblyException(
new ErrorInfo(
"Error calling Auth URL, token request failed. See the InnerException property for details of the underlying exception.",
80019,
ex.ErrorInfo.StatusCode == HttpStatusCode.Forbidden
? ex.ErrorInfo.StatusCode
: HttpStatusCode.Unauthorized,
ex),
ex);
}
catch (Exception ex)
{
string reason =
"Error handling Auth URL, token request failed. See the InnerException property for details of the underlying exception.";
if (ex is JsonReaderException)
{
reason =
$"Error parsing JSON response '{responseText}' from Auth URL.See the InnerException property for details of the underlying exception.";
}
throw new AblyException(
new ErrorInfo(
reason,
80019,
HttpStatusCode.InternalServerError,
ex),
ex);
}
}
else
{
if (keyId.IsEmpty() || keyValue.IsEmpty())
{
throw new AblyException("TokenAuth is on but there is no way to generate one", 80019);
}
postData = new TokenRequest(Now).Populate(tokenParams, keyId, keyValue);
}
request.PostData = postData;
TokenDetails result = await _rest.ExecuteRequest <TokenDetails>(request);
if (result == null)
{
throw new AblyException("Invalid token response returned", 80019);
}
//TODO: Very ugly stuff
result.Now = Now;
return(result);
}
