public async Task <PostAuthorizeResponse> AuthorizeAsync(
string country,
string key,
string password,
string responseType,
string redirectUri,
string state,
string ipAddress,
string userAgent,
List <string> scopes,
string audience,
CancellationToken ct)
{
var identityTypes = IdentityTypeExtensions.TypesWithPassword;
var phoneIdentityType = new[] { IdentityType.PhoneAndPassword };
var identity = await _identitiesService.GetVerifiedByKeyAndTypesAsync(key, identityTypes, ct) ??
await _identitiesService.GetVerifiedByKeyAndTypesAsync(key.GetPhoneWithoutPrefixes(country),
phoneIdentityType, ct);
if (identity == null)
{
return(new PostAuthorizeResponse(redirectUri, true));
}
var profile = await _profilesService.GetAsync(identity.ProfileId, ct);
if (profile == null)
{
return(new PostAuthorizeResponse(redirectUri, true));
}
var isPasswordCorrect = _identitiesService.IsPasswordCorrect(identity, password);
if (!isPasswordCorrect)
{
return(new PostAuthorizeResponse(redirectUri, true));
}
var claims = await _claimsService.GetByScopesAsync(scopes, profile, ct);
switch (responseType)
{
case ResponseType.Code:
{
var code = _codesService.Create(profile, claims);
var callbackUri = _callbackUriService.GetByCode(redirectUri, state, code);
return(new PostAuthorizeResponse(callbackUri, false));
}
case ResponseType.Token:
{
var accessToken = _accessTokensService.Create(audience, claims);
var refreshToken =
await _refreshTokensService.CreateAsync(claims, profile, ipAddress, userAgent, ct);
var callbackUri = _callbackUriService.GetByTokens(redirectUri, state, accessToken, refreshToken);
return(new PostAuthorizeResponse(callbackUri, false));
}
default:
throw new ArgumentOutOfRangeException(responseType);
}
}