public async Task <SiAuthorizeResponse> SendSiAuthorizeRequest(
SiAuthorizeRequestModel requestModel)
{
var privateRsaKey = File.ReadAllText(requestModel.PrivateRsaKeyPath);
using (var handler = new WebRequestHandler())
{
if (requestModel.AllowSelfHostedCertificates)
{
handler.ServerCertificateValidationCallback =
(sender, cert, chain, sslPolicyErrors) => true;
}
using (var httpClient = new HttpClient(handler))
{
var values = new Dictionary <string, object>
{
{ "response_type", requestModel.ResponseType },
{ "client_id", requestModel.ClientId },
{ "scope", requestModel.Scope },
{ "request", requestModel.RequestObjectClaims.ToJwtTokenWithRs256(privateRsaKey) }
};
var response = await httpClient.GetAsync(
$"{requestModel.SiAuthorizationUrl}{values.ToQueryString()}");
var responseString = await response.Content.ReadAsStringAsync();
var isSucceeded = response.IsSuccessStatusCode;
var responseModel = isSucceeded
? JsonConvert.DeserializeObject <SiAuthorizeResponseModel>(responseString)
: null;
return(new SiAuthorizeResponse
{
Model = responseModel,
JsonString = responseString,
IsSucceeded = isSucceeded
});
}
}
}
private async Task ProcessSiAuthorize(string clientId, string audience, string siAuthorizationEndpoint)
{
if (!string.IsNullOrEmpty(Result.ErrorMessage))
{
return;
}
if (string.IsNullOrEmpty(_correlationId) ||
string.IsNullOrEmpty(clientId) ||
string.IsNullOrEmpty(audience) ||
string.IsNullOrEmpty(siAuthorizationEndpoint))
{
return;
}
var clientNotificationToken = Guid.NewGuid().ToString();
var nonce = Guid.NewGuid().ToString();
Result.ClientNotificationToken = clientNotificationToken;
Result.Nonce = nonce;
var responseType = "mc_si_async_code";
var scope = "openid mc_authn";
var acrValues = "3 2";
var loginHint = WebUtility.UrlEncode($"MSISDN:{Settings.PhoneNumber}");
var version = "mc_si_r2_v1.0";
var siAuthorizeRequestModel = new SiAuthorizeRequestModel
{
SiAuthorizationUrl = siAuthorizationEndpoint,
PrivateRsaKeyPath = Settings.PrivateRsaKeyPath,
ResponseType = responseType,
ClientId = clientId,
Scope = scope,
RequestObjectClaims = new SiAuthorizeRequestObjectClaims
{
ResponseType = responseType,
ClientId = clientId,
Scope = scope,
Nonce = nonce,
LoginHint = loginHint,
AcrValues = acrValues,
CorrelationId = _correlationId,
Iss = clientId,
Aud = audience,
ClientNotificationToken = clientNotificationToken,
NotificationUri = Settings.NotificationUri,
Version = version
}
};
var siAuthorizeResponse =
await Client.SendSiAuthorizeRequest(siAuthorizeRequestModel);
if (siAuthorizeResponse == null)
{
Result.ErrorMessage = "SI Authorize Response is null";
return;
}
Result.SiAuthorizeResponse = siAuthorizeResponse;
if (!siAuthorizeResponse.IsSucceeded)
{
Result.ErrorMessage = "SI Authorize Response StatusCode is not success";
return;
}
if (!TryGetAuthReqId(siAuthorizeResponse, out var authReqId))
{
return;
}
Result.AuthReqId = authReqId;
}
