protected AuthenticateResult HandleAuthenticateSync() { if (!Request.Headers.TryGetValue("Authorization", out var headerRow)) { return(AuthenticateResult.NoResult()); } if (!AuthenticationHeaderValue.TryParse(headerRow.ToString(), out var header)) { return(AuthenticateResult.NoResult()); } if (header.Scheme != "TelegramWidget") { return(AuthenticateResult.NoResult()); } byte[] infoInBase64; try { infoInBase64 = Convert.FromBase64String(header.Parameter); } catch { return(AuthenticateResult.Fail($"invalid base64 content")); } var jsonParam = Encoding.UTF8.GetString(infoInBase64); TelegramUserInfo userInfo; try { userInfo = JsonSerializer.Deserialize <TelegramUserInfo>(jsonParam); } catch { return(AuthenticateResult.Fail($"invalid json content in base64 string")); } var loginWidget = new LoginWidget(telegramBotOptions.Value.AccessToken) { AllowedTimeOffset = (long)TimeSpan.FromDays(10).TotalSeconds }; var userInfoAsDictionary = ReadUserInfoAsDictionary(userInfo); var authResult = loginWidget.CheckAuthorization(userInfoAsDictionary); if (authResult != Authorization.Valid) { return(AuthenticateResult.Fail($"Incorrect telegram info: {authResult}")); } var tgIdentity = TelegramWidgetClaimsIdentityGenerator.GetIdentityForUserInfo(userInfo); var internalPrincipal = internalClaimsIdentityGenerator.Generate(userInfo); var principal = new ClaimsPrincipal(new ClaimsIdentity[] { tgIdentity, internalPrincipal }); return(AuthenticateResult.Success(new AuthenticationTicket(principal, AuthenticationSchemeConstants.TelegramWidgetAuthenticationScheme))); }
private async Task <ClaimsPrincipal> GetPrincipal() { var version = await localStorage.GetItemAsync <string>("version"); var correctVersion = configuration.GetSection("Version").Value; if (version != correctVersion) { await localStorage.ClearAsync(); await localStorage.SetItemAsync(nameof(version), correctVersion); } try { var telegramUserInfo = await localStorage.GetItemAsync <TelegramUserInfo>("telegramUserInfo"); if (telegramUserInfo == null) { Console.WriteLine("no user info"); return(new ClaimsPrincipal()); } else { var(success, claims) = await TryGetInternalClaims(telegramUserInfo); if (success) { var tgIdentity = TelegramWidgetClaimsIdentityGenerator.GetIdentityForUserInfo(telegramUserInfo); var internalIdentity = new ClaimsIdentity(claims, InternalClaimConstants.IDENTITY_AUTH_TYPE); return(new ClaimsPrincipal(new ClaimsIdentity[] { tgIdentity, internalIdentity })); } else { Console.WriteLine("can't login"); return(new ClaimsPrincipal()); } } } catch (Exception ex) { Console.WriteLine("exception"); Console.WriteLine(ex); return(new ClaimsPrincipal()); } }