/// <summary>
/// Initializes a new <see cref="T:Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext" />.
/// </summary>
/// <param name="principal">The <see cref="T:System.Security.Claims.ClaimsPrincipal" />.</param>
/// <param name="properties">The <see cref="T:Microsoft.AspNetCore.Authentication.AuthenticationProperties" />.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
public EHealthOAuthCreatingTicketContext(ClaimsPrincipal principal, AuthenticationProperties properties, HttpContext context, AuthenticationScheme scheme, OAuthOptions options, HttpClient backchannel, EHealthOAuthTokenResponse tokens)
: this(principal, properties, context, scheme, options, backchannel, tokens, new JObject())
{
}
/// <summary>
/// Initializes a new <see cref="T:Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext" />.
/// </summary>
/// <param name="principal">The <see cref="T:System.Security.Claims.ClaimsPrincipal" />.</param>
/// <param name="properties">The <see cref="T:Microsoft.AspNetCore.Authentication.AuthenticationProperties" />.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
/// <param name="user">The JSON-serialized user.</param>
public EHealthOAuthCreatingTicketContext(ClaimsPrincipal principal, AuthenticationProperties properties, HttpContext context, AuthenticationScheme scheme, OAuthOptions options, HttpClient backchannel, EHealthOAuthTokenResponse tokens, JObject user)
: base(context, scheme, options)
{
TokenResponse = tokens ?? throw new ArgumentNullException(nameof(tokens));
Backchannel = backchannel ?? throw new ArgumentNullException(nameof(backchannel));
User = user ?? throw new ArgumentNullException(nameof(user));
Principal = principal;
Properties = properties;
}
/// <inheritdoc />
protected override async Task <HandleRequestResult> HandleRemoteAuthenticateAsync()
{
var query = Request.Query;
var error = query["error"];
if (!StringValues.IsNullOrEmpty(error))
{
var stringBuilder = new StringBuilder();
stringBuilder.Append(error);
var errorDescription = query["error_description"];
if (!StringValues.IsNullOrEmpty(errorDescription))
{
stringBuilder.Append(";Description=").Append(errorDescription);
}
var errorUri = query["error_uri"];
if (!StringValues.IsNullOrEmpty(errorUri))
{
stringBuilder.Append(";Uri=").Append(errorUri);
}
return(HandleRequestResult.Fail(stringBuilder.ToString()));
}
var code = query["code"];
var state = query["state"];
var properties = Options.StateDataFormat.Unprotect(state) ?? new AuthenticationProperties();
if (StringValues.IsNullOrEmpty(code))
{
return(HandleRequestResult.Fail("Code was not found."));
}
var tok = await ExchangeCodeAsync(code, BuildRedirectUri(Options.CallbackPath));
var tokens = EHealthOAuthTokenResponse.Success(tok.Response);
if (tokens.Error != null)
{
return(HandleRequestResult.Fail(tokens.Error));
}
if (string.IsNullOrEmpty(tokens.AccessToken))
{
return(HandleRequestResult.Fail("Failed to retrieve access token."));
}
var identity = new ClaimsIdentity(ClaimsIssuer);
if (Options.SaveTokens)
{
var authenticationTokenList = new List <AuthenticationToken>
{
new AuthenticationToken {
Name = "access_token", Value = tokens.AccessToken
}
};
if (!string.IsNullOrEmpty(tokens.RefreshToken))
{
authenticationTokenList.Add(new AuthenticationToken {
Name = "refresh_token", Value = tokens.RefreshToken
});
}
if (!string.IsNullOrEmpty(tokens.TokenType))
{
authenticationTokenList.Add(new AuthenticationToken {
Name = "token_type", Value = tokens.TokenType
});
}
if (!string.IsNullOrEmpty(tokens.ExpiresIn) && int.TryParse(tokens.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out var result))
{
var dateTimeOffset = Clock.UtcNow + TimeSpan.FromSeconds(result);
authenticationTokenList.Add(new AuthenticationToken
{
Name = "expires_at",
Value = dateTimeOffset.ToString("o", CultureInfo.InvariantCulture)
});
}
properties.StoreTokens(authenticationTokenList);
}
var ticketAsync = await CreateTicketAsync(identity, properties, tokens.Response);
return(ticketAsync == null
? HandleRequestResult.Fail("Failed to retrieve user information from remote server.")
: HandleRequestResult.Success(ticketAsync));
}