private async Task <Application> GetTokenOwnerApplicationAsync(string basicToken)
{
var parts = basicToken.Split(':');
if (parts.Length != 2)
{
throw ErtisAuthException.InvalidToken();
}
var applicationId = parts[0];
var application = await this.applicationService.GetByIdAsync(applicationId);
if (application == null)
{
throw ErtisAuthException.ApplicationNotFound(applicationId);
}
return(application);
}
public async Task <BasicTokenValidationResult> VerifyBasicTokenAsync(string basicToken, bool fireEvent = true)
{
if (string.IsNullOrEmpty(basicToken))
{
throw ErtisAuthException.InvalidToken();
}
var parts = basicToken.Split(':');
if (parts.Length != 2)
{
throw ErtisAuthException.InvalidToken();
}
var applicationId = parts[0];
var application = await this.applicationService.GetByIdAsync(applicationId);
if (application == null)
{
throw ErtisAuthException.ApplicationNotFound(applicationId);
}
var membership = await this.membershipService.GetAsync(application.MembershipId);
if (membership == null)
{
throw ErtisAuthException.MembershipNotFound(application.MembershipId);
}
var secret = parts[1];
if (membership.SecretKey != secret)
{
throw ErtisAuthException.ApplicationSecretMismatch();
}
if (fireEvent)
{
await this.eventService.FireEventAsync(this, new ErtisAuthEvent(ErtisAuthEventType.TokenVerified, application, new { basicToken }));
}
return(new BasicTokenValidationResult(true, basicToken, application));
}
protected override ErtisAuthException GetNotFoundError(string id)
{
return(ErtisAuthException.ApplicationNotFound(id));
}
public static NotFoundObjectResult ApplicationNotFound(this ControllerBase controller, string applicationId)
{
return(controller.NotFound(ErtisAuthException.ApplicationNotFound(applicationId)));
}
public async ValueTask <BasicTokenValidationResult> VerifyBasicTokenAsync(string basicToken, bool fireEvent = true)
{
if (string.IsNullOrEmpty(basicToken))
{
throw ErtisAuthException.InvalidToken();
}
var parts = basicToken.Split(':');
if (parts.Length != 2)
{
throw ErtisAuthException.InvalidToken();
}
var applicationId = parts[0];
var secret = parts[1];
var application = await this.applicationService.GetByIdAsync(applicationId);
if (application == null)
{
throw ErtisAuthException.ApplicationNotFound(applicationId);
}
var membership = await this.membershipService.GetAsync(application.MembershipId);
if (membership == null)
{
if (this.applicationService.IsSystemReservedApplication(application))
{
membership = await this.membershipService.GetBySecretKeyAsync(secret);
var onTheFlyApplication = new Application
{
Id = application.Id,
Name = application.Name,
Role = application.Role,
Permissions = application.Permissions,
Forbidden = application.Forbidden,
Sys = application.Sys,
MembershipId = membership.Id
};
application = onTheFlyApplication;
}
if (membership == null)
{
throw ErtisAuthException.MembershipNotFound(application.MembershipId);
}
}
if (membership.SecretKey != secret)
{
throw ErtisAuthException.ApplicationSecretMismatch();
}
if (fireEvent)
{
await this.eventService.FireEventAsync(this, new ErtisAuthEvent(ErtisAuthEventType.TokenVerified, application, new { basicToken }) { MembershipId = membership.Id });
}
return(new BasicTokenValidationResult(true, basicToken, application));
}
