/// <summary>
/// Create linked account.
/// </summary>
/// <param name="sessionToken">session token</param>
/// <returns>result of create linked account operation</returns>
public async Task <IHttpActionResult> PostLinkedAccount(string sessionToken)
{
var postLinkedAccountRequest = new PostLinkedAccountRequest
{
SessionToken = sessionToken
};
return(await this.PostLinkedAccount(postLinkedAccountRequest));
}
/// <summary>
/// Create a new linked account.
/// The account to be linked must appear in the Auth header of the
/// request. This new third-party account
/// will be linked against the credentials appearing in the
/// session token passed in the body of the request.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='request'>
/// Post linked account request
/// </param>
/// <param name='authorization'>
/// Format is: "Scheme CredentialsList". Possible values are:
///
/// - Anon AK=AppKey
///
/// - SocialPlus TK=SessionToken
///
/// - Facebook AK=AppKey|TK=AccessToken
///
/// - Google AK=AppKey|TK=AccessToken
///
/// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
///
/// - Microsoft AK=AppKey|TK=AccessToken
///
/// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <object> PostLinkedAccountAsync(this IMyLinkedAccounts operations, PostLinkedAccountRequest request, string authorization, CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.PostLinkedAccountWithHttpMessagesAsync(request, authorization, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
/// <summary>
/// Create a new linked account.
/// The account to be linked must appear in the Auth header of the
/// request. This new third-party account
/// will be linked against the credentials appearing in the
/// session token passed in the body of the request.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='request'>
/// Post linked account request
/// </param>
/// <param name='authorization'>
/// Format is: "Scheme CredentialsList". Possible values are:
///
/// - Anon AK=AppKey
///
/// - SocialPlus TK=SessionToken
///
/// - Facebook AK=AppKey|TK=AccessToken
///
/// - Google AK=AppKey|TK=AccessToken
///
/// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
///
/// - Microsoft AK=AppKey|TK=AccessToken
///
/// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
/// </param>
public static object PostLinkedAccount(this IMyLinkedAccounts operations, PostLinkedAccountRequest request, string authorization)
{
return(Task.Factory.StartNew(s => ((IMyLinkedAccounts)s).PostLinkedAccountAsync(request, authorization), operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult());
}
/// <summary>
/// Create a new linked account.
/// The account to be linked must appear in the Auth header of the
/// request. This new third-party account
/// will be linked against the credentials appearing in the
/// session token passed in the body of the request.
/// </summary>
/// <param name='request'>
/// Post linked account request
/// </param>
/// <param name='authorization'>
/// Format is: "Scheme CredentialsList". Possible values are:
///
/// - Anon AK=AppKey
///
/// - SocialPlus TK=SessionToken
///
/// - Facebook AK=AppKey|TK=AccessToken
///
/// - Google AK=AppKey|TK=AccessToken
///
/// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
///
/// - Microsoft AK=AppKey|TK=AccessToken
///
/// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
/// </param>
/// <param name='customHeaders'>
/// Headers that will be added to request.
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
/// <return>
/// A response object containing the response body and response headers.
/// </return>
public async Task <HttpOperationResponse <object> > PostLinkedAccountWithHttpMessagesAsync(PostLinkedAccountRequest request, string authorization, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken))
{
if (request == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "request");
}
if (request != null)
{
request.Validate();
}
if (authorization == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "authorization");
}
// Tracing
bool _shouldTrace = ServiceClientTracing.IsEnabled;
string _invocationId = null;
if (_shouldTrace)
{
_invocationId = ServiceClientTracing.NextInvocationId.ToString();
Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
tracingParameters.Add("request", request);
tracingParameters.Add("authorization", authorization);
tracingParameters.Add("cancellationToken", cancellationToken);
ServiceClientTracing.Enter(_invocationId, this, "PostLinkedAccount", tracingParameters);
}
// Construct URL
var _baseUrl = this.Client.BaseUri.AbsoluteUri;
var _url = new Uri(new Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "v0.7/users/me/linked_accounts").ToString();
// Create HTTP transport objects
HttpRequestMessage _httpRequest = new HttpRequestMessage();
HttpResponseMessage _httpResponse = null;
_httpRequest.Method = new HttpMethod("POST");
_httpRequest.RequestUri = new Uri(_url);
// Set Headers
if (authorization != null)
{
if (_httpRequest.Headers.Contains("Authorization"))
{
_httpRequest.Headers.Remove("Authorization");
}
_httpRequest.Headers.TryAddWithoutValidation("Authorization", authorization);
}
if (customHeaders != null)
{
foreach (var _header in customHeaders)
{
if (_httpRequest.Headers.Contains(_header.Key))
{
_httpRequest.Headers.Remove(_header.Key);
}
_httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value);
}
}
// Serialize Request
string _requestContent = null;
if (request != null)
{
_requestContent = SafeJsonConvert.SerializeObject(request, this.Client.SerializationSettings);
_httpRequest.Content = new StringContent(_requestContent, Encoding.UTF8);
_httpRequest.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
}
// Send Request
if (_shouldTrace)
{
ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
}
cancellationToken.ThrowIfCancellationRequested();
_httpResponse = await this.Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
if (_shouldTrace)
{
ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse);
}
HttpStatusCode _statusCode = _httpResponse.StatusCode;
cancellationToken.ThrowIfCancellationRequested();
string _responseContent = null;
if ((int)_statusCode != 204 && (int)_statusCode != 400 && (int)_statusCode != 409)
{
var ex = new HttpOperationException(string.Format("Operation returned an invalid status code '{0}'", _statusCode));
_responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent);
ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent);
if (_shouldTrace)
{
ServiceClientTracing.Error(_invocationId, ex);
}
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw ex;
}
// Create Result
var _result = new HttpOperationResponse <object>();
_result.Request = _httpRequest;
_result.Response = _httpResponse;
// Deserialize Response
if ((int)_statusCode == 204)
{
_responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
try
{
_result.Body = SafeJsonConvert.DeserializeObject <object>(_responseContent, this.Client.DeserializationSettings);
}
catch (JsonException ex)
{
_httpRequest.Dispose();
if (_httpResponse != null)
{
_httpResponse.Dispose();
}
throw new SerializationException("Unable to deserialize the response.", _responseContent, ex);
}
}
if (_shouldTrace)
{
ServiceClientTracing.Exit(_invocationId, _result);
}
return(_result);
}
public async Task <IHttpActionResult> PostLinkedAccount([FromBody] PostLinkedAccountRequest request)
{
string className = "MyLinkedAccountsController";
string methodName = "PostLinkedAccount";
string logEntry = $"IdentityProvider = {this.UserPrincipal?.IdentityProvider}";
this.LogControllerStart(this.log, className, methodName, logEntry);
// 1. Check that the auth header has no user handle. If it does, it means that the auth filter already found a user handle linked
// to this credential
if (this.UserHandle != null)
{
this.log.LogError(string.Format("User already has account linked. UserHandle: {0}", this.UserHandle));
return(this.Conflict(ResponseStrings.LinkedAccountExists));
}
// 2. Validate the session token. If token is invalid we return BadRequest (400) and not unauthorized (401).
List <IPrincipal> principals;
try
{
principals = await this.sessionTokenManager.ValidateToken(request.SessionToken);
}
catch (Exception e)
{
// Catch exception and log it
this.log.LogError(string.Format("Session token {0} invalid in PostLinkedAccount", request.SessionToken), e);
return(this.BadRequest(ResponseStrings.SessionTokenInvalid));
}
// Extract app and user principals from session token.
AppPrincipal sessionTokenAppPrincipal = null;
UserPrincipal sessionTokenUserPrincipal = null;
foreach (IPrincipal p in principals)
{
if (p is AppPrincipal)
{
sessionTokenAppPrincipal = p as AppPrincipal;
}
else
{
sessionTokenUserPrincipal = p as UserPrincipal;
}
}
// 3. Check that the app principal extracted from session token matches the one in the auth filter.
if (sessionTokenAppPrincipal != this.AppPrincipal)
{
this.log.LogError($"Session token belongs to app {sessionTokenAppPrincipal.ToString()} whereas the request's token belongs to app {this.AppPrincipal.ToString()}");
return(this.BadRequest(ResponseStrings.SessionTokenInvalid));
}
// 4. Check if the account is linked already. For this we use the user handle from the session token and the identity provider from the Auth header
var linkedAccountEntity = await this.usersManager.ReadLinkedAccount(sessionTokenUserPrincipal.UserHandle, this.UserPrincipal.IdentityProvider);
if (linkedAccountEntity != null)
{
this.log.LogError($"User already has account linked. UserHandle: {sessionTokenUserPrincipal.UserHandle}, IdentityProvider: {this.UserPrincipal.IdentityProvider}");
return(this.Conflict(ResponseStrings.LinkedAccountExists));
}
// 5. Finally link account
UserPrincipal linkedAccountUserPrincipal = new UserPrincipal(this.log, sessionTokenUserPrincipal.UserHandle, this.UserPrincipal.IdentityProvider, this.UserPrincipal.IdentityProviderAccountId);
await this.usersManager.CreateLinkedAccount(ProcessType.Frontend, linkedAccountUserPrincipal);
logEntry += $", SessionTokenAppHandle = {sessionTokenAppPrincipal?.AppHandle}, SessionTokenUserHandle = {sessionTokenUserPrincipal?.UserHandle}";
this.LogControllerEnd(this.log, className, methodName, logEntry);
return(this.NoContent());
}
