public async Task <IActionResult> Authorize(AuthorizationRequest request) { AuthorizationInput input = new AuthorizationInput { Card = new CreditCard { CardNumber = request.CardNumber, CVV = request.CVV, ExpiryMonth = request.ExpiryMonth, ExpiryYear = request.ExpiryYear }, Amount = request.Amount, Currency = request.Currency }; AuthorizationOutput serviceResponse = await _service.AuthorizeTransaction(input); AuthorizeResponse response = new AuthorizeResponse { AmountAvailable = serviceResponse.TransactionOutput.AmountAvailable, Currency = serviceResponse.TransactionOutput.Currency, Error = serviceResponse.TransactionOutput.Error, Id = serviceResponse.AuthorizationId, Success = serviceResponse.TransactionOutput.Success }; return(Ok(response)); }
public override async Task OnExecutingAsync(FunctionExecutingContext executingContext, CancellationToken cancellationToken) { executingContext.Logger.LogInformation("JWT-Token validator executing..."); HttpRequest httpRequest = (HttpRequest)executingContext.Arguments.First().Value; var authHeader = AuthenticationHeaderValue.Parse(httpRequest.Headers[HeaderNames.Authorization]); AuthorizationOutput authorizationOutput = await this._authService.ValidateAsync(authHeader); executingContext.Logger.LogInformation($"JWT-Token successful validated. Email: {authorizationOutput.Email}, User Roles: {authorizationOutput.ResourceAccess}"); httpRequest.HttpContext.Items.Add(HttpContextItems.AuthorizationOutput, authorizationOutput); await base.OnExecutingAsync(executingContext, cancellationToken); }
public void AuthorizeTransaction_ServiceAuthorizes_ReturnsAuthorizationId() { Mock <IPaymentRepository> mockRepository = GetMockRepository(); Mock <HttpMessageHandler> mockHttpHandler = GetHttpHandlerMock("{success: true}"); AuthorizationInput input = new AuthorizationInput { Card = new CreditCard { CardNumber = "124142112411241" }, Amount = 5.00M, Currency = "GBP" }; PaymentService service = GetService(mockRepository, mockHttpHandler); AuthorizationOutput output = service.AuthorizeTransaction(input).Result; Assert.IsNotNull(output.AuthorizationId); }
public async Task Invoke(HttpContext context, IOptions <EndPointOptions> endpointOptions) { if (context.User.Identity.IsAuthenticated) { try { if (!AuthenticationHeaderValue.TryParse(context.Request.Headers[HeaderNames.Authorization], out AuthenticationHeaderValue authHeader)) { var accessToken = context.User.FindFirst("access_token")?.Value; if (!string.IsNullOrEmpty(accessToken)) { authHeader = AuthenticationHeaderValue.Parse($"Bearer {accessToken}"); } } AuthorizationOutput authorizationOutput = await this._authorizationService.ValidateAsync(authHeader); } catch (Exception e) { var refreshToken = context.User.FindFirst("refresh_token")?.Value; using (var client = new HttpClient()) { var response = await client.RequestRefreshTokenAsync(new RefreshTokenRequest { Address = endpointOptions.Value.TokenEndpoint, ClientId = endpointOptions.Value.ClientId, ClientSecret = endpointOptions.Value.ClientSecret, RefreshToken = refreshToken }); var claim = (ClaimsIdentity)context.User.Identity; claim.UpdateClaim(new Claim("access_token", response.AccessToken)); claim.UpdateClaim(new Claim("refresh_token", response.RefreshToken)); claim.UpdateClaim(new Claim("expires_in", response.ExpiresIn.ToString())); } } } await this._next.Invoke(context); }
public async Task <AuthorizationOutput> AuthorizeTransaction(AuthorizationInput authorizationInput) { //Check card number is valid bool validCreditCardNumber = CardNumberIsValid(authorizationInput, out string cardNumber); if (!validCreditCardNumber) { AuthorizationOutput authorizationOutput = GetFailedAuthorizationOuput("Invalid credit card"); return(authorizationOutput); } authorizationInput.Card.CardNumber = cardNumber; //Authorize transaction with bank BankAuthorizationResponse bankAuthorization = await GetAuthorizationFromBank(authorizationInput); if (bankAuthorization.authorizedAmount == 0) { string error = "Failed to authorize"; AuthorizationOutput failedAuthorizationOutput = GetFailedAuthorizationOuput(error); return(failedAuthorizationOutput); } //Add authorization to the database Transaction transaction = await _paymentRepository.GetAuthorization(authorizationInput.Amount, authorizationInput.Currency, bankAuthorization.id); AuthorizationOutput output = new AuthorizationOutput { AuthorizationId = transaction.Id, TransactionOutput = new TransactionOutput { AmountAvailable = bankAuthorization.authorizedAmount, Currency = authorizationInput.Currency, Error = null, Success = true } }; return(output); }
public void AuthorizeTransaction_ServiceReturnsInvalid_ReturnsErrorMessage() { Mock <IPaymentRepository> mockRepository = GetMockRepository(); Mock <HttpMessageHandler> mockHttpHandler = GetHttpHandlerMock("{success: false}"); AuthorizationInput input = new AuthorizationInput { Card = new CreditCard { CardNumber = "1412411114124111", ExpiryYear = 2000 }, Amount = 5.00M, Currency = "GBP" }; PaymentService service = GetService(mockRepository, mockHttpHandler); AuthorizationOutput output = service.AuthorizeTransaction(input).Result; Assert.IsNotNull(output.TransactionOutput.Error); Assert.IsTrue(output.TransactionOutput.Error.Length > 0); }