/// <summary>
/// Gets the Kore API bearer token from the cookie, refreshes if needed and stores as identity claim
/// </summary>
/// <remarks>
/// First step is to check the cookie from the request, then:
///
/// * If there is a player token then check if it needs to be refreshed
///
/// * If there is a public brand token then check if it has expired and get a new one
///
/// * If there is no token then get a new public brand token
///
/// Finally, store the token as an identity claim
/// </remarks>
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
KoreAuthToken token = null;
HttpRequest httpRequest = context.HttpContext.Request;
string returnUrl = ReturnUrlActionFilter.GetReturnUrl(httpRequest);
if (httpRequest.Cookies[KoreAuthCookieKey] != null)
{
token = JsonConvert.DeserializeObject <KoreAuthToken>(httpRequest.Cookies[KoreAuthCookieKey], new JsonSerializerSettings()
{
DateTimeZoneHandling = DateTimeZoneHandling.Utc
});
if (token.Expiration <= DateTime.UtcNow && token.GrantType == KoreAuthToken.Player)
{
token = null;
}
}
// get a new public brand token
if (token == null)
{
token = await _koreApiAuthService.GetPublicBrandTokenAsync(returnUrl, _koreOptions.Brand, _koreOptions.Locale);
}
_koreClaims.AddTokenToIdentityClaims(token, context.HttpContext.User);
}
private HttpClient GetClient(KoreAuthToken token, string returnUrl)
{
var client = _httpClientFactory.CreateClient();
client.DefaultRequestHeaders.Clear();
client.DefaultRequestHeaders.Add("X-Kore-ReturnUrl", returnUrl);
client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", token.Value);
return(client);
}
/// <summary>
/// Gets the user claims and saves this to the cookie
/// </summary>
public void OnResultExecuting(ResultExecutingContext context)
{
//set the cookie in here
if (!context.HttpContext.User.HasClaim(cl => cl.Type == "TokenType"))
{
throw new NullReferenceException("Token not set");
}
SetCookie(context.HttpContext.Response, KoreAuthToken.GetAuthTokenFromClaims(context.HttpContext.User));
}
public async Task <KoreGame> GetGameAsync(KoreAuthToken token, string gameUrl, string returnUrl)
{
var client = GetClient(token, returnUrl);
var response = await client.GetAsync(gameUrl);
await CheckResponseForErrorAsync(response);
var data = await response.Content.ReadAsStringAsync();
var game = JsonConvert.DeserializeObject <KoreGame>(data);
return(game);
}
public async Task <List <KoreGame> > GetGamesAsync(KoreAuthToken token, string returnUrl)
{
var client = GetClient(token, returnUrl);
var fullUrl = new Uri(_koreOptions.BaseUrl, "games");
var response = await client.GetAsync(fullUrl.ToString());
await CheckResponseForErrorAsync(response);
var data = response.Content.ReadAsStringAsync().Result;
var games = JsonConvert.DeserializeObject <KoreGames>(data);
return(games.Games);
}
public async Task <List <KoreGame> > GetGamesAsync(KoreAuthToken token, string returnUrl)
{
var client = GetClient(token, returnUrl);
var fullUrl = new Uri(_koreOptions.BaseUrl, "games");
var response = await client.GetAsync(fullUrl.ToString());
await CheckResponseForErrorAsync(response);
var data = response.Content.ReadAsStringAsync();
var games = JsonConvert.DeserializeObject <KoreGames>(data.Result);
var sortedGames = games.Games.OrderBy(g => g.Category).OrderBy(g => g.Platform).OrderBy(g => g.Name).ToList();
return(sortedGames);
}
public async Task <KoreUserLinks> GetUserLinksAsync(KoreAuthToken token, string returnUrl)
{
var client = GetClient(token, returnUrl);
var fullUrl = new Uri(_koreOptions.BaseUrl, "users");
var response = await client.GetAsync(fullUrl.ToString());
await CheckResponseForErrorAsync(response);
var data = await response.Content.ReadAsStringAsync();
var links = JsonConvert.DeserializeObject <KoreUserLinks>(data);
return(links);
}
protected void SetCookie(HttpResponse httpResponse, KoreAuthToken token)
{
var options = new CookieOptions
{
HttpOnly = true,
IsEssential = true,
SameSite = SameSiteMode.Lax
};
var json = JsonConvert.SerializeObject(token, new JsonSerializerSettings()
{
DateTimeZoneHandling = DateTimeZoneHandling.Utc
});
httpResponse.Cookies.Append(KoreAuthCookieKey, json, options);
}
public void AddTokenToIdentityClaims(KoreAuthToken token, ClaimsPrincipal user)
{
var identity = user.Identity as ClaimsIdentity;
// if for any reason the same token already exists as a claim then exit
if (identity.HasClaim(cl => cl.Type == "Value" && cl.Value == token.Value))
{
return;
}
var claims = new List <Claim>();
claims.Add(new Claim("TokenType", token.TokenType));
claims.Add(new Claim("GrantType", token.GrantType));
claims.Add(new Claim("Value", token.Value));
claims.Add(new Claim("Expiration", token.Expiration.ToString()));
claims.Add(new Claim("TrackingId", token.TrackingId ?? string.Empty));
Claim role;
if (token.GrantType == KoreAuthToken.BrandPublic)
{
role = new Claim(ClaimTypes.Role, "public");
}
else
{
role = new Claim(ClaimTypes.Role, "player");
}
claims.Add(role);
// remove any existing claims
foreach (Claim claim in claims)
{
if (identity.HasClaim(cl => cl.Type == claim.Type))
{
Claim removeClaim = identity.FindFirst(cl => cl.Type == claim.Type);
identity.RemoveClaim(removeClaim);
}
}
identity.AddClaims(claims);
}
public KoreAuthToken GetAuthToken()
{
return(KoreAuthToken.GetAuthTokenFromClaims(User));
}