protected AuthenticateResult HandleAuthenticateSync()
{
if (!Request.Headers.TryGetValue("Authorization", out var headerRow))
{
return(AuthenticateResult.NoResult());
}
if (!AuthenticationHeaderValue.TryParse(headerRow.ToString(), out var header))
{
return(AuthenticateResult.NoResult());
}
if (header.Scheme != "TelegramWidget")
{
return(AuthenticateResult.NoResult());
}
byte[] infoInBase64;
try
{
infoInBase64 = Convert.FromBase64String(header.Parameter);
}
catch
{
return(AuthenticateResult.Fail($"invalid base64 content"));
}
var jsonParam = Encoding.UTF8.GetString(infoInBase64);
TelegramUserInfo userInfo;
try
{
userInfo = JsonSerializer.Deserialize <TelegramUserInfo>(jsonParam);
}
catch
{
return(AuthenticateResult.Fail($"invalid json content in base64 string"));
}
var loginWidget = new LoginWidget(telegramBotOptions.Value.AccessToken)
{
AllowedTimeOffset = (long)TimeSpan.FromDays(10).TotalSeconds
};
var userInfoAsDictionary = ReadUserInfoAsDictionary(userInfo);
var authResult = loginWidget.CheckAuthorization(userInfoAsDictionary);
if (authResult != Authorization.Valid)
{
return(AuthenticateResult.Fail($"Incorrect telegram info: {authResult}"));
}
var tgIdentity = TelegramWidgetClaimsIdentityGenerator.GetIdentityForUserInfo(userInfo);
var internalPrincipal = internalClaimsIdentityGenerator.Generate(userInfo);
var principal = new ClaimsPrincipal(new ClaimsIdentity[] { tgIdentity, internalPrincipal });
return(AuthenticateResult.Success(new AuthenticationTicket(principal, AuthenticationSchemeConstants.TelegramWidgetAuthenticationScheme)));
}
private async Task <ClaimsPrincipal> GetPrincipal()
{
var version = await localStorage.GetItemAsync <string>("version");
var correctVersion = configuration.GetSection("Version").Value;
if (version != correctVersion)
{
await localStorage.ClearAsync();
await localStorage.SetItemAsync(nameof(version), correctVersion);
}
try
{
var telegramUserInfo = await localStorage.GetItemAsync <TelegramUserInfo>("telegramUserInfo");
if (telegramUserInfo == null)
{
Console.WriteLine("no user info");
return(new ClaimsPrincipal());
}
else
{
var(success, claims) = await TryGetInternalClaims(telegramUserInfo);
if (success)
{
var tgIdentity = TelegramWidgetClaimsIdentityGenerator.GetIdentityForUserInfo(telegramUserInfo);
var internalIdentity = new ClaimsIdentity(claims, InternalClaimConstants.IDENTITY_AUTH_TYPE);
return(new ClaimsPrincipal(new ClaimsIdentity[] { tgIdentity, internalIdentity }));
}
else
{
Console.WriteLine("can't login");
return(new ClaimsPrincipal());
}
}
}
catch (Exception ex)
{
Console.WriteLine("exception");
Console.WriteLine(ex);
return(new ClaimsPrincipal());
}
}
