private TokenParams MergeTokenParamsWithDefaults(TokenParams tokenParams)
{
TokenParams @params = tokenParams?.Merge(CurrentTokenParams);
if (@params == null)
{
@params = CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
@params.ClientId = ClientId; //Ensure the correct clientId is supplied
}
return(@params);
}
/// <summary>
/// Ensure valid auth credentials are present. This may rely in an already-known
/// and valid token, and will obtain a new token if necessary or explicitly
/// requested.
/// Authorisation will use the parameters supplied on construction except
/// where overridden with the options supplied in the call.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/> custom parameter. Pass null and default token request options will be generated used the options passed when creating the client</param>
/// <param name="authOptions"><see cref="AuthOptions"/> custom options.</param>
/// <returns>Returns a valid token</returns>
/// <exception cref="AblyException">Throws an ably exception representing the server response</exception>
public async Task <TokenDetails> AuthorizeAsync(TokenParams tokenParams = null, AuthOptions authOptions = null)
{
// RSA10j - TokenParams and AuthOptions supersede any previously client library configured TokenParams and AuthOptions
authOptions = authOptions ?? CurrentAuthOptions ?? Options;
SetCurrentAuthOptions(authOptions);
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
SetCurrentTokenParams(tokenParams);
CurrentToken = await RequestTokenAsync(tokenParams, authOptions);
AuthMethod = AuthMethod.Token;
var eventArgs = new AblyAuthUpdatedEventArgs(CurrentToken);
AuthUpdated?.Invoke(this, eventArgs);
// RTC8a3
await AuthorizeCompleted(eventArgs);
return(CurrentToken);
}
/// <summary>
/// Create a signed token request based on known credentials
/// and the given token params. This would typically be used if creating
/// signed requests for submission by another client.
/// </summary>
/// <param name="tokenParams"><see cref="TokenParams"/>. If null a token request is generated from options passed when the client was created.</param>
/// <param name="authOptions"><see cref="AuthOptions"/>. If null the default AuthOptions are used.</param>
/// <returns></returns>
public async Task <string> CreateTokenRequestAsync(TokenParams tokenParams, AuthOptions authOptions)
{
authOptions = authOptions ?? CurrentAuthOptions ?? Options;
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
if (string.IsNullOrEmpty(authOptions.Key))
{
throw new AblyException("No key specified", 40101, HttpStatusCode.Unauthorized);
}
await SetTokenParamsTimestamp(authOptions, tokenParams);
if (authOptions.QueryTime.GetValueOrDefault(false))
{
tokenParams.Timestamp = await _rest.TimeAsync();
}
var apiKey = authOptions.ParseKey();
var request = new TokenRequest(Now).Populate(tokenParams, apiKey.KeyName, apiKey.KeySecret);
return(JsonHelper.Serialize(request));
}
/// <summary>
/// Makes a token request. This will make a token request now, even if the library already
/// has a valid token. It would typically be used to issue tokens for use by other clients.
/// </summary>
/// <param name="tokenParams">The <see cref="TokenRequest"/> data used for the token</param>
/// <param name="authOptions">Extra <see cref="AuthOptions"/> used for creating a token </param>
/// <returns>A valid ably token</returns>
/// <exception cref="AblyException"></exception>
public virtual async Task <TokenDetails> RequestTokenAsync(TokenParams tokenParams = null, AuthOptions authOptions = null)
{
EnsureSecureConnection();
// (RSA8e)
authOptions = authOptions ?? CurrentAuthOptions ?? Options ?? new AuthOptions();
tokenParams = tokenParams ?? CurrentTokenParams ?? TokenParams.WithDefaultsApplied();
string keyId = string.Empty, keyValue = string.Empty;
if (authOptions.Key.IsNotEmpty())
{
var key = authOptions.ParseKey();
keyId = key.KeyName;
keyValue = key.KeySecret;
}
if (tokenParams.ClientId.IsEmpty())
{
tokenParams.ClientId = ClientId;
}
await SetTokenParamsTimestamp(authOptions, tokenParams);
var request = _rest.CreatePostRequest($"/keys/{keyId}/requestToken");
request.SkipAuthentication = true;
TokenRequest postData = null;
if (authOptions.AuthCallback != null)
{
bool shouldCatch = true;
try
{
var callbackResult = await authOptions.AuthCallback(tokenParams);
if (callbackResult == null)
{
throw new AblyException("AuthCallback returned null", 80019);
}
if (callbackResult is TokenDetails)
{
return(callbackResult as TokenDetails);
}
if (callbackResult is TokenRequest || callbackResult is string)
{
postData = GetTokenRequest(callbackResult);
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
else
{
shouldCatch = false;
throw new AblyException($"AuthCallback returned an unsupported type ({callbackResult.GetType()}. Expected either TokenDetails or TokenRequest", 80019, HttpStatusCode.BadRequest);
}
}
catch (Exception ex) when(shouldCatch)
{
var statusCode = HttpStatusCode.Unauthorized;
if (ex is AblyException aex)
{
statusCode = aex.ErrorInfo.StatusCode == HttpStatusCode.Forbidden
? HttpStatusCode.Forbidden
: HttpStatusCode.Unauthorized;
}
throw new AblyException(
new ErrorInfo(
"Error calling AuthCallback, token request failed. See inner exception for details.",
80019,
statusCode), ex);
}
}
else if (authOptions.AuthUrl.IsNotEmpty())
{
var responseText = String.Empty;
try
{
var response = await CallAuthUrl(authOptions, tokenParams);
if (response.Type == ResponseType.Text || response.Type == ResponseType.Jwt)
{
// RSC8c:
// The token retrieved is assumed by the library to be a token string
// if the response has Content-Type "text/plain" or "application/jwt"
return(new TokenDetails(response.TextResponse, Now));
}
responseText = response.TextResponse;
var jData = JObject.Parse(responseText);
if (TokenDetails.IsToken(jData))
{
return(JsonHelper.DeserializeObject <TokenDetails>(jData));
}
postData = JsonHelper.Deserialize <TokenRequest>(responseText);
request.Url = $"/keys/{postData.KeyName}/requestToken";
}
catch (AblyException ex)
{
throw new AblyException(
new ErrorInfo(
"Error calling Auth URL, token request failed. See the InnerException property for details of the underlying exception.",
80019,
ex.ErrorInfo.StatusCode == HttpStatusCode.Forbidden
? ex.ErrorInfo.StatusCode
: HttpStatusCode.Unauthorized,
ex),
ex);
}
catch (Exception ex)
{
string reason =
"Error handling Auth URL, token request failed. See the InnerException property for details of the underlying exception.";
if (ex is JsonReaderException)
{
reason =
$"Error parsing JSON response '{responseText}' from Auth URL.See the InnerException property for details of the underlying exception.";
}
throw new AblyException(
new ErrorInfo(
reason,
80019,
HttpStatusCode.InternalServerError,
ex),
ex);
}
}
else
{
if (keyId.IsEmpty() || keyValue.IsEmpty())
{
throw new AblyException("TokenAuth is on but there is no way to generate one", 80019);
}
postData = new TokenRequest(Now).Populate(tokenParams, keyId, keyValue);
}
request.PostData = postData;
TokenDetails result = await _rest.ExecuteRequest <TokenDetails>(request);
if (result == null)
{
throw new AblyException("Invalid token response returned", 80019);
}
//TODO: Very ugly stuff
result.Now = Now;
return(result);
}
