public async Task <Bitmap> Handle(string id, string claimName, CancellationToken cancellationToken)
{
OAuthUser user;
if (!string.IsNullOrWhiteSpace(claimName))
{
user = await _oauthUserRepository.FindOAuthUserByClaim(claimName, id, cancellationToken);
}
else
{
user = await _oauthUserRepository.FindOAuthUserByLogin(id, cancellationToken);
}
if (user == null)
{
_logger.LogError($"the user '{id}' doesn't exist");
throw new OAuthUserNotFoundException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.UNKNOWN_USER, id));
}
var alg = Enum.GetName(typeof(OTPAlgs), _options.OTPAlg).ToLowerInvariant();
var url = $"otpauth://{alg}/{_options.OTPIssuer}:{user.Id}?secret={user.OTPKey}&issuer={_options.OTPIssuer}";
if (_options.OTPAlg == OTPAlgs.HOTP)
{
url = $"{url}&counter={user.OTPCounter}";
}
var qrGenerator = new QRCodeGenerator();
var qrCodeData = qrGenerator.CreateQrCode(url, QRCodeGenerator.ECCLevel.Q);
var qrCode = new QRCode(qrCodeData);
return(qrCode.GetGraphic(20));
}
public async Task <long> Handle(string id, string claimName, CancellationToken cancellationToken)
{
Domains.OAuthUser user;
if (!string.IsNullOrWhiteSpace(claimName))
{
user = await _oauthUserRepository.FindOAuthUserByClaim(claimName, id, cancellationToken);
}
else
{
user = await _oauthUserRepository.FindOAuthUserByLogin(id, cancellationToken);
}
if (user == null)
{
_logger.LogError($"the user '{id}' doesn't exist");
throw new OAuthUserNotFoundException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.UNKNOWN_USER, id));
}
var authenticator = _otpAuthenticators.First(o => o.Alg == _options.OTPAlg);
var otp = authenticator.GenerateOtp(user);
if (_options.OTPAlg == Domains.OTPAlgs.HOTP)
{
user.IncrementCounter();
await _oauthUserRepository.Update(user, cancellationToken);
await _oauthUserRepository.SaveChanges(cancellationToken);
}
_logger.LogInformation($"OTP {otp} has been generated");
return(otp);
}
public async Task <OAuthUser> Authenticate(string phoneNumber, long code, CancellationToken cancellationToken)
{
var user = await _oauthUserRepository.FindOAuthUserByClaim(Jwt.Constants.UserClaims.PhoneNumber, phoneNumber, cancellationToken);
if (user == null)
{
throw new BaseUIException(Exceptions.ErrorCodes.UNKNOWN_PHONENUMBER);
}
var otpAuthenticator = GetOTPAuthenticator();
if (!otpAuthenticator.Verify(code, user))
{
throw new BaseUIException(Exceptions.ErrorCodes.INVALID_CONFIRMATIONCODE);
}
return(user);
}
private async Task <OAuthUser> CheckLoginHint(HandlerContext context, CancellationToken cancellationToken)
{
var loginHint = context.Request.RequestData.GetLoginHintFromAuthorizationRequest();
if (!string.IsNullOrEmpty(loginHint))
{
var user = await _oauthUserRepository.FindOAuthUserByClaim(Jwt.Constants.UserClaims.Subject, loginHint, cancellationToken);
if (user == null)
{
throw new OAuthException(ErrorCodes.UNKNOWN_USER_ID, string.Format(ErrorMessages.UNKNOWN_USER, loginHint));
}
return(user);
}
return(null);
}
public async Task <JObject> Handle(string scimId, CancellationToken cancellationToken)
{
var user = await _oauthUserRepository.FindOAuthUserByClaim(SimpleIdServer.Jwt.Constants.UserClaims.ScimId, scimId, cancellationToken);
if (user == null)
{
_logger.LogError($"the user '{scimId}' doesn't exist");
throw new OAuthUserNotFoundException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.UNKNOWN_USER, scimId));
}
return(ToDto(user));
}
public virtual async Task <bool> Handle(string scimId, JObject jObj, CancellationToken cancellationToken)
{
var user = await _oauthUserRepository.FindOAuthUserByClaim(SimpleIdServer.Jwt.Constants.UserClaims.ScimId, scimId, cancellationToken);
if (user == null)
{
_logger.LogError($"the user '{scimId}' doesn't exist");
throw new OAuthUserNotFoundException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.UNKNOWN_USER, scimId));
}
UpdateUser(jObj, user);
await _oauthUserRepository.Update(user, cancellationToken);
await _oauthUserRepository.SaveChanges(cancellationToken);
_logger.LogInformation($"the user '{scimId}' has been updated");
return(true);
}
protected virtual async Task <OAuthUser> CheckHint(JwsPayload jwsPayload, CancellationToken cancellationToken)
{
var exp = jwsPayload.GetExpirationTime();
var currentDateTime = DateTime.UtcNow.ConvertToUnixTimestamp();
if (currentDateTime > exp)
{
throw new OAuthException(ErrorCodes.EXPIRED_LOGIN_HINT_TOKEN, ErrorMessages.LOGIN_HINT_TOKEN_IS_EXPIRED);
}
var subject = jwsPayload.GetSub();
var user = await _oauthUserRepository.FindOAuthUserByClaim(Jwt.Constants.UserClaims.Subject, subject, cancellationToken);
if (user == null)
{
throw new OAuthException(ErrorCodes.UNKNOWN_USER_ID, string.Format(ErrorMessages.UNKNOWN_USER, subject));
}
return(user);
}