/// <inheritdoc/> public StartAuthenticationResponse StartAuthentication(string clientId, string authorizeUrl, string redirectUrl, string state, string nonce, string encryptedMsisdn, SupportedVersions versions, AuthenticationOptions options) { Validate.RejectNullOrEmpty(clientId, "clientId"); Validate.RejectNullOrEmpty(authorizeUrl, "authorizeUrl"); Validate.RejectNullOrEmpty(redirectUrl, "redirectUrl"); Validate.RejectNullOrEmpty(state, "state"); Validate.RejectNullOrEmpty(nonce, "nonce"); options = options ?? new AuthenticationOptions(); options.Scope = options.Scope ?? ""; bool shouldUseAuthorize = ShouldUseAuthorize(options); if (shouldUseAuthorize) { Validate.RejectNullOrEmpty(options.Context, "options.Context"); Validate.RejectNullOrEmpty(options.ClientName, "options.ClientName"); } options.State = state; options.Nonce = nonce; options.LoginHintToken = options.LoginHintToken; if (options.LoginHintToken == null) { options.LoginHint = options.LoginHint ?? LoginHint.GenerateForEncryptedMsisdn(encryptedMsisdn); } options.RedirectUrl = redirectUrl; options.ClientId = clientId; string version; string coercedScope = CoerceAuthenticationScope(options.Scope, versions, shouldUseAuthorize, out version); Log.Info(() => $"scope={options.Scope} => coercedScope={coercedScope}"); options.Scope = coercedScope; UriBuilder build = new UriBuilder(authorizeUrl); build.AddQueryParams(GetAuthenticationQueryParams(options, shouldUseAuthorize, version)); Log.Info(() => $"Authentication URI={build.Uri.AbsoluteUri}"); return(new StartAuthenticationResponse() { Url = build.Uri.AbsoluteUri }); }
/// <inheritdoc/> public StartAuthenticationResponse StartAuthentication(string clientId, string authorizeUrl, string redirectUrl, string state, string nonce, string encryptedMsisdn, SupportedVersions versions, AuthenticationOptions options, string currentVersion) { Validate.RejectNullOrEmpty(clientId, "clientId"); Validate.RejectNullOrEmpty(authorizeUrl, "authorizeUrl"); Validate.RejectNullOrEmpty(redirectUrl, "redirectUrl"); Validate.RejectNullOrEmpty(state, "state"); Validate.RejectNullOrEmpty(nonce, "nonce"); options = options ?? new AuthenticationOptions(); options.Scope = options.Scope ?? ""; bool shouldUseAuthorize = options.Scope.ToLower().Equals(Constants.Scope.AUTHZ.ToLower()); if (shouldUseAuthorize) { Validate.RejectNullOrEmpty(options.Context, "options.Context"); Validate.RejectNullOrEmpty(options.ClientName, "options.ClientName"); Validate.RejectNullOrEmpty(options.BindingMessage, "options.BindingMessage"); } if (options != null) { KYCClaimsParameter kycClaims = options.KycClaims; if (kycClaims != null) { bool isNamePresent = false; bool isAddressPresent = false; if (currentVersion.Equals(DefaultOptions.V2_3) && options.Scope.Contains(Constants.Scope.KYCPLAIN)) { isNamePresent = StringUtils.requireNonEmpty("name || given_name and family_name", kycClaims.Name, kycClaims.GivenName, kycClaims.FamilyName); isAddressPresent = StringUtils.requireNonEmpty( "address || houseno_or_housename, postal_code, country, town", kycClaims.Address, kycClaims.HousenoOrHouseName, kycClaims.PostalCode, kycClaims.Country, kycClaims.Town); } if (currentVersion.Equals(DefaultOptions.V2_3) && options.Scope.Contains(Constants.Scope.KYCHASHED)) { isNamePresent = StringUtils.requireNonEmpty("name_hashed || given_name_hashed and family_name_hashed", kycClaims.NameHashed, kycClaims.GivenNameHashed, kycClaims.FamilyNameHashed); isAddressPresent = StringUtils.requireNonEmpty( "address_hashed || houseno_or_housename_hashed, postal_code_hashed, country_hashed, town_hashed", kycClaims.AddressHashed, kycClaims.HousenoOrHouseNameHashed, kycClaims.PostalCodeHashed, kycClaims.CountryHashed, kycClaims.TownHashed); } if ((isNamePresent & !isAddressPresent) | (!isNamePresent & isAddressPresent)) { throw new MobileConnectInvalidArgumentException("(split|concatenated, plain|hashed) name or address is empty"); } } } options.State = state; options.Nonce = nonce; if (options.LoginHintToken == null) { options.LoginHint = options.LoginHint ?? LoginHint.GenerateForEncryptedMsisdn(encryptedMsisdn); } options.RedirectUrl = redirectUrl; options.ClientId = clientId; UriBuilder build = new UriBuilder(authorizeUrl); build.AddQueryParams(GetAuthenticationQueryParams(options, shouldUseAuthorize, options.Version)); Log.Info(() => $"Authentication URI={build.Uri.AbsoluteUri}"); return(new StartAuthenticationResponse() { Url = build.Uri.AbsoluteUri }); }