sec: get links to the backend to initiate the receipt of provider data

2024-12-18 07:23:23 +03:00
parent 182235c4cd
commit 08aeb7ea3c
2 changed files with 49 additions and 18 deletions
--- a/Endpoint/Controllers/V1/AuthController.cs
+++ b/Endpoint/Controllers/V1/AuthController.cs
@ -15,7 +15,9 @@ using Mirea.Api.Security.Common.Domain;
 using Mirea.Api.Security.Services;
 using System;
 using System.Collections.Generic;
+using System.Security.Claims;
 using System.Threading.Tasks;
+using OAuthProvider = Mirea.Api.Security.Common.Domain.OAuthProvider;

 namespace Mirea.Api.Endpoint.Controllers.V1;

@ -30,13 +32,36 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
        };

    /// <summary>
-    /// Gets the list of available OAuth providers with their respective redirect URIs.
+    /// Initiates the OAuth2 authorization process for the selected provider.
    /// </summary>
-    /// <returns>A list of available providers.</returns>
-    [HttpGet("GetAvailableProviders")]
-    public ActionResult<List<AvailableProvidersResponse>> GetUrls() =>
+    /// <remarks>
+    /// This method generates a redirect URL for the selected provider and redirects the user to it.
+    /// </remarks>
+    /// <param name="provider">The identifier of the OAuth provider to authorize with.</param>
+    /// <returns>A redirect to the OAuth provider's authorization URL.</returns>
+    /// <exception cref="ControllerArgumentException">Thrown if the specified provider is not valid.</exception>
+    [HttpGet("AuthorizeOAuth2")]
+    [MaintenanceModeIgnore]
+    public ActionResult AuthorizeOAuth2([FromQuery] int provider)
+    {
+        if (!Enum.IsDefined(typeof(OAuthProvider), provider))
+            throw new ControllerArgumentException("There is no selected provider");
+
+        return Redirect(oAuthService.GetProviderRedirect(HttpContext, GetCookieParams(), HttpContext.GetApiUrl(Url.Action("OAuth2")!), (OAuthProvider)provider).AbsoluteUri);
+    }
+
+    /// <summary>
+    /// Retrieves a list of available OAuth providers with their corresponding authorization URLs.
+    /// </summary>
+    /// <remarks>
+    /// This allows the client to fetch all possible OAuth options and the URLs required to initiate authorization.
+    /// </remarks>
+    /// <returns>A list of available providers and their redirect URLs.</returns>
+    [HttpGet("AvailableProviders")]
+    [MaintenanceModeIgnore]
+    public ActionResult<List<AvailableOAuthProvidersResponse>> AvailableProviders() =>
        Ok(oAuthService
-            .GetAvailableProviders(HttpContext, GetCookieParams(), HttpContext.GetApiUrl(Url.Action("OAuth2")!))
+            .GetAvailableProviders(HttpContext, HttpContext.GetApiUrl(Url.Action("AuthorizeOAuth2")!))
            .ConvertToDto());

    /// <summary>