sec: get links to the backend to initiate the receipt of provider data
This commit is contained in:
parent
182235c4cd
commit
08aeb7ea3c
@ -15,7 +15,9 @@ using Mirea.Api.Security.Common.Domain;
|
|||||||
using Mirea.Api.Security.Services;
|
using Mirea.Api.Security.Services;
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using OAuthProvider = Mirea.Api.Security.Common.Domain.OAuthProvider;
|
||||||
|
|
||||||
namespace Mirea.Api.Endpoint.Controllers.V1;
|
namespace Mirea.Api.Endpoint.Controllers.V1;
|
||||||
|
|
||||||
@ -30,13 +32,36 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
|
|||||||
};
|
};
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets the list of available OAuth providers with their respective redirect URIs.
|
/// Initiates the OAuth2 authorization process for the selected provider.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <returns>A list of available providers.</returns>
|
/// <remarks>
|
||||||
[HttpGet("GetAvailableProviders")]
|
/// This method generates a redirect URL for the selected provider and redirects the user to it.
|
||||||
public ActionResult<List<AvailableProvidersResponse>> GetUrls() =>
|
/// </remarks>
|
||||||
|
/// <param name="provider">The identifier of the OAuth provider to authorize with.</param>
|
||||||
|
/// <returns>A redirect to the OAuth provider's authorization URL.</returns>
|
||||||
|
/// <exception cref="ControllerArgumentException">Thrown if the specified provider is not valid.</exception>
|
||||||
|
[HttpGet("AuthorizeOAuth2")]
|
||||||
|
[MaintenanceModeIgnore]
|
||||||
|
public ActionResult AuthorizeOAuth2([FromQuery] int provider)
|
||||||
|
{
|
||||||
|
if (!Enum.IsDefined(typeof(OAuthProvider), provider))
|
||||||
|
throw new ControllerArgumentException("There is no selected provider");
|
||||||
|
|
||||||
|
return Redirect(oAuthService.GetProviderRedirect(HttpContext, GetCookieParams(), HttpContext.GetApiUrl(Url.Action("OAuth2")!), (OAuthProvider)provider).AbsoluteUri);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Retrieves a list of available OAuth providers with their corresponding authorization URLs.
|
||||||
|
/// </summary>
|
||||||
|
/// <remarks>
|
||||||
|
/// This allows the client to fetch all possible OAuth options and the URLs required to initiate authorization.
|
||||||
|
/// </remarks>
|
||||||
|
/// <returns>A list of available providers and their redirect URLs.</returns>
|
||||||
|
[HttpGet("AvailableProviders")]
|
||||||
|
[MaintenanceModeIgnore]
|
||||||
|
public ActionResult<List<AvailableOAuthProvidersResponse>> AvailableProviders() =>
|
||||||
Ok(oAuthService
|
Ok(oAuthService
|
||||||
.GetAvailableProviders(HttpContext, GetCookieParams(), HttpContext.GetApiUrl(Url.Action("OAuth2")!))
|
.GetAvailableProviders(HttpContext, HttpContext.GetApiUrl(Url.Action("AuthorizeOAuth2")!))
|
||||||
.ConvertToDto());
|
.ConvertToDto());
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|||||||
@ -97,20 +97,26 @@ public class OAuthService(ILogger<OAuthService> logger, Dictionary<OAuthProvider
|
|||||||
return userInfo?.MapToInternalUser();
|
return userInfo?.MapToInternalUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
public (OAuthProvider Provider, Uri Redirect)[] GetAvailableProviders(HttpContext context, CookieOptionsParameters cookieOptions, string redirectUrl)
|
|
||||||
{
|
|
||||||
var redirectUri = "?client_id={0}" +
|
|
||||||
"&response_type=code" +
|
|
||||||
$"&redirect_uri={redirectUrl}" +
|
|
||||||
"&scope={1}" +
|
|
||||||
$"&state={new RequestContextInfo(context, cookieOptions).Fingerprint}_{{2}}";
|
|
||||||
|
|
||||||
return providers.Select(x => (x.Key, new Uri(ProviderData[x.Key].RedirectUrl.TrimEnd('/') +
|
public Uri GetProviderRedirect(HttpContext context, CookieOptionsParameters cookieOptions, string redirectUri, OAuthProvider provider)
|
||||||
string.Format(redirectUri,
|
{
|
||||||
x.Value.ClientId,
|
var providerData = providers[provider];
|
||||||
ProviderData[x.Key].Scope,
|
|
||||||
Enum.GetName(x.Key))))
|
var redirectUrl = $"?client_id={providerData.ClientId}" +
|
||||||
).ToArray();
|
"&response_type=code" +
|
||||||
|
$"&redirect_uri={redirectUri}" +
|
||||||
|
$"&scope={ProviderData[provider].Scope}" +
|
||||||
|
$"&state={new RequestContextInfo(context, cookieOptions).Fingerprint}_{Enum.GetName(provider)}";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
return new Uri(ProviderData[provider].RedirectUrl + redirectUrl);
|
||||||
|
}
|
||||||
|
|
||||||
|
public (OAuthProvider Provider, Uri Redirect)[] GetAvailableProviders(HttpContext context, string redirectUri)
|
||||||
|
{
|
||||||
|
return providers.Select(x => (x.Key, new Uri(redirectUri.TrimEnd('/') + "/?provider=" + (int)x.Key)))
|
||||||
|
.ToArray();
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<(OAuthProvider provider, OAuthUser User)> LoginOAuth(HttpContext context, CookieOptionsParameters cookieOptions, string redirectUrl, string code, string state, CancellationToken cancellation = default)
|
public async Task<(OAuthProvider provider, OAuthUser User)> LoginOAuth(HttpContext context, CookieOptionsParameters cookieOptions, string redirectUrl, string code, string state, CancellationToken cancellation = default)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user